From b1f371ec9d587e3727e85afe34473ed154d1fc48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Romain=20Gon=C3=A7alves?= <me@rgoncalves.se>
Date: Tue, 13 Feb 2024 23:10:06 +0100
Subject: feat(roles/nextcloud): automate with occ

---
 roles/nextcloud/tasks/database.yml | 18 +++++++
 roles/nextcloud/tasks/main.yml     | 99 ++++++++++++++++++++------------------
 roles/nextcloud/tasks/php.yml      | 17 +++++++
 3 files changed, 87 insertions(+), 47 deletions(-)
 create mode 100644 roles/nextcloud/tasks/database.yml
 create mode 100644 roles/nextcloud/tasks/php.yml

(limited to 'roles/nextcloud/tasks')

diff --git a/roles/nextcloud/tasks/database.yml b/roles/nextcloud/tasks/database.yml
new file mode 100644
index 0000000..601ee9d
--- /dev/null
+++ b/roles/nextcloud/tasks/database.yml
@@ -0,0 +1,18 @@
+---
+
+- name: create nextcloud database
+  community.postgresql.postgresql_db:
+    name: "{{ nextcloud__db_name }}"
+    encoding: UTF-8
+
+- name: create nextcloud database user
+  community.postgresql.postgresql_user:
+    db: "{{ nextcloud__db_name }}"
+    name: "{{ nextcloud__db_user }}"
+    password: "{{ nextcloud__db_password }}"
+
+- name: add nextcloud db user permissions
+  community.postgresql.postgresql_schema:
+    db: "{{ nextcloud__db_name }}"
+    name: "{{ nextcloud__db_user }}"
+    owner: "{{ nextcloud__db_user }}"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index bb744e7..2a1a0bc 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -20,10 +20,60 @@
     name: "{{ nextcloud__package_dependencies }}"
     state: present
 
-- name: start and enable php-service
+- name: chown directories to www user
+  file:
+    path: "{{ httpd_pre__chroot_dir }}/nextcloud/{{ item }}"
+    owner: "{{ httpd_pre__user }}"
+    group: "{{ httpd_pre__group }}"
+    recurse: true
+  loop: "{{ nextcloud__owned_directories }}"
+
+- name: create .ocdata file
+  ansible.builtin.file:
+    path: "{{ nextcloud__data_dir }}/.ocdata"
+    owner: "{{ httpd_pre__user }}"
+    group: "{{ httpd_pre__group }}"
+    mode: "0600"
+    state: touch
+
+- name: generate datadirectory workaround configuration
+  ansible.builtin.template:
+    src: datadirectory.config.php.j2
+    dest: "{{ nextcloud__chroot_dir }}/config/datadirectory.config.php"
+    owner: "{{ httpd_pre__user }}"
+    group: "{{ httpd_pre__group }}"
+    mode: "0644"
+
+- name: import php tasks
+  ansible.builtin.import_tasks:
+    file: database.yml
+
+- name: import database tasks
+  ansible.builtin.import_tasks:
+    file: database.yml
+  become: true
+  become_user: "{{ postgresql__user }}"
+
+- name: import occ tasks
+  ansible.builtin.import_tasks:
+    file: occ.yml
+  become: true
+  become_user: "{{ httpd_pre__user }}"
+  become_method: su
+  become_flags: -s /bin/sh
+
+- name: enable nextcloud background jobs
+  ansible.builtin.cron:
+    name: nextcloud background jobs
+    minute: "*/5"
+    job: "php  -f {{ nextcloud__chroot_dir }}/cron.php"
+    user: "{{ httpd_pre__user }}"
+
+
+- name: start and enable php-fpm service
   ansible.builtin.service:
     name: "{{ nextcloud__php_service_name }}"
-    state: started
+    state: restarted
     enabled: true
 
 - name: generate nextcloud httpd configuration
@@ -33,48 +83,3 @@
     owner: 0
     group: 0
     mode: "0644"
-
-# - name: generate nextcloud php config
-#   template:
-#     src: etc-php-7.3.ini.j2
-#     dest: /etc/php-7.3.ini
-#     owner: "www"
-#     group: "www"
-#     mode: "0644"
-
-# - name: generate nextcloud custom config
-#   template:
-#     src: var-www-nextcloud-config-custom.config.php.j2
-#     dest: /var/www/nextcloud/config/custom.config.php
-#     owner: "www"
-#     group: "www"
-#     mode: "0644"
-
-# - name: copy configuration for domain name and tls in chroot
-#   shell: |
-#     mkdir -p /var/www/etc/ssl
-#     install -m 444 -o root -g bin /etc/resolv.conf /var/www/etc
-#     install -m 444 -o root -g bin /etc/ssl/cert.pem /etc/ssl/openssl.cnf /var/www/etc/ssl/
-
-# - name: enable cron job for nextcloud indexing and housekeeping
-#   cron:
-#     name: "nextcloud indexing"
-#     minute: "*/5"
-#     job: "php -f /var/www/nextcloud/cron.php"
-#     user: www
-
-# - name: ensure directories are chown to www
-#   file:
-#     path: "/var/www/nextcloud/{{ item }}"
-#     owner: "www"
-#     group: "www"
-#     recurse: true
-#   loop:
-#     - "apps"
-#     - "updater"
-# 
-# - name: ensure php-fpm is restarted and enabled
-#   service:
-#     name: php73_fpm
-#     state: restarted
-#     enabled: true
diff --git a/roles/nextcloud/tasks/php.yml b/roles/nextcloud/tasks/php.yml
new file mode 100644
index 0000000..9721e8f
--- /dev/null
+++ b/roles/nextcloud/tasks/php.yml
@@ -0,0 +1,17 @@
+---
+
+- name: apply php settings
+  community.general.ini_file:
+    path: "{{ nextcloud__php_configuration_file }}"
+    section: "{{ item.section }}"
+    option: "{{ item.option }}"
+    value: "{{ item.value }}"
+  loop: "{{ nextcloud__php_settings }}"
+
+- name: apply php-fpm settings
+  community.general.ini_file:
+    path: "{{ nextcloud__php_fpm_configuration_file }}"
+    section: "{{ item.section }}"
+    option: "{{ item.option }}"
+    value: "{{ item.value }}"
+  loop: "{{ nextcloud__php_fpm_settings }}"
-- 
cgit v1.2.3