From bfc9e53d7f2cbf6a3629b94d84fe5c00fdf54cef Mon Sep 17 00:00:00 2001 From: akshay Date: Sat, 2 Apr 2022 15:08:41 +0530 Subject: [PATCH] nextcloud ansible playbook --- hosts.ini | 1 + main.yml | 9 +++ roles/mysql/tasks/.main.yml.swp | Bin 0 -> 12288 bytes roles/mysql/tasks/main.yml | 44 +++++++++++++ roles/nextcloud/tasks/.main.yml.swp | Bin 0 -> 12288 bytes roles/nextcloud/tasks/main.yml | 97 ++++++++++++++++++++++++++++ roles/nextcloud/templates/occ.j2 | 2 + roles/postgres/tasks/main.yml | 30 +++++++++ vars.yml | 91 ++++++++++++++++++++++++++ 9 files changed, 274 insertions(+) create mode 100644 hosts.ini create mode 100644 main.yml create mode 100644 roles/mysql/tasks/.main.yml.swp create mode 100644 roles/mysql/tasks/main.yml create mode 100644 roles/nextcloud/tasks/.main.yml.swp create mode 100644 roles/nextcloud/tasks/main.yml create mode 100644 roles/nextcloud/templates/occ.j2 create mode 100644 roles/postgres/tasks/main.yml create mode 100644 vars.yml diff --git a/hosts.ini b/hosts.ini new file mode 100644 index 0000000..6dc6c5b --- /dev/null +++ b/hosts.ini @@ -0,0 +1 @@ +10.22.13.11 diff --git a/main.yml b/main.yml new file mode 100644 index 0000000..f94bb72 --- /dev/null +++ b/main.yml @@ -0,0 +1,9 @@ +--- +- hosts: all + become: yes + remote_user: root + vars_files: + - vars.yml + roles: + - mysql + - nextcloud diff --git a/roles/mysql/tasks/.main.yml.swp b/roles/mysql/tasks/.main.yml.swp new file mode 100644 index 0000000000000000000000000000000000000000..51cbe5b937b99696f2b5feb1a7351730c7c52407 GIT binary patch literal 12288 zcmeI2y>HV%7>BQnKxqXNV&H8V5GaXDVW=z^poCJ93iSgJlXbQa$BJX8zH{5CDhPxa z84w!_@CPt}_*h^?VgiAfV27OrsY1MGyK$6ORp~^f_oOFIeCPA~d+t0`wLNlmatg*O zqYT?1W554Q*oO!1v%!PM7;nfrZ|jcD+g8Wj%mx~suZ&PEDJO^$*NCG)NTb=7^MRqb zY~Xk9hn03S*!-^4O9sfmmJKB8MtQ8Cog6(eqOUnJJOl^!U)l2IG>{CC0Wv@a$N(82 z17v^fDDiUGC&5%02v?yWPl8ifgNao zyNtcs&DfniSUmp!f9>!8)d9x7BVUo1$W!DAvWQ$qP9ukqANv^lgnUHaBQKEW$YbO# z;vv(Bfvom3_7nMnd_dkHuaSF59l3-YMSksN>>KhKd56439wG@chYTUlu--?=14P$; z8=*!9$N(8217v^*j}w?(Vw8wM{7I z40%)Jb2?G8iSwy;B`YKSw6bVuK##sAw{UtQ`=ZtCkg_t{3tX5Un(7I+NUf}gd*mF<@o8OB6K3x553NS^lY!2 zJc|~$u^Zey9W&#xz}n&bxpmRC!A^MH+Z#R|0NA#XwZ)}ejAFNY8|!nON252?KQ4GD zR{H!wxmf9ZqAczP3s>AYTjCaX8v3EgE8{Iy$eRpt0^C$n?b+!Xtc_&la+&=F%)Z20 literal 0 HcmV?d00001 diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml new file mode 100644 index 0000000..b607ef2 --- /dev/null +++ b/roles/mysql/tasks/main.yml @@ -0,0 +1,44 @@ +--- +- name: Install MySQL packages + apt: + name: "{{ mysql_packages }}" + state: present + +- name: Create DB user - {{ nc_db_user }} + community.mysql.mysql_user: + name: "{{ nc_db_user }}" + password: "{{ nc_db_pass }}" + login_unix_socket: /var/run/mysqld/mysqld.sock + register: mysql_user + +- debug: + var: mysql_user + +- name: Create DB + community.mysql.mysql_db: + name: "{{ nc_db_name }}" + encoding: utf8mb4 + collation: utf8mb4_general_ci + login_unix_socket: /var/run/mysqld/mysqld.sock + state: present + register: mysql_db +- debug: + var: mysql_db + +- name: Grant all privilages to {{ nc_db_name }} + community.mysql.mysql_user: + name: "{{ nc_db_user }}" + priv: "{{ nc_db_name }}.