From 44e48cf36096274b36fa507870cf088ffd32224d Mon Sep 17 00:00:00 2001 From: akshay Date: Tue, 5 Apr 2022 10:11:46 +0530 Subject: [PATCH] added Readme and minor debug output changes --- README.md | 26 ++++++- main.yml | 2 +- roles/mysql/tasks/main.yml | 6 +- roles/nextcloud/tasks/main.yml | 123 ++++++++++++++++----------------- vars.yml | 22 +++++- 5 files changed, 108 insertions(+), 71 deletions(-) diff --git a/README.md b/README.md index a4af25e..a3c5549 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,26 @@ -# nextcloud-ansible-playbook +## Values that should be modified in vars.yml before running playbook + +domainname: Domain name +nc_admin_username: Nextcloud dmin username +nc_admin_pass: Nextcloud admin password +nc_root: Root folder for Nextcloud. +nc_trusted_domains: Domains/IP for accessing nextcloud. This is in dictionary format. The format for adding multiple domains is given below +> nc_trusted_domains: +> 0: example.com +> 1: example2.com +nc_version: Nextcloud version which is to be downloaded + +#### Database configuration +nc_db: Database software used. Currently supports MySQL(mysql) and PostgreSQL(pgsql) +nc_db_host: Host running database. +nc_db_name: Name of database that is used for storing nextcloud data +nc_db_user: Name of role/database user for accessing the database +nc_db_pass: Role/Database user password + +#### LDAP configration +ldapBaseDN: Base DN for LDAP. This role uses freeipa dn structure hence the default value is cn=users,cn=accounts,dc=example,dc=com. Inorder to change the default Base DN value modify roles/nextcloud/tasks/main.yml Line 24. +ldapAgentName: DN of LDAP user that is used for ldap connection. +ldapAgentPassword: Password for the LDAP user +ldapHost: Host running ldap +ldapPort: Port for connecting to LDAP diff --git a/main.yml b/main.yml index f94bb72..296fca9 100644 --- a/main.yml +++ b/main.yml @@ -1,5 +1,5 @@ --- -- hosts: all +- hosts: localhost become: yes remote_user: root vars_files: diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index b607ef2..165a302 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -34,11 +34,11 @@ - debug: var: mysql_grant -- name: Show {{ nc_db_user }} privilages +- name: "{{ nc_db_user }} privileges" community.mysql.mysql_query: login_db: "{{ nc_db_name }}" login_unix_socket: /var/run/mysqld/mysqld.sock query: SELECT user, host, db, select_priv, insert_priv, grant_priv FROM mysql.db WHERE user="{{ nc_db_user }}" - register: grants + register: user_privileges - debug: - var: grants + var: user_privileges.query_result diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index b85d580..0b9a886 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -13,66 +13,66 @@ # url: https://download.nextcloud.com/server/releases/nextcloud-{{ nc_version }}.zip # dest: /tmp/ # -#- name: Create LDAP suffix from domain name -# shell: echo "{{ domainname }}" | sed -e 's/^/dc=/' -e 's/\./,dc=/g' -# args: -# executable: /bin/bash -# register: ldap_suffix -# -#- name: Passing value to ldapBaseDN -# set_fact: -# ldapBaseDN: cn=users,cn=accounts,{{ ldap_suffix.stdout }} -#- debug: -# var: ldapBaseDN -# -#- name: Extract nextcloud -# unarchive: -# src: "/tmp/nextcloud-{{ nc_version }}.zip" -# dest: /tmp/ -# owner: www-data -# group: www-data -# -#- name: Copy occ to /usr/bin -# template: -# src: occ.j2 -# dest: /usr/bin/occ -# mode: u+x,g+x,o+x -# -#- name: Installistaion using occ -# shell: | -# occ maintenance:install --no-interaction --database "{{ nc_db }}" \ -# --database-host "{{ nc_db_host }}" --database-name "{{ nc_db_name}}" \ -# --database-user "{{ nc_db_user }}" --database-pass "{{ nc_db_pass}}" \ -# --admin-user "{{ nc_admin_username }}" --admin-pass "{{ nc_admin_pass }}" -# register: occ_install -#- debug: -# var: occ_install -# -#- name: Adding trusted domains to config.php -# shell: occ config:system:set trusted_domains --value {{ item.value }} {{ item.key }} -# with_dict: -# - "{{ nc_trusted_domains }}" -# register: occ_trusted_domains -#- debug: -# var: occ_trusted_domain.result -# -#- name: Installing apps -# shell: | -# apps=({{nc_app_list|join(" ")}}) -# for item in "${apps[@]}" -# do -# occ app:install "${item}" -# done -# register: occ_app_install -# args: -# executable: /bin/bash -# chdir: "{{ nc_root }}" -#- debug: -# var: occ_app_install.stdout -# -#- name: Ldap configuration -# shell: occ ldap:set-config s01 "{{item.key}} {{item.value}}" -# with_dict: "{{ ldap }}" +- name: Create LDAP suffix from domain name of the form dc=example,dc=com + shell: echo "{{ domainname }}" | sed -e 's/^/dc=/' -e 's/\./,dc=/g' + args: + executable: /bin/bash + register: ldap_suffix + +- name: Passing value to ldapBaseDN + set_fact: + ldapBaseDN: cn=users,cn=accounts,{{ ldap_suffix.stdout }} +- debug: + var: ldapBaseDN + +- name: Extract nextcloud + unarchive: + src: "/tmp/nextcloud-{{ nc_version }}.zip" + dest: /tmp/ + owner: www-data + group: www-data + +- name: Copy occ to /usr/bin + template: + src: occ.j2 + dest: /usr/bin/occ + mode: u+x,g+x,o+x + +- name: Installistaion using occ + shell: | + occ maintenance:install --no-interaction --database "{{ nc_db }}" \ + --database-host "{{ nc_db_host }}" --database-name "{{ nc_db_name}}" \ + --database-user "{{ nc_db_user }}" --database-pass "{{ nc_db_pass}}" \ + --admin-user "{{ nc_admin_username }}" --admin-pass "{{ nc_admin_pass }}" + register: occ_install +- debug: + var: occ_install + +- name: Adding trusted domains to config.php + shell: occ config:system:set trusted_domains --value {{ item.value }} {{ item.key }} + with_dict: + - "{{ nc_trusted_domains }}" + register: occ_trusted_domains +- debug: + msg: "{{ occ_trusted_domains.results | json_query('[*].{ Command: cmd, Result: stdout }') }}" + +- name: Installing apps + shell: occ app:install "{{ item }}" + with_items: + - "{{ nc_app_list }}" + register: occ_app_install +- debug: + var: occ_app_install.stdout + +- name: Enable ldap + shell: occ app:enable user_ldap + +- name: Create empty ldap config + shell: occ ldap:create-empty-config + +- name: Ldap configuration + shell: occ ldap:set-config s01 "{{item.key}} {{item.value}}" + with_dict: "{{ ldap }}" - name: Provision email accounts for PostgreSQL community.postgresql.postgresql_query: @@ -92,6 +92,3 @@ login_unix_socket: /var/run/mysqld/mysqld.sock query: INSERT into oc_mail_provisionings (provisioning_domain,email_template,imap_user,imap_host,imap_port,imap_ssl_mode,smtp_user,smtp_host,smtp_port,smtp_ssl_mode) VALUES ('*', '%EMAIL%', '%EMAIL%' , '{{ domainname }}', 993, 'ssl','%USERID%','{{ domainname }}',587,'tls') when: "{{ nc_db == 'mysql' }}" - register: insert -- debug: - var: insert diff --git a/vars.yml b/vars.yml index 7dcc617..2dec103 100644 --- a/vars.yml +++ b/vars.yml @@ -1,4 +1,19 @@ --- +# Line 18: Domain Name +# Line 21: DN of user which connect to nextcloud +# Line 22: Password of user set in line 21 +# Line 29: LDAP server hostname/ip +# Line 31: Port for connecting LDAP server +# Line 42: Administrator username for Nextcloud +# Line 43: Administrator password +# Line 57: Database Software used. +# Line 58: Database host +# Line 59: Database name +# Line 60: Database Role name +# Line 61: Database Role password +# Line 62: Root folder for Nextcloud +# Line 63: Trusted domains +# Line 64: Version number that is to be downloaded domainname: amogha.labnetwork.in @@ -30,14 +45,15 @@ nc_app_list: - mail #- richdocumentscode #- richdocuments - #- contacts - #- deck + - contacts + - deck #- spreed #- announcementcenter #- apporder #- bruteforcesettings #- calendar #- groupfolders +# mysql or pgsql nc_db: mysql nc_db_host: localhost nc_db_name: nextcloud_test2 @@ -82,7 +98,7 @@ nc_dependency_packages: nc_root: /tmp/nextcloud nc_trusted_domains: - 0: amogha.labnetwork.in + 0: "{{ domainname }}" nc_version: 23.0.3 postgres_packages: