You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

163 lines
4.1 KiB

---
- name: apt-get install git
apt:
name: git
state: present
- name: chown debian /srv
file:
path: /srv
owner: debian
- name: git clone https://github.com/nextcloud/docker/
git:
repo: https://github.com/nextcloud/docker/
version: 13.0.2
force: yes
dest: /srv/nextcloud
become: False
- name: cleanup docker leftovers
shell: docker system prune --force
become: False
- name: docker build apache-cron
shell: docker build -t nextcloud:apache-cron .
args:
chdir: /srv/nextcloud/.examples/dockerfiles/cron/apache
become: False
- name: set_fact app_sh & app_dir
set_fact:
app_dir: "/srv/nextcloud/.examples/docker-compose/with-nginx-proxy/postgres/apache"
app_sh: "docker-compose -f docker-compose-infrastructure.yml exec -T -u www-data app"
- name: Copy docker-compose-infrastructure.yml
template:
src: docker-compose-infrastructure.yml
dest: "{{ app_dir }}/docker-compose-infrastructure.yml"
owner: debian
mode: "0600"
become: False
- name: (re)create nextcloud
docker_service:
files: docker-compose-infrastructure.yml
project_src: "{{ app_dir }}"
state: present
become: False
- name: wait for nextcloud to be ready
uri:
url: "http{% if with_https is defined and with_https == true %}s{% endif %}://{{ vhost_fqdn }}"
method: GET
status_code: 200
register: nextcloud_get
until: nextcloud_get|succeeded
retries: 30
delay: 5
- name: test -f config/config.php
shell: |
{{ app_sh }} grep installed config/config.php
args:
chdir: "{{ app_dir }}"
register: nextcloud_config
ignore_errors: True
- name: occ maintenance:install
shell: |
{{ app_sh }} bash -c 'php -f occ maintenance:install --database-host=$POSTGRES_HOST --database-name=$POSTGRES_DB --database-user=$POSTGRES_USER --admin-user {{ NEXTCLOUD_ADMIN_USER }} --admin-pass {{ NEXTCLOUD_ADMIN_PASS }} --database pgsql --database-pass=$POSTGRES_PASSWORD'
args:
chdir: "{{ app_dir }}"
become: False
when: nextcloud_config.rc == 1
- name: occ config:system:set trusted_domains {{ vhost_fqdn }}
shell: |
{{ app_sh }} php -f occ config:system:set trusted_domains 0 --value {{ vhost_fqdn }}
{{ app_sh }} php -f occ config:system:set trusted_domains 1 --value {{ ansible_host }} # for test purposes only
args:
chdir: "{{ app_dir }}"
become: False
- name: occ app:{install,enable} twofactor_totp
shell: |
{{ app_sh }} php -f occ app:install twofactor_totp
{{ app_sh }} php -f occ app:enable twofactor_totp
args:
chdir: "{{ app_dir }}"
become: False
- name: git clone https://lab.{{ domain }}/main/app/
git:
repo: "https://lab.{{ domain }}/main/app/"
force: yes
dest: /var/lib/docker/volumes/apache_nextcloud/_data/apps/enough
- name: occ app:enable enough
shell: |
{{ app_sh }} php -f occ app:enable enough
args:
chdir: "{{ app_dir }}"
become: False
- name: apt-get install tor
apt:
name: tor
state: present
- name: apt-get install torsocks
apt:
name: torsocks
state: present
- name: mkdir /var/lib/tor/services
file:
state: directory
dest: /var/lib/tor/services
owner: debian-tor
group: debian-tor
mode: "0700"
- name: mkdir /var/lib/tor/services/cloud
file:
state: directory
dest: /var/lib/tor/services/cloud
owner: debian-tor
group: debian-tor
mode: "0700"
- name: Copy /etc/tor/torrc
template:
src: torrc
dest: /etc/tor/torrc
mode: "0644"
- name: restart tor
service:
name: tor
state: restarted
- name: wait for nextcloud .onion to be ready
shell: |
set -e
url=$(cat /var/lib/tor/services/cloud/hostname)
torsocks curl --silent http://$url/login > /dev/null
register: tor_nextcloud_curl
until: tor_nextcloud_curl|succeeded
retries: 30
delay: 10
- name: get the .onion URL
shell: |
echo -n $(cat /var/lib/tor/services/cloud/hostname)
register: nextcloud_onion
- name: occ config:system:set trusted_domains *.onion
shell: |
{{ app_sh }} php -f occ config:system:set trusted_domains 2 --value {{ nextcloud_onion.stdout }}
args:
chdir: "{{ app_dir }}"
become: False