nextcloud ansible playbook

4 years ago · bfc9e53d7f
9 changed files with 274 additions and 0 deletions
--- a/hosts.ini
+++ b/hosts.ini
@ -0,0 +1 @@
+10.22.13.11
--- a/main.yml
+++ b/main.yml
@ -0,0 +1,9 @@
+---
+- hosts: all
+  become: yes
+  remote_user: root
+  vars_files:
+    - vars.yml
+  roles: 
+    - mysql 
+    - nextcloud
--- a/roles/mysql/tasks/.main.yml.swp
+++ b/roles/mysql/tasks/.main.yml.swp
--- a/roles/mysql/tasks/main.yml
+++ b/roles/mysql/tasks/main.yml
@ -0,0 +1,44 @@
+---
+- name: Install MySQL packages
+  apt:
+    name: "{{ mysql_packages }}"
+    state: present
+
+- name: Create DB user - {{ nc_db_user }}
+  community.mysql.mysql_user:
+    name: "{{ nc_db_user }}"
+    password: "{{ nc_db_pass }}"
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+  register: mysql_user
+
+- debug:
+    var: mysql_user
+
+- name: Create DB
+  community.mysql.mysql_db:
+    name: "{{ nc_db_name }}"
+    encoding: utf8mb4
+    collation: utf8mb4_general_ci
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    state: present
+  register: mysql_db
+- debug: 
+    var: mysql_db
+
+- name: Grant all privilages to {{ nc_db_name }}
+  community.mysql.mysql_user:
+    name: "{{ nc_db_user }}"
+    priv:  "{{ nc_db_name }}.*:ALL"
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+  register: mysql_grant
+- debug:
+    var: mysql_grant
+
+- name: Show {{ nc_db_user }} privilages
+  community.mysql.mysql_query:
+    login_db: "{{ nc_db_name }}"
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    query: SELECT user, host, db, select_priv, insert_priv, grant_priv FROM mysql.db WHERE user="{{ nc_db_user }}"
+  register: grants
+- debug:
+    var: grants
--- a/roles/nextcloud/tasks/.main.yml.swp
+++ b/roles/nextcloud/tasks/.main.yml.swp
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@ -0,0 +1,97 @@
+---
+#- name: Install dependency packages
+#  apt:
+#    name: "{{ nc_dependency_packages }}"
+#    state: present
+#  register: installed
+#- debug: 
+#    var: installed
+#
+#
+#- name: Download Nextcloud
+#  get_url:
+#    url: https://download.nextcloud.com/server/releases/nextcloud-{{ nc_version }}.zip
+#    dest: /tmp/
+#
+#- name: Create LDAP suffix from domain name
+#  shell: echo "{{ domainname }}" | sed -e 's/^/dc=/' -e 's/\./,dc=/g'
+#  args:
+#    executable: /bin/bash
+#  register: ldap_suffix
+#
+#- name: Passing value to  ldapBaseDN
+#  set_fact:
+#    ldapBaseDN: cn=users,cn=accounts,{{ ldap_suffix.stdout }}
+#- debug:
+#    var: ldapBaseDN
+#
+#- name: Extract nextcloud
+#  unarchive:
+#    src: "/tmp/nextcloud-{{ nc_version }}.zip"
+#    dest: /tmp/
+#    owner: www-data
+#    group: www-data
+#
+#- name: Copy occ to /usr/bin
+#  template:
+#    src: occ.j2
+#    dest: /usr/bin/occ 
+#    mode: u+x,g+x,o+x
+#
+#- name: Installistaion using occ
+#  shell: |
+#   occ maintenance:install --no-interaction --database "{{ nc_db }}" \
+#   --database-host "{{ nc_db_host }}" --database-name "{{ nc_db_name}}" \
+#   --database-user "{{ nc_db_user }}" --database-pass "{{ nc_db_pass}}"  \
+#   --admin-user "{{ nc_admin_username }}" --admin-pass "{{ nc_admin_pass }}"
+#  register: occ_install
+#- debug: 
+#    var: occ_install
+#
+#- name: Adding trusted domains to config.php
+#  shell: occ config:system:set trusted_domains --value {{ item.value }} {{ item.key }}
+#  with_dict:
+#    - "{{ nc_trusted_domains }}" 
+#  register: occ_trusted_domains
+#- debug: 
+#    var: occ_trusted_domain.result
+#
+#- name: Installing apps
+#  shell: |
+#    apps=({{nc_app_list|join(" ")}})
+#    for item in "${apps[@]}"
+#    do
+#      occ app:install "${item}"
+#    done
+#  register: occ_app_install
+#  args:
+#    executable: /bin/bash
+#    chdir: "{{ nc_root }}"
+#- debug:
+#    var: occ_app_install.stdout
+#
+#- name: Ldap configuration
+#  shell: occ ldap:set-config s01 "{{item.key}} {{item.value}}"
+#  with_dict: "{{ ldap }}"
+
