it-team/lmn-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Setup fine tuning and app installation.

Browse source
This commit is contained in:
Andreas B. Mundt 2020-01-14 21:09:24 +01:00
parent 23605d6962
commit e069171539
4 changed files with 84 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
roles/nextcloud/files/htaccess Normal file
View file

@ -0,0 +1,8 @@
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^\.well-known/host-meta /nextcloud/public.php?service=host-meta [QSA,L]
RewriteRule ^\.well-known/host-meta\.json /nextcloud/public.php?service=host-meta-json [QSA,L]
RewriteRule ^\.well-known/webfinger /nextcloud/public.php?service=webfinger [QSA,L]
RewriteRule ^\.well-known/carddav /nextcloud/remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav /nextcloud/remote.php/dav/ [R=301,L]
</IfModule>

18
roles/nextcloud/files/krb5-nextcloud.conf
View file

@ -17,11 +17,19 @@ Alias /nextcloud "/var/www/nextcloud/"
Options FollowSymlinks MultiViews Options FollowSymlinks MultiViews
AllowOverride All AllowOverride All
<IfModule mod_dav.c> <IfModule mod_dav.c>
Dav off Dav off
</IfModule> </IfModule>
SetEnv HOME /var/www/nextcloud SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud SetEnv HTTP_HOME /var/www/nextcloud
</Directory> </Directory>
<Directory /var/www/html>
AllowOverride FileInfo
</Directory>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>

18
roles/nextcloud/files/nextcloud.conf
View file

@ -5,11 +5,19 @@ Alias /nextcloud "/var/www/nextcloud/"
Options FollowSymlinks MultiViews Options FollowSymlinks MultiViews
AllowOverride All AllowOverride All
<IfModule mod_dav.c> <IfModule mod_dav.c>
Dav off Dav off
</IfModule> </IfModule>
SetEnv HOME /var/www/nextcloud SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud SetEnv HTTP_HOME /var/www/nextcloud
</Directory> </Directory>
<Directory /var/www/html>
AllowOverride FileInfo
</Directory>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>

68
roles/nextcloud/tasks/main.yml
View file

@ -35,6 +35,8 @@
with_items: with_items:
- proxy_fcgi - proxy_fcgi
- mpm_event - mpm_event
- rewrite
- headers
- ssl - ssl
- http2 - http2
notify: "restart apache2" notify: "restart apache2"
@ -74,6 +76,11 @@
src: nextcloud.conf src: nextcloud.conf
dest: /etc/apache2/sites-available/nextcloud.conf dest: /etc/apache2/sites-available/nextcloud.conf
- name: provide htaccess file
copy:
src: htaccess
dest: /var/www/html/.htaccess
- name: enable https - name: enable https
command: a2ensite default-ssl.conf command: a2ensite default-ssl.conf
args: args:
@ -86,11 +93,26 @@
creates: /etc/apache2/sites-enabled/nextcloud.conf creates: /etc/apache2/sites-enabled/nextcloud.conf
notify: "restart apache2" notify: "restart apache2"
- name: create a new database with name 'nextcloud' - name: make sure data directory exists
file:
path: "{{ data_dir }}"
state: directory
owner: www-data
group: www-data
recurse: Yes
## install nextcloud:
- name: check if we are installing
stat: path="{{ nc_dir }}"
register: nextcloud
- name: create database with name 'nextcloud'
mysql_db: mysql_db:
login_unix_socket: /var/run/mysqld/mysqld.sock login_unix_socket: /var/run/mysqld/mysqld.sock
name: nextcloud name: nextcloud
state: present state: present
when: not nextcloud.stat.exists
- name: create database user 'nextcloud' - name: create database user 'nextcloud'
mysql_user: mysql_user:
@ -99,10 +121,7 @@
password: "{{ db_nextcloud_pwd }}" password: "{{ db_nextcloud_pwd }}"
priv: 'nextcloud.*:ALL' priv: 'nextcloud.*:ALL'
state: present state: present
when: not nextcloud.stat.exists
- name: check if we are installing
stat: path="{{ nc_dir }}"
register: nextcloud
- name: unpack nextcloud archive - name: unpack nextcloud archive
unarchive: unarchive:
@ -110,15 +129,7 @@
dest: "{{ www_root }}" dest: "{{ www_root }}"
owner: www-data owner: www-data
group: www-data group: www-data
creates: "{{ nc_dir }}" when: not nextcloud.stat.exists
- name: make sure data directory exists
file:
path: "{{ data_dir }}"
state: directory
owner: www-data
group: www-data
recurse: Yes
- name: initialize nextcloud - name: initialize nextcloud
command: command:
@ -133,14 +144,13 @@
--data-dir "{{ data_dir }}" --data-dir "{{ data_dir }}"
args: args:
chdir: "{{ nc_dir }}" chdir: "{{ nc_dir }}"
creates: "{{ nc_dir }}/config/config.php"
no_log: True no_log: True
when: not nextcloud.stat.exists
- name: dump nc-admin password - name: dump nc-admin password
shell: echo -n "{{ nc_admin_pwd }}" > "{{ nc_admin_pwd_file }}" ; chmod 0600 "{{ nc_admin_pwd_file }}" shell: echo -n "{{ nc_admin_pwd }}" > "{{ nc_admin_pwd_file }}" ; chmod 0600 "{{ nc_admin_pwd_file }}"
no_log: True no_log: True
args: when: not nextcloud.stat.exists
creates: "{{ nc_admin_pwd_file }}"
- name: enable APCu memcache - name: enable APCu memcache
command: sudo -u www-data php ./occ config:system:set memcache.local --value='\OC\Memcache\APCu' command: sudo -u www-data php ./occ config:system:set memcache.local --value='\OC\Memcache\APCu'
@ -156,4 +166,26 @@
warn: False warn: False
when: not nextcloud.stat.exists when: not nextcloud.stat.exists
## ToDo: enable apps etc., update
## app installations:
- name: check if calendar app is installed
stat: path="{{ nc_dir }}/apps/calendar"
register: calendar
- name: install calendar app
command: sudo -u www-data php ./occ app:install calendar
args:
chdir: "{{ nc_dir }}"
warn: False
when: not calendar.stat.exists
- name: check if notes app is installed
stat: path="{{ nc_dir }}/apps/notes"
register: notes
- name: install notes app
command: sudo -u www-data php ./occ app:install notes
args:
chdir: "{{ nc_dir }}"
warn: False
when: not notes.stat.exists