Initialize repo for Nextcloud container role.
This commit is contained in:
commit
d4978f44dd
0
.gitignore
vendored
Normal file
0
.gitignore
vendored
Normal file
59
README.md
Normal file
59
README.md
Normal file
@ -0,0 +1,59 @@
|
||||
# Ansible Role: nextcloud
|
||||
|
||||
This Ansible Role installs a rootless [Nextcloud](https://github.com/nextcloud/docker) container using Podman. It is intended to be composed with separate roles for Podman and any database backend such as PostgreSQL or Mariadb.
|
||||
|
||||
## Requirements
|
||||
|
||||
* [containers.podman](https://github.com/containers/ansible-podman-collections)
|
||||
|
||||
## Dependencies
|
||||
|
||||
* [podman](docs/PODMAN.md)
|
||||
* [mariadb](docs/DATABASE.md) (optional)
|
||||
* postgresql (optional)
|
||||
|
||||
## Role Variables
|
||||
|
||||
```yaml
|
||||
nextcloud_config.NEXTCLOUD_ADMIN_USER: adminotaur
|
||||
nextcloud_config.NEXTCLOUD_ADMIN_PASSWORD: "{{ lookup('ansible.builtin.env', 'NEXTCLOUD_ADMIN') }}"
|
||||
nextcloud_config.MYSQL_PASSWORD: "{{ lookup('ansible.builtin.env', 'NEXTCLOUD_MARIADB') }}"
|
||||
```
|
||||
|
||||
See the role [defaults](defaults/main.yml) and the Nextcloud [environment variable documentation](https://github.com/nextcloud/docker/blob/master/README.md#auto-configuration-via-environment-variables).
|
||||
|
||||
## Example Playbook
|
||||
|
||||
```yaml
|
||||
- hosts: nextcloud
|
||||
roles:
|
||||
- role: fauust.mariadb
|
||||
become: true
|
||||
- role: alvistack.podman
|
||||
become: true
|
||||
- role: bleetube.nextcloud
|
||||
```
|
||||
|
||||
## Example Deployment
|
||||
|
||||
```bash
|
||||
export NEXTCLOUD_ADMIN=$(pass generate -n NEXTCLOUD_ADMIN | tail -n1)
|
||||
export NEXTCLOUD_MARIADB=$(pass generate -n NEXTCLOUD_MARIADB | tail -n1)
|
||||
ansible-playbook playbooks/nextcloud.yml
|
||||
```
|
||||
|
||||
## Backups
|
||||
|
||||
TODO
|
||||
|
||||
## Monitoring
|
||||
|
||||
TODO
|
||||
|
||||
## Resources
|
||||
|
||||
* [nextcloud.admin](https://github.com/nextcloud/ansible-collection-nextcloud-admin) collection
|
||||
|
||||
## Thanks
|
||||
|
||||
Based on the original role created by [Joerg Kastning](https://www.my-it-brain.de/wordpress/zu-meiner-person/). Thank you!
|
52
defaults/main.yml
Normal file
52
defaults/main.yml
Normal file
@ -0,0 +1,52 @@
|
||||
---
|
||||
nextcloud_ports:
|
||||
- "{{ nextcloud_fpm_upstream|default(9000) }}:9000"
|
||||
|
||||
nextcloud_create_volumes:
|
||||
- nc_html
|
||||
- nc_apps
|
||||
- nc_config
|
||||
- nc_data
|
||||
|
||||
nextcloud_volumes:
|
||||
- nc_html:/var/www/html:Z # Main folder, needed for updating
|
||||
- nc_apps:/var/www/html/custom_apps:Z # Volume for installed/modified apps
|
||||
- nc_config:/var/www/html/config:Z # Volume for local configuration
|
||||
- nc_data:/var/www/html/data:Z # Volume for the actual data of Nextcloud
|
||||
# - /var/run/postgresql:/var/run/postgresql
|
||||
|
||||
# Vars for Nextcloud container
|
||||
nextcloud_pidfile: /tmp/nextcloud.pid
|
||||
nextcloud_image: docker.io/library/nextcloud
|
||||
nextcloud_version: fpm-alpine # https://hub.docker.com/_/nextcloud
|
||||
nextcloud_name: nextcloud
|
||||
|
||||
# https://github.com/nextcloud/docker/blob/master/README.md#auto-configuration-via-environment-variables
|
||||
nextcloud_config: []
|
||||
# NEXTCLOUD_ADMIN_USER: admin
|
||||
# NEXTCLOUD_ADMIN_PASSWORD: ""
|
||||
# NEXTCLOUD_DATA_DIR: /var/www/html/data
|
||||
# NEXTCLOUD_TRUSTED_DOMAINS: ""
|
||||
|
||||
# SQLITE_DATABASE: nextcloud
|
||||
|
||||
# MYSQL_DATABASE: nextcloud
|
||||
# MYSQL_USER: nextcloud
|
||||
# MYSQL_PASSWORD: ""
|
||||
# MYSQL_HOST: host.containers.internal
|
||||
|
||||
# POSTGRES_HOST: /var/run/postgresql
|
||||
# POSTGRES_DB: nextcloud
|
||||
# POSTGRES_USER: nextcloud
|
||||
# POSTGRES_PASSWORD: ""
|
||||
|
||||
# REDIS_HOST: host.containers.internal
|
||||
|
||||
# SMTP_HOST: ""
|
||||
# SMTP_SECURE: "" # ssl to use SSL, or tls zu use STARTTLS
|
||||
# SMTP_PORT: "" # (25, 465 for SSL, 587 for STARTTLS)
|
||||
# SMTP_AUTHTYPE: ""
|
||||
# SMTP_NAME: ""
|
||||
# SMTP_PASSWORD: ""
|
