strepsirrhini/lemur
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lemur/nextcloud/ansible/nextcloud_appliance.yaml

331 lines
10 KiB
YAML
Raw Normal View History

Add Nextcloud playbook - Install nextcloud - Install and configure notify_push high performance backend - Install and configure collabra office online
2021-08-23 23:01:13 -05:00
---
- hosts: all
vars:
nextcloud_path: "{{ '/usr/share/nginx/html' if ansible_distribution_file_variety == 'RedHat' else '/var/www/html' }}"
nextcloud_occ: "{{ nextcloud_path }}/occ"
nginx_path: "{{ '/etc/nginx/conf.d' if ansible_distribution_file_variety == 'RedHat' else '/etc/nginx/sites-enabled' }}"
php_ini_path: "{{ '/etc' if ansible_distribution_file_variety == 'RedHat' else '/etc/php/7.4/fpm' }}"
php_pool_path: "{{ '/etc/php-fpm.d' if ansible_distribution_file_variety == 'RedHat' else '/etc/php/7.4/fpm/pool.d' }}"
php_fpm_service: "{{ 'php-fpm' if ansible_distribution_file_variety == 'RedHat' else 'php7.4-fpm' }}"
document_root: "{{ '/usr/share/nginx/html' if ansible_distribution_file_variety == 'RedHat' else '/var/www/html' }}"
web_user: "{{ 'nginx' if ansible_distribution_file_variety == 'RedHat' else 'www-data' }}"
pg_hba_conf: "{{ '/var/lib/pgsql/data/pg_hba.conf' if ansible_distribution_file_variety == 'RedHat' else '/etc/postgresql/13/main/pg_hba.conf' }}"
redis_dir: "{{ '/etc' if ansible_distribution_file_variety == 'RedHat' else '/etc/redis' }}"
redis_user: "nextcloud"
redis_url: "https://127.0.0.1"
redis_password: "2XenoNNBtLJqrELTfmCLum/42Guz72Ym0RPMxXh5+pT"
nextcloud_version: "22.1.0"
nextcloud_database: "nextcloud"
nextcloud_database_user: "nextcloud"
nextcloud_database_user_password: "nVdUe6%Ua9c,Rd.8BVugPHPm2yqUSXWCAy%1GXOQGn8tg9F?k%R"
nextcloud_admin_user: "nextcloud_admin"
nextcloud_admin_password: "prueba123"
nextcloud_domain_name: "{{ ansible_default_ipv4.address }}"
pre_tasks:
- name: Create fact directory
file:
path: /etc/ansible/facts.d/
state: directory
- name: Create nextcloud custom facts
copy:
dest: /etc/ansible/facts.d/is_nextcloud_installed.fact
mode: 0775
force: yes
content: |
#!/usr/bin/bash
INSTALLED=$(sudo -u www-data /usr/bin/php /var/www/html/occ status | grep installed | cut -d':' -f 2 | sed 's/ //')
if [[ "${INSTALLED}" == "true" ]]; then
echo "true"
else
echo "false"
fi
tags:
- check_facts
- name: Reload facts
setup:
tags:
- check_facts
tasks:
- name: Display local facts
debug: var=ansible_local
tags:
- check_facts
# System setup
- name: sysctl -w net.core.somaxconn=65535
sysctl:
name: net.core.somaxconn
value: "65535"
state: present
reload: true
sysctl_file: /etc/sysctl.conf
- name: Red Hat Distros Tasks
block:
- name: Install System Packages
action: package name={{item}} state=present
with_items:
- nginx
- php-fpm
- postgresql
- postgresql-server
- python3-psycopg2
- redis
- php-pgsql
- php-cli
- php-curl
- php-dom
- php-exif
- php-fileinfo
- php-gd
- php-iconv
- php-json
- php-ldap
- php-mbstring
- php-openssl
- php-pcre
- php-pdo
- php-session
- php-simplexml
- php-xmlwriter
- php-spl
- php-zip
- php-filter
- php-ldap
- php-smbclient
- php-imap
- php-gmp
- php-process
- php-pecl-imagick
- php-pecl-memcached
- php-pecl-apcu
- php-pecl-redis
- python3-openssl
- name: Import Collabora key
ansible.builtin.rpm_key:
state: present
key: https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos8/repodata/repomd.xml.key
- name: Add Collabora repository for Red Hat distros
yum_repository:
name: CollaboraOnline
description: Collabora Online
baseurl: https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos8
- name: Install Collabora Online Packages
action: package name={{item}} state=present
with_items:
- loolwsd
- CODE-brand
- name: Initialize postgres database
ansible.builtin.shell:
cmd: /usr/bin/postgresql-setup --initdb
when:
ansible_distribution_file_variety == 'RedHat'
- name: Debian Distros Tasks
block:
- name: Install System Packages
action: package name={{item}} state=present
with_items:
- dirmngr
- nginx
- php-fpm
- postgresql-all
- python3-psycopg2
- redis
- php-pgsql
- php-cli
- php-curl
- php7.4-xml
- php-gd
- php-json
- php-ldap
- php-mbstring
- php7.4-xml
#- php-xmlwriter
- php-zip
- php-ldap
#- php-smbclient
- php-imap
- php-gmp
#- php-process
- php-imagick
- php-memcached
- php-apcu
- php-redis
- python3-openssl
- name: Add Collabora apt key by id from keyserver for Debian 10
ansible.builtin.apt_key:
keyserver: keyserver.ubuntu.com
id: 0C54D189F4BA284D
tags:
- debian-collabora-repos
- collabora
- name: Add Collabora repository for Debian distros (10)
ansible.builtin.apt_repository:
repo: deb https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-debian10 ./
state: present
tags:
- debian-collabora-repos
- collabora
- name: Install Collabora Online Packages
action: package name={{item}} state=present
with_items:
- loolwsd
- code-brand
tags:
- collabora
when:
ansible_distribution_file_variety == 'Debian'
- name: Configure Nginx Nextcloud pool
template: src=files/nextcloud_nginx.conf.j2 dest="{{ nginx_path }}/nextcloud_nginx.conf"
- name: Configure PHP
template: src=files/php.ini.j2 dest="{{ php_ini_path }}/php.ini"
- name: Configure PHP FPM pool
template: src=files/www.conf.j2 dest="{{ php_pool_path }}/www.conf"
# nextcloud specific tasks
#- name: Ensure that Nextcloud target directory exists
# ansible.builtin.file:
# path: /var/www/nextcloud
# state: directory
# mode: '0755'
# owner: "{{ web_user }}"
- name: Download Nextcloud
ansible.builtin.unarchive:
src: "https://download.nextcloud.com/server/releases/nextcloud-{{nextcloud_version}}.tar.bz2"
dest: "{{ nextcloud_path }}"
remote_src: yes
owner: "{{ web_user }}"
extra_opts:
- --strip-components=1
when:
ansible_local['is_nextcloud_installed'] != true
- name: Enable nginx service
systemd:
name: nginx
enabled: yes
state: started
- name: Enable php-fpm service
systemd:
name: "{{ php_fpm_service }}"
enabled: yes
state: started
- name: Enable PostgreSQL service
systemd:
name: postgresql
enabled: yes
state: started
- name: Generate a Self Signed OpenSSL certificate
openssl_certificate:
path: /etc/redis/redis-self-cert.crt
privatekey_path: /etc/redis/redis-self-private.pem
csr_path: /etc/redis/redis-self.csr
provider: selfsigned
- name: Set Redis Configuration
template: src=files/redis.conf.j2 dest="{{ redis_dir }}/redis.conf" owner=root group=root mode=0644
- name: Enable Redis service
systemd:
name: redis
enabled: yes
state: restarted
- name: "Create database user"
postgresql_user:
name: "{{ nextcloud_database_user }}"
password: "{{ nextcloud_database_user_password }}"
become_user: postgres
become: yes
tags:
- database
- name: "Create nextcloud database"
postgresql_db:
name: "{{ nextcloud_database }}"
encoding: UTF-8
template: template0
owner: "{{ nextcloud_database_user }}"
become_user: postgres
become: yes
tags:
- database
- name: Allow postgres user to connect to the database
blockinfile:
dest: "{{ pg_hba_conf }}"
block: |
host all all 0.0.0.0/0 md5
- name: Install nextcloud to database
ansible.builtin.shell:
cmd: /usr/bin/php "{{ nextcloud_occ }}" maintenance:install --database "pgsql" --database-name "{{ nextcloud_database }}" --database-user "{{ nextcloud_database_user }}" --database-pass "{{ nextcloud_database_user_password}}" --admin-user "{{ nextcloud_admin_user }}" --admin-pass "{{ nextcloud_admin_password }}"
chdir: "{{ document_root }}"
become: true
become_user: "{{ web_user }}"
when:
ansible_local['is_nextcloud_installed'] != true
- name: Configure Nextcloud Redis
ansible.builtin.shell:
cmd: |
/usr/bin/php "{{ nextcloud_occ }}" config:system:set redis host localhost
/usr/bin/php "{{ nextcloud_occ }}" config:system:set redis port --value=6379
/usr/bin/php "{{ nextcloud_occ }}" config:system:set redis dbindex --value=0
/usr/bin/php "{{ nextcloud_occ }}" config:system:set redis user --value="{{ redis_user }}"
/usr/bin/php "{{ nextcloud_occ }}" config:system:set redis password --value="{{ redis_password }}"
chdir: "{{ document_root }}"
become: true
become_user: "{{ web_user }}"
- name: Enable Nextcloud High Performance Backend
ansible.builtin.shell:
cmd: /usr/bin/php "{{ nextcloud_occ }}" app:enable notify_push
chdir: "{{ document_root }}"
become: true
become_user: "{{ web_user }}"
- name: Setup Nextcloud High Performance Backend
ansible.builtin.shell:
cmd: /usr/bin/php "{{ nextcloud_occ }}" notify_push:setup "http://{{ nextcloud_domain_name }}/push"
chdir: "{{ document_root }}"
become: true
become_user: "{{ web_user }}"
tags:
- redis
- name: Install Nextcloud High Performance Backend Systemd Service
template: src=files/notify_push.service.j2 dest=/etc/systemd/system/notify_push.service
- name: Enable Nextcloud Notify Push Service
systemd: state=started name=notify_push daemon_reload=yes
- name: Enable Libre Office Web services
systemd:
name: loolwsd
enabled: yes
state: started
Reference in a new issue Copy permalink