*:ALL" + login_unix_socket: /var/run/mysqld/mysqld.sock + register: mysql_grant +- debug: + var: mysql_grant + +- name: Show {{ nc_db_user }} privilages + community.mysql.mysql_query: + login_db: "{{ nc_db_name }}" + login_unix_socket: /var/run/mysqld/mysqld.sock + query: SELECT user, host, db, select_priv, insert_priv, grant_priv FROM mysql.db WHERE user="{{ nc_db_user }}" + register: grants +- debug: + var: grants diff --git a/roles/nextcloud/tasks/.main.yml.swp b/roles/nextcloud/tasks/.main.yml.swp new file mode 100644 index 0000000000000000000000000000000000000000..81f085b8128c72df110be86eb2ec84d599b5beb2 GIT binary patch literal 12288 zcmeHNO^6&t6s~BDKS@ktJm|^Ftjp}0>FN9sOh#9X?qU`;aW!s?Bys5JuAS*@Pgkd_ zdUq$g8wKx*1ksx(J$W<%4;};&@#0AWB7%f~D0uXuqTj3Tp6UHbj5n1Y_;#wgUcGwn zd#_&Au-)2sYVtTgTtC3@*~!=!TaLAM?Rb;ze0Y>ObE@O?XyDeL+m*YN3fgU7+o4$0 zZXgrSj%6TJp|2e^r|hodhxJ}Jxb@2AXvsjyz-=**=vnLVc6RW<{(U4rRN2FKKQMD! zQ%j+efs%oefs%oefs%oefs%oefs%p$2Ln3V#9o6dcVzB3+4rV3-&wc(Dj6slC>baj zC>bajC>bajC>bajC>bajC>baj_zyDRc#IvwkNmOJz^A}Rz-3?=xCopErhv`BCtDfo0*?S&fZy(8>;`ZhxB{F5o(F2cR)7KD z-OJdwz-Pb};4R<+-~-2ir+_`cL%<*RF!lp*4Y&$?47>-N2F8FVfo;I`yBYfu_z-vl zI0H;(vHoX?-V`IG9?Wqevm9MN+Fp2XEiHLg* zK6&Eg#EUOMt(IK6O}wNNG^1F~`^uN0AGQ@ADR!Hlr1yAg!U$^7jRHrDn%{MzW&+F7 zR!1tGwjvp4Ev15HS9+qRx;m3JEhB4MM%J`)*-?J#=+w-_Nj_42tXkvM;fdo%C#Qys zO^(O#Gc_x8x&jVj{K%1m7=WH?tvWmd7bnLtZ3D?ehaaz1b)c%FhLu3J{jiyY{$f)} zcTVUAx52v|C!uW!^s=uy4Hu?Fj#3LU_6oE&=~ch)nim`c2!5oJS=k5zJ6$ zo<5gLQFm-)X$j?+TnkXJm(NQ-9I5ci=*r3{>Bz`k9uPH|GJq<~Nx?dnbey2@ds$7c zBMFkAKolpft36#k0~*N%D?cgLj1r+n#~>pLc2W|gL2RfV%;-`!@Uz402=x*ZVT$vE_JOKeWtl%#KO( z#GGMy$?c1oI=)J*U)hO3%kms#o1?@kg6Dhd#t)mns3=!$*`5{&9Z<1rYD)e50eX;MDzH)Wit((BdS)Xc z4RQtfYVBAiQG+imESNB)D&;~*b$9i{%mCeu?83qon;!IEUbfOp)4Yi30t6cB7yZcW z^(1s+x8u)?f?*Sjnpouh>A6+ru0}QT8KlMdi9u$jD-T8*+zrPl4^<6~{IssY3X*B6 zWOmkH%xa+7C@2&{H)pYG!H#KU5k(>0USP@0&ex_j2X&yJH#O$(%Vm}W!tF?tBCBp& z6}}9UJZ=eGxa?PL&mFU?S?_G!u2H{TEd(NVlAt1s&7!d@A{1#6qDa%T^v0I&UlEDW6QSEfO>pO&wn*=e WkaVJAtg}-Ar(r&U=M$J^S?n+GdRF29 literal 0 HcmV?d00001 diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml new file mode 100644 index 0000000..b85d580 --- /dev/null +++ b/roles/nextcloud/tasks/main.yml @@ -0,0 +1,97 @@ +--- +#- name: Install dependency packages +# apt: +# name: "{{ nc_dependency_packages }}" +# state: present +# register: installed +#- debug: +# var: installed +# +# +#- name: Download Nextcloud +# get_url: +# url: https://download.nextcloud.com/server/releases/nextcloud-{{ nc_version }}.zip +# dest: /tmp/ +# +#- name: Create LDAP suffix from domain