--- # tasks file for nextcloud - name: select specific Database tasks include_tasks: "database_{{nextcloud_DB_type}}.yml" - name: ensure pacman hook folder exist become: true file: path: /etc/pacman.d/hooks state: directory - name: add pacman hook copy: dest: /etc/pacman.d/hooks/nextcloud_hook # required. Remote absolute path where the file should be copied to. If I(src) is a directory, this must be a directory too. If I(dest) is a nonexistent path and if either I(dest) ends with "/" or I(src) is a directory, I(dest) is created. If I(src) and I(dest) are files, the parent directory of I(dest) isn't created: the task fails if it doesn't already exist. src: nextcloud.hook # not required. Local path to a file to copy to the remote server; can be absolute or relative. If path is a directory, it is copied recursively. In this case, if path ends with "/", only inside contents of that directory are copied to destination. Otherwise, if it does not end with "/", the directory itself with all contents is copied. This behavior is similar to Rsync. become: true when: ansible_facts['os_family'] == "Archlinux" - name: install nextcloud package: state: present # required. Whether to install (C(present)), or remove (C(absent)) a package. Other states depend on the underlying package module, i.e C(latest). name: nextcloud # required. Package name, or package specifier with version, like C(name-1.0).,Be aware that packages are not always named the same and this module will not 'translate' them per distro. become: true - name: ensure nextcloud user exist become: true user: name: "{{nextcloud_user}}" - name: ensure nextcloud group exist become: true group: name: "{{nextcloud_group}}" - name: ensure user is owner of source directory become: true file: path: "{{nextcloud_web_root}}" owner: "{{nextcloud_user}}" recurse: yes - name: création du répertoire data become: true file: path: "{{ nextcloud_datadirectory }}" group: "{{nextcloud_group}}" # not required. Name of the group that should own the file/directory, as would be fed to I(chown). state: directory # not required. choices: absent;directory;file;hard;link;touch. If C(directory), all intermediate subdirectories will be created if they do not exist. Since Ansible 1.7 they will be created with the supplied permissions. If C(file), the file will NOT be created if it does not exist; see the C(touch) value or the M(copy) or M(template) module if you want that behavior. If C(link), the symbolic link will be created or changed. Use C(hard) for hardlinks. If C(absent), directories will be recursively deleted, and files or symlinks will be unlinked. Note that C(absent) will not cause C(file) to fail if the C(path) does not exist as the state did not change. If C(touch) (new in 1.4), an empty file will be created if the C(path) does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way `touch` works from the command line). owner: "{{nextcloud_group}}" # got required. Name of the user that should own the file/directory, as would be fed to I(chown). when: nextcloud_data_directory_creation == true - name: création du fichier .ocdata in data become: true become_user: "{{nextcloud_user}}" file: path: "{{ nextcloud_datadirectory }}/.ocdata" state: touch # not required. choices: absent;directory;file;hard;link;touch. If C(directory), all intermediate subdirectories will be created if they do not exist. Since Ansible 1.7 they will be created with the supplied permissions. If C(file), the file will NOT be created if it does not exist; see the C(touch) value or the M(copy) or M(template) module if you want that behavior. If C(link), the symbolic link will be created or changed. Use C(hard) for hardlinks. If C(absent), directories will be recursively deleted, and files or symlinks will be unlinked. Note that C(absent) will not cause C(file) to fail if the C(path) does not exist as the state did not change. If C(touch) (new in 1.4), an empty file will be created if the C(path) does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way `touch` works from the command line). - name: check if config exist stat: path: /etc/webapps/nextcloud/config/config.php # required. The full path of the file/object to get the facts of. register: nextcloud_config_exist - name: "Searching for a String" become: yes shell: awk "/'installed' => true/" /etc/webapps/nextcloud/config/config.php register: installed_mode changed_when: installed_mode.stdout == "" when: nextcloud_config_exist.stat.exists == true - name: installation - ensure nextcloud config command: > php "{{ nextcloud_web_root }}"/occ maintenance:install --database "{{ 'pgsql' if nextcloud_DB_type == 'postgres' else nextcloud_DB_type }}" --database-name "{{ nextcloud_db_name}}" --database-user "{{ nextcloud_db_user }}" --database-pass "{{ nextcloud_db_password }}" --admin-user "{{ nextcloud_admin_user }}" --admin-pass "{{ nextcloud_admin_password }}" --data-dir "{{ nextcloud_datadirectory }}" become: true become_user: "{{nextcloud_user}}" changed_when: true ignore_errors: yes when: installed_mode is changed or nextcloud_config_exist.stat.exists == false - name: apply php-fpm pool template become: true template: src: php-fpm.j2 dest: /etc/php/php-fpm.d/nextcloud.conf owner: root group: root mode: 0644 - name: ensure additional options are set in config.php if defined become: true lineinfile: path: '{{ nextcloud_web_root }}/config/config.php' regexp: '^\s*''{{ item.option }}''' line: ' ''{{ item.option }}'' => {{ item.value }},' insertafter: '\$CONFIG' with_items: '{{ nextcloud_config_options }}' when: nextcloud_config_options is defined - name: installation - ensure trusted domains are set command: 'php {{ nextcloud_web_root }}/occ config:system:set trusted_domains {{ item.0 }} --value "{{ item.1 }}"' become: true become_user: "{{nextcloud_user}}" changed_when: true with_indexed_items: - '{{ nextcloud_trusted_domains }}' - name: ensure correct data folder is set become: true lineinfile: path: '{{ nextcloud_web_root }}/config/config.php' regexp: '^\s*''datadirectory''' line: ' ''datadirectory'' => ''{{ nextcloud_datadirectory }}'',' insertafter: '\$CONFIG' when: nextcloud_datadirectory is defined - name: ensure correct database parameter in config.php become: true lineinfile: path: '{{ nextcloud_web_root }}/config/config.php' regexp: '^\s*''{{ item.option }}''' line: ' ''{{ item.option }}'' => ''{{ item.value }}'',' insertafter: '\$CONFIG' with_items: '{{ nextcloud_db_options }}' when: nextcloud_db_options is defined - name: create cron for nextcloud cron: job: "sudo -u {{nextcloud_user}} /usr/bin/php -f {{nextcloud_web_root}}/cron.php" user: root # not required. The specific user whose crontab should be modified. minute: 0,15,30,45 # not required. Minute when the job should run ( 0-59, *, */2, etc ) name: "nextcloud recuring cron job" # not required. Description of a crontab entry or, if env is set, the name of environment variable. Required if state=absent. Note that if name is not set and state=present, then a new crontab entry will always be created, regardless of existing ones. become: yes - name: create cron for file scan cron: job: "sudo -u {{nextcloud_user}} /usr/bin/php /usr/share/webapps/nextcloud/occ files:scan --all > /dev/null" user: root # not required. The specific user whose crontab should be modified. minute: "00" # not required. Minute when the job should run ( 0-59, *, */2, etc ) hour: "4" name: "nextcloud cron job" # not required. Description of a crontab entry or, if env is set, the name of environment variable. Required if state=absent. Note that if name is not set and state=present, then a new crontab entry will always be created, regardless of existing ones. become: yes - name: Install fail2ban jail template: src: fail2ban/nextcloud.local.j2 dest: /etc/fail2ban/jail.d/nextcloud.local owner: root group: root mode: 0644 notify: Restart fail2ban become: yes