Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
84a7394fcc
|
||
|
|
fb6ca593b8
|
||
|
|
148b6b3b17
|
||
|
|
54015ef705
|
@ -9,12 +9,13 @@ This role configures a web server on your host for Nextcloud
|
||||
## Role configuration
|
||||
* `domain_name` (default: localdomain) - Your domain for web server configuration. i.e. `example.com` if you would like your Nextcloud instance to be reachable at nextcloud.example.com
|
||||
* `nextcloud_subdomain` (default: nextcloud) - The subdomain at which you'd like to access your Nextcloud instance
|
||||
* `nextcloud_ssl` (default: true) - Whether or not you'd like to enable SSL. This will not create certificates, you will need to configure [certbot](https://certbot.eff.org/instructions) or other certificates manually.
|
||||
* `nextcloud_ssl_certificate_path` (default: /etc/ssl/certs/ssl-cert-snakeoil.pem) - The path to your SSL certificate
|
||||
* `nextcloud_ssl_key_path` (default: /etc/ssl/private/ssl-cert-snakeoil.key) - The path to your SSL certificate key
|
||||
* `nextcloud_ssl` (default: false) - Whether or not you'd like to enable SSL. This will not create certificates, you will need to configure [certbot](https://certbot.eff.org/instructions) or other certificates manually.
|
||||
* `nextcloud_apache2_virtualhost` (default: false) - Enable this if you would like to use a virtual host configuration rather than directory-based. See the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html#apache-web-server-configuration) for more information.
|
||||
* `nextcloud_apache2_fcgi` (default: false) - Enable this if you are using `mod_fcgi` rather than the standard `mod_php`. This will enable the `mod_setenvif` PHP module.
|
||||
* `nextcloud_apache2_config_path` (default: /etc/apache2/sites-available/nextcloud.conf) - The path to your Nextcloud Apache2 site configuration.
|
||||
|
||||
### Experimental options
|
||||
* `nextcloud_nginx` (default: false) - Configure an nginx web server rather than Apache2. **nginx is not officially supported by Nextcloud**
|
||||
* `nextcloud_nginx_config_path` (default: /etc/nginx/nginx.conf) - The path to your Nextcloud nginx configuration.
|
||||
* `nextcloud_nginx_ssl_certificate_path` (default: /etc/ssl/nginx/nextcloud.localdomain.crt) - The path to your SSL certificate
|
||||
* `nextcloud_nginx_ssl_key_path` (default: /etc/ssl/nginx/nextcloud.localdomain.key) - The path to your SSL certificate key
|
||||
|
||||
@ -3,19 +3,14 @@
|
||||
# Your domain name for web server configuration
|
||||
domain_name: 'localdomain'
|
||||
|
||||
# The major version of Nextcloud to install
|
||||
nextcloud_version: 23
|
||||
|
||||
# The subdomain at which you'd like Nextcloud to be accessible at
|
||||
nextcloud_subdomain: nextcloud
|
||||
|
||||
nextcloud_www_path: '/var/www/nextcloud/'
|
||||
|
||||
nextcloud_ssl: true
|
||||
nextcloud_ssl_certificate_path: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
|
||||
nextcloud_ssl_key_path: "/etc/ssl/private/ssl-cert-snakeoil.key"
|
||||
nextcloud_hsts: true
|
||||
nextcloud_hsts_preload: false
|
||||
nextcloud_ssl: false
|
||||
nextcloud_ssl_certificate_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.crt"
|
||||
nextcloud_ssl_key_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.key"
|
||||
|
||||
# Apache configuration
|
||||
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
---
|
||||
- name: Enable Nextcloud site
|
||||
ansible.builtin.command: a2ensite nextcloud.conf
|
||||
|
||||
- name: Restart Apache
|
||||
ansible.builtin.systemd:
|
||||
name: httpd
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
---
|
||||
galaxy_info:
|
||||
role_name: nextcloud
|
||||
author: Corbin Bartsch
|
||||
description: Configure a Debian host for Nextcloud installation
|
||||
license: MIT
|
||||
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- name: Enable Nextcloud site
|
||||
ansible.builtin.command: a2ensite nextcloud.conf
|
||||
when: not nextcloud_nginx and not nextcloud_ssl
|
||||
@ -1,19 +1,9 @@
|
||||
---
|
||||
- name: Write Apache2 SSL nextcloud.conf file
|
||||
ansible.builtin.template:
|
||||
src: apache2_ssl_nextcloud.conf.j2
|
||||
dest: "{{ nextcloud_apache2_config_path }}"
|
||||
mode: '0644'
|
||||
become: true
|
||||
when: nextcloud_ssl
|
||||
notify: Enable Nextcloud site
|
||||
|
||||
- name: Write Apache2 nextcloud.conf file
|
||||
ansible.builtin.template:
|
||||
src: apache2_nextcloud.conf.j2
|
||||
dest: "{{ nextcloud_apache2_config_path }}"
|
||||
mode: '0644'
|
||||
become: true
|
||||
when: not nextcloud_ssl
|
||||
notify:
|