+- name: Provision email accounts for PostgreSQL
+  community.postgresql.postgresql_query:
+    db: "{{ nc_db_name }}"
+    login_host: "{{ nc_db_host}}"
+    login_user: "{{ nc_db_user }}"
+    login_password: "{{ nc_db_pass }}" 
+    query: INSERT into oc_mail_provisionings (provisioning_domain,email_template,imap_user,imap_host,imap_port,imap_ssl_mode,smtp_user,smtp_host,smtp_port,smtp_ssl_mode) VALUES ('*', '%EMAIL%', '%EMAIL%' , '{{ domainname }}', 993, 'ssl','%USERID%','{{ domainname }}',587,'tls')
+  when: "{{ nc_db  == 'pgsql' }}"
+
+
+- name: Provision email accounts for MySQL
+  community.mysql.mysql_query:
+    login_db: "{{ nc_db_name }}"
+    login_user: "{{ nc_db_user }}"
+    login_password: "{{ nc_db_pass }}"
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    query: INSERT into oc_mail_provisionings (provisioning_domain,email_template,imap_user,imap_host,imap_port,imap_ssl_mode,smtp_user,smtp_host,smtp_port,smtp_ssl_mode) VALUES ('*', '%EMAIL%', '%EMAIL%' , '{{ domainname }}', 993, 'ssl','%USERID%','{{ domainname }}',587,'tls')
+  when: "{{ nc_db  == 'mysql' }}"
+  register: insert
+- debug:
+    var: insert
--- a/roles/nextcloud/templates/occ.j2
+++ b/roles/nextcloud/templates/occ.j2
@ -0,0 +1,2 @@
+#! /bin/bash
+sudo -u www-data php {{ nc_root }}/occ $*
--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@ -0,0 +1,30 @@
+---
+- name: Install Postgresql
+  apt:
+    name: "{{ postgres_packages }}"
+    state: present
+  register: psql
+
+- name: Create DB user
+  become: yes
+  become_user: postgres
+  community.postgresql.postgresql_user:
+    name: "{{ nc_db_user }}"
+    password: "{{ nc_db_pass }}"
+
+- name: Create nextcloud db
+  become: yes
+  become_user: postgres
+  community.postgresql.postgresql_db:
+    name: nextcloud
+    template: template0
+    encoding: UNICODE
+    owner: "{{ nc_db_user }}"
+
+- name: Grant privilages for db to user
+  become: yes
+  become_user: postgres
+  community.postgresql.postgresql_user:
+    name: "{{ nc_db_user }}"
+    db: "{{ nc_db_name }}"
+    priv: ALL
--- a/vars.yml
+++ b/vars.yml
@ -0,0 +1,91 @@
+---
+
+domainname: amogha.labnetwork.in
+
+ldap:
+  ldapAgentName: "uid=rouser,{{ ldapBaseDN }}"
+  ldapAgentPassword: dGVzdGFkbWluCg==
+  ldapBase: "{{ ldapBaseDN }}"
+  ldapBaseGroups: "{{ ldapBaseDN }}"
+  ldapBaseUsers: "{{ ldapBaseDN }}"
+  ldapConfigurationActive: 1
+  ldapEmailAttribute: mail
+  ldapExpertUsernameAttr: uid
+  ldapHost: 10.22.13.12
+  ldapLoginFilter: (&(|(objectclass=inetorgperson))(mail=%uid))
+  ldapPort: 389
+  ldapUserFilter: (|(objectclass=inetorgperson))
+  ldapUserFilterObjectclass: inetorgperson
+  turnOnPasswordChange: 1
+
+mysql_packages:
+  - mariadb-server
+  - mariadb-client
+  - php7.4-mysql
+  - python3-pymysql
+
+nc_admin_username: test
+nc_admin_pass: adminpass
+nc_app_list:
+  - mail
+  #- richdocumentscode
+  #- richdocuments
+  #- contacts
+  #- deck
+  #- spreed 
+  #- announcementcenter
+  #- apporder
+  #- bruteforcesettings
+  #- calendar
+  #- groupfolders
+nc_db: mysql
+nc_db_host: localhost
+nc_db_name: nextcloud_test2
+nc_db_user: username2
+nc_db_pass: password
+
+nc_dependency_packages:
+  - php7.4-bcmath
+  - php7.4-bz2
+  - php7.4-cgi
+  - php7.4-cli
+  - php7.4-common
+  - php7.4-curl
+  - php7.4-dba
+  - php7.4-dev
+  - php7.4-enchant
+  - php7.4-fpm
+  - php7.4-gd
+  - php7.4-gmp
+  - php7.4-imap
+  - php7.4-interbase
+  - php7.4-intl
+  - php7.4-json
+  - php7.4-ldap
+  - php7.4-mbstring
+  - php7.4-mysql
+  - php7.4-odbc
+  - php7.4-opcache
+  - php7.4-pgsql
+  - php7.4-phpdbg
+  - php7.4-pspell
+  - php7.4-readline
+  - php7.4-snmp
+  - php7.4-soap
+  - php7.4-sqlite3
+  - php7.4-sybase
+  - php7.4-tidy
+  - php7.4-xml
+  - php7.4-xmlrpc
+  - php7.4-xsl
+  - php7.4-zip
+
+nc_root: /tmp/nextcloud
+nc_trusted_domains:
+  0: amogha.labnetwork.in
+nc_version: 23.0.3
+
+postgres_packages:
+  - php7.4-pgsql
+  - python3-psycopg2
+  - postgresql