||||
# MAIL_FROM_ADDRESS: ""
|
||||
# MAIL_DOMAIN: ""
|
33
docs/MARIADB.md
Normal file
33
docs/MARIADB.md
Normal file
@ -0,0 +1,33 @@
|
||||
# Mariadb
|
||||
|
||||
This variation of the [original role](https://github.com/Tronde/ansible_role_deploy_nextcloud_with_mariadb_pod) is intended to be composed with another role that sets up the database. Here is an example using [fauust.mariadb](https://github.com/fauust/ansible-role-mariadb)
|
||||
|
||||
## Example Playbook
|
||||
|
||||
```yaml
|
||||
roles:
|
||||
- fauust.mariadb
|
||||
```
|
||||
|
||||
## Example Variables
|
||||
|
||||
```yaml
|
||||
mariadb_databases:
|
||||
- name: nextcloud
|
||||
collation: utf8_general_ci
|
||||
encoding: utf8
|
||||
replicate: false
|
||||
|
||||
mariadb_users:
|
||||
- name: nextcloud
|
||||
host: localhost
|
||||
password: "{{ lookup('ansible.builtin.env', 'NEXTCLOUD_MARIADB') }}"
|
||||
priv: "nextcloud.*:ALL"
|
||||
state: present
|
||||
- name: nextcloud
|
||||
host: '%'
|
||||
password: "{{ lookup('ansible.builtin.env', 'NEXTCLOUD_MARIADB') }}"
|
||||
priv: "nextcloud.*:ALL"
|
||||
state: present
|
||||
```
|
||||
In this example, there are two users because both `localhost` and `%` (all-hosts wildcard) are [mutually exclusive](https://stackoverflow.com/q/10823854/9290). I am also using environment variables to separate secret stores from the repository.
|
18
docs/PODMAN.md
Normal file
18
docs/PODMAN.md
Normal file
@ -0,0 +1,18 @@
|
||||
# Podman
|
||||
|
||||
Example using [alvistack/ansible-role-podman](https://github.com/alvistack/ansible-role-podman):
|
||||
|
||||
|
||||
```yaml
|
||||
- hosts: podman
|
||||
become: true
|
||||
|
||||
roles:
|
||||
- alvistack.podman
|
||||
|
||||
tasks:
|
||||
- name: "Ensure loginctl enable-linger is set for {{ sysadmin_username }}"
|
||||
command:
|
||||
cmd: "loginctl enable-linger {{ sysadmin_username }}"
|
||||
creates: "/var/lib/systemd/linger/{{ sysadmin_username }}"
|
||||
```
|
1
meta/main.yml
Normal file
1
meta/main.yml
Normal file
@ -0,0 +1 @@
|
||||
dependencies: []
|
43
tasks/main.yml
Normal file
43
tasks/main.yml
Normal file
@ -0,0 +1,43 @@
|
||||
---
|
||||
#- name: Nextcloud | Assert all secrets have been configured.
|
||||
# ansible.builtin.assert:
|
||||
# that:
|
||||
# - nextcloud_config.NEXTCLOUD_ADMIN_PASSWORD is defined
|
||||
# - nextcloud_config.NEXTCLOUD_ADMIN_PASSWORD | length > 0
|
||||
# fail_msg: "NEXTCLOUD_ADMIN_PASSWORD is not configured"
|
||||
# quiet: true
|
||||
# no_log: true
|
||||
|
||||
- name: Ensure that only one database backend is defined
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- "'{{ [nextcloud_config.SQLITE_DATABASE is defined,
|
||||
nextcloud_config.POSTGRES_PASSWORD is defined,
|
||||
nextcloud_config.MYSQL_PASSWORD is defined]
|
||||
| select('equalto', true)
|
||||
| list
|
||||
| count }}' == '1'"
|
||||
fail_msg: "Only one of SQLITE_DATABASE, POSTGRES_PASS or MYSQL_PASSWORD should be defined"
|
||||
no_log: true
|
||||
|
||||
- name: Nextcloud | Create volumes
|
||||
containers.podman.podman_volume:
|
||||
state: present
|
||||
name: "{{ item }}"
|
||||
recreate: no
|
||||
debug: no
|
||||
loop: "{{ nextcloud_create_volumes }}"
|
||||
|
||||
# https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/docker-compose.yml
|
||||
- name: Nextcloud | Create container
|
||||
containers.podman.podman_container:
|
||||
debug: no
|
||||
conmon_pidfile: "{{ nextcloud_pidfile }}"
|
||||
image: "{{ nextcloud_image }}:{{ nextcloud_version }}"
|
||||
image_strict: yes
|
||||
recreate: yes
|
||||
state: started
|
||||
name: "{{ nextcloud_name }}"
|
||||
env: "{{ nextcloud_config }}"
|
||||
volume: "{{ nextcloud_volumes }}"
|
||||
ports: "{{ nextcloud_ports }}"
|
2
tests/inventory
Normal file
2
tests/inventory
Normal file
@ -0,0 +1,2 @@
|
||||
localhost
|
||||
|
6
tests/test.yml
Normal file
6
tests/test.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
- hosts: localhost
|
||||
remote_user: root
|
||||
connection: local
|
||||
roles:
|
||||
- bleetube.nextcloud
|
Loading…
Reference in New Issue
Block a user