||||
- Enable Nextcloud site
|
||||
|
||||
@ -1,15 +0,0 @@
|
||||
---
|
||||
- name: Download latest Nextcloud {{ nextcloud_version }} tar.bz2 archive
|
||||
ansible.builtin.unarchive:
|
||||
src: "https://download.nextcloud.com/server/releases/latest-{{ nextcloud_version }}.tar.bz2"
|
||||
dest: "{{ nextcloud_www_path }}"
|
||||
extra_opts:
|
||||
- --transform
|
||||
- s/^nextcloud\///
|
||||
|
||||
- name: Change ownership of Nextcloud directories
|
||||
ansible.builtin.file:
|
||||
path: "{{ nextcloud_www_path }}"
|
||||
owner: www-data
|
||||
group: www-data
|
||||
recurse: true
|
||||
@ -10,13 +10,13 @@
|
||||
include_tasks: apache2_modules.yaml
|
||||
when: not nextcloud_nginx
|
||||
|
||||
- name: Enable Apache2 site
|
||||
include_tasks: apache2_site.yaml
|
||||
when: not nextcloud_nginx
|
||||
|
||||
- name: Create nginx config
|
||||
include_tasks: nginx_template.yaml
|
||||
when: nextcloud_nginx
|
||||
|
||||
- name: Install Nextcloud files
|
||||
include_tasks: install_nextcloud.yaml
|
||||
- name: Change ownership of Nextcloud directories
|
||||
ansible.builtin.file:
|
||||
path: "{{ nextcloud_www_path }}"
|
||||
owner: www-data
|
||||
group: www-data
|
||||
recurse: true
|
||||
|
||||
@ -4,6 +4,7 @@
|
||||
src: nginx.conf.j2
|
||||
dest: "{{ nextcloud_nginx_config_path }}"
|
||||
mode: '0644'
|
||||
backup: true
|
||||
become: true
|
||||
notify:
|
||||
- Restart nginx
|
||||
|
||||
@ -1,18 +1,16 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
<VirtualHost *:80>
|
||||
DocumentRoot {{ nextcloud_www_path }}
|
||||
ServerName {{ ansible_hostname }}.{{ domain_name }}
|
||||
|
||||
<Directory {{ nextcloud_www_path }}>
|
||||
Require all granted
|
||||
AllowOverride All
|
||||
Options FollowSymLinks MultiViews
|
||||
|
||||
<IfModule mod_dav.c>
|
||||
Dav off
|
||||
</IfModule>
|
||||
</Directory>
|
||||
</VirtualHost>
|
||||
DocumentRoot {{ nextcloud_www_path }}
|
||||
ServerName {{ ansible_hostname }}.{{ domain_name }}
|
||||
|
||||
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
|
||||
<Directory {{ nextcloud_www_path }}>
|
||||
Require all granted
|
||||
AllowOverride All
|
||||
Options FollowSymLinks MultiViews
|
||||
|
||||
<IfModule mod_dav.c>
|
||||
Dav off
|
||||
</IfModule>
|
||||
</Directory>
|
||||
</VirtualHost>
|
||||
|
||||
@ -1,43 +0,0 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
<IfModule mod_ssl.c>
|
||||
<VirtualHost *:80>
|
||||
ServerName {{ nextcloud_subdomain }}.{{ domain_name }}
|
||||
Redirect permanent / https://{{ nextcloud_subdomain }}.{{ domain_name }}/
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
ServerName {{ nextcloud_subdomain }}.{{ domain_name }}
|
||||
|
||||
DocumentRoot {{ nextcloud_www_path }}
|
||||
|
||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||
|
||||
SSLEngine on
|
||||
SSLCertificateFile {{ nextcloud_ssl_certificate_path }}
|
||||
SSLCertificateKeyFile {{ nextcloud_ssl_key_path }}
|
||||
|
||||
<Directory {{ nextcloud_www_path }}>
|
||||
Require all granted
|
||||
AllowOverride All
|
||||
Options FollowSymLinks MultiViews
|
||||
|
||||
<IfModule mod_dav.c>
|
||||
Dav off
|
||||
</IfModule>
|
||||
</Directory>
|
||||
|
||||
<FilesMatch "\.php$">
|
||||
SSLOptions +StdEnvVars
|
||||
</FilesMatch>
|
||||
|
||||
{% if nextcloud_hsts %}
|
||||
<IfModule mod_headers.c>
|
||||
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains{% if nextcloud_hsts_preload %}; preload{% endif %}"
|
||||
</IfModule>
|
||||
{% endif %}
|
||||
</VirtualHost>
|
||||
</IfModule>
|
||||
|
||||
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
|
||||
@ -1,28 +0,0 @@
|
||||
<?php
|
||||
$CONFIG = array (
|
||||
'instanceid' => '',
|
||||
'passwordsalt' => '',
|
||||
'secret' => '',
|
||||
'trusted_domains' =>
|
||||
array (
|
||||
0 => '{{ nextcloud_subdomain }}.{{ domain_name }}',
|
||||
),
|
||||
'datadirectory' => '{{ nextcloud_data_directory }}',
|
||||
'dbtype' => '{{ nextcloud_db_type }}',
|
||||
'version' => '23.0.3.2',
|
||||
'overwrite.cli.url' => 'http://{{ nextcloud_subdomain }}.{{ domain_name }}',
|
||||
'dbname' => 'nextcloud',
|
||||
'dbhost' => '{{ nextcloud_db_host }}:{{ nextcloud_db_port }}',
|
||||
'dbport' => '',
|
||||
'dbtableprefix' => 'oc_',
|
||||
'dbuser' => '{{ nextcloud_db_user }}',
|
||||
'dbpassword' => '{{ nextcloud_db_pass }}',
|
||||
'installed' => true,
|
||||
'twofactor_enforced' => 'true',
|
||||
'twofactor_enforced_groups' =>
|
||||
array (
|
||||
),
|
||||
'twofactor_enforced_excluded_groups' =>
|
||||
array (
|
||||
),
|
||||
);
|
||||
Loading…
x
Reference in New Issue
Block a user