name +# shell: echo "{{ domainname }}" | sed -e 's/^/dc=/' -e 's/\./,dc=/g' +# args: +# executable: /bin/bash +# register: ldap_suffix +# +#- name: Passing value to ldapBaseDN +# set_fact: +# ldapBaseDN: cn=users,cn=accounts,{{ ldap_suffix.stdout }} +#- debug: +# var: ldapBaseDN +# +#- name: Extract nextcloud +# unarchive: +# src: "/tmp/nextcloud-{{ nc_version }}.zip" +# dest: /tmp/ +# owner: www-data +# group: www-data +# +#- name: Copy occ to /usr/bin +# template: +# src: occ.j2 +# dest: /usr/bin/occ +# mode: u+x,g+x,o+x +# +#- name: Installistaion using occ +# shell: | +# occ maintenance:install --no-interaction --database "{{ nc_db }}" \ +# --database-host "{{ nc_db_host }}" --database-name "{{ nc_db_name}}" \ +# --database-user "{{ nc_db_user }}" --database-pass "{{ nc_db_pass}}" \ +# --admin-user "{{ nc_admin_username }}" --admin-pass "{{ nc_admin_pass }}" +# register: occ_install +#- debug: +# var: occ_install +# +#- name: Adding trusted domains to config.php +# shell: occ config:system:set trusted_domains --value {{ item.value }} {{ item.key }} +# with_dict: +# - "{{ nc_trusted_domains }}" +# register: occ_trusted_domains +#- debug: +# var: occ_trusted_domain.result +# +#- name: Installing apps +# shell: | +# apps=({{nc_app_list|join(" ")}}) +# for item in "${apps[@]}" +# do +# occ app:install "${item}" +# done +# register: occ_app_install +# args: +# executable: /bin/bash +# chdir: "{{ nc_root }}" +#- debug: +# var: occ_app_install.stdout +# +#- name: Ldap configuration +# shell: occ ldap:set-config s01 "{{item.key}} {{item.value}}" +# with_dict: "{{ ldap }}" + +- name: Provision email accounts for PostgreSQL + community.postgresql.postgresql_query: + db: "{{ nc_db_name }}" + login_host: "{{ nc_db_host}}" + login_user: "{{ nc_db_user }}" + login_password: "{{ nc_db_pass }}" + query: INSERT into oc_mail_provisionings (provisioning_domain,email_template,imap_user,imap_host,imap_port,imap_ssl_mode,smtp_user,smtp_host,smtp_port,smtp_ssl_mode) VALUES ('*', '%EMAIL%', '%EMAIL%' , '{{ domainname }}', 993, 'ssl','%USERID%','{{ domainname }}',587,'tls') + when: "{{ nc_db == 'pgsql' }}" + + +- name: Provision email accounts for MySQL + community.mysql.mysql_query: + login_db: "{{ nc_db_name }}" + login_user: "{{ nc_db_user }}" + login_password: "{{ nc_db_pass }}" + login_unix_socket: /var/run/mysqld/mysqld.sock + query: INSERT into oc_mail_provisionings (provisioning_domain,email_template,imap_user,imap_host,imap_port,imap_ssl_mode,smtp_user,smtp_host,smtp_port,smtp_ssl_mode) VALUES ('*', '%EMAIL%', '%EMAIL%' , '{{ domainname }}', 993, 'ssl','%USERID%','{{ domainname }}',587,'tls') + when: "{{ nc_db == 'mysql' }}" + register: insert +- debug: + var: insert diff --git a/roles/nextcloud/templates/occ.j2 b/roles/nextcloud/templates/occ.j2 new file mode 100644 index 0000000..066c228 --- /dev/null +++ b/roles/nextcloud/templates/occ.j2 @@ -0,0 +1,2 @@ +#! /bin/bash +sudo -u www-data php {{ nc_root }}/occ $* diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml new file mode 100644 index 0000000..c4716ba --- /dev/null +++ b/roles/postgres/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: Install Postgresql + apt: + name: "{{ postgres_packages }}" + state: present + register: psql + +- name: Create DB user + become: yes + become_user: postgres + community.postgresql.postgresql_user: + name: "{{ nc_db_user }}" + password: "{{ nc_db_pass }}" + +- name: Create nextcloud db + become: yes + become_user: postgres + community.postgresql.postgresql_db: + name: nextcloud + template: template0 + encoding: UNICODE + owner: "{{ nc_db_user }}" + +- name: Grant privilages for db to user + become: yes + become_user: postgres + community.postgresql.postgresql_user: + name: "{{ nc_db_user }}" + db: "{{ nc_db_name }}" + priv: ALL diff --git a/vars.yml b/vars.yml new file mode 100644 index 0000000..7dcc617 --- /dev/null +++ b/vars.yml @@ -0,0 +1,91 @@ +--- + +domainname: amogha.labnetwork.in + +ldap: + ldapAgentName: "uid=rouser,{{ ldapBaseDN }}" + ldapAgentPassword: dGVzdGFkbWluCg== + ldapBase: "{{ ldapBaseDN }}" + ldapBaseGroups: "{{ ldapBaseDN }}" + ldapBaseUsers: "{{ ldapBaseDN }}" + ldapConfigurationActive: 1 + ldapEmailAttribute: mail + ldapExpertUsernameAttr: uid + ldapHost: 10.22.13.12 + ldapLoginFilter: (&(|(objectclass=inetorgperson))(mail=%uid)) + ldapPort: 389 + ldapUserFilter: (|(objectclass=inetorgperson)) + ldapUserFilterObjectclass: inetorgperson + turnOnPasswordChange: 1 + +mysql_packages: + - mariadb-server + - mariadb-client + - php7.4-mysql + - python3-pymysql + +nc_admin_username: test +nc_admin_pass: adminpass +nc_app_list: + - mail + #- richdocumentscode + #- richdocuments + #- contacts + #- deck + #- spreed + #- announcementcenter + #- apporder + #- bruteforcesettings + #- calendar + #- groupfolders +nc_db: mysql +nc_db_host: localhost +nc_db_name: nextcloud_test2 +nc_db_user: username2 +nc_db_pass: password + +nc_dependency_packages: + - php7.4-bcmath + - php7.4-bz2 + - php7.4-cgi + - php7.4-cli + - php7.4-common + - php7.4-curl + - php7.4-dba + - php7.4-dev + - php7.4-enchant + - php7.4-fpm + - php7.4-gd + - php7.4-gmp + - php7.4-imap + - php7.4-interbase + - php7.4-intl + - php7.4-json + - php7.4-ldap + - php7.4-mbstring + - php7.4-mysql + - php7.4-odbc + - php7.4-opcache + - php7.4-pgsql + - php7.4-phpdbg + - php7.4-pspell + - php7.4-readline + - php7.4-snmp + - php7.4-soap + - php7.4-sqlite3 + - php7.4-sybase + - php7.4-tidy + - php7.4-xml + - php7.4-xmlrpc + - php7.4-xsl + - php7.4-zip + +nc_root: /tmp/nextcloud +nc_trusted_domains: + 0: amogha.labnetwork.in +nc_version: 23.0.3 + +postgres_packages: + - php7.4-pgsql + - python3-psycopg2 + - postgresql