nc_installation.yml 4.14 KB
Newer Older
Aalaesar's avatar
Aalaesar committed
1
2
3
4
---
#########
# Run command line installation.
# the web server must be running by now in order to launch the installation
5
6
7
- name: Trigger all pending handlers
  meta: flush_handlers

Aalaesar's avatar
Aalaesar committed
8
9
10
11
12
13
14
15
16
- name: "[NC] - Setting directory ownership & permissions for the data folder"
  file:
    path: "{{ nextcloud_data_dir }}"
    mode: u=rwX,g=rX,o-rwx
    recurse: yes
    state: directory
    owner: "{{ websrv_user }}"
    group: "{{ websrv_group }}"

17
- name: "[NC] - generate {{ nextcloud_admin_name }} password:"
18
  set_fact: nextcloud_admin_pwd="{{ lookup( 'password', 'nextcloud_instances/'+ nextcloud_instance_name +'/web_admin.pwd length=10' ) }}"
19
20
  when: nextcloud_admin_pwd is not defined

Aalaesar's avatar
Aalaesar committed
21
22
23
24
25
26
27
28
- name: "[NC] - Set temporary permissions for command line installation."
  file:
    path: "{{ nextcloud_webroot }}"
    state: directory
    recurse: yes
    owner: "{{ websrv_user }}"
    group: "{{ websrv_group }}"

29
# fix for mariadb with occ
30
31
32
33
34
- set_fact: nextcloud_tmp_backend="{{ nextcloud_db_backend }}"
  when: nextcloud_db_backend != "mariadb"
- set_fact: nextcloud_tmp_backend="mysql"
  when: nextcloud_db_backend == "mariadb"

35
- block:
36
37
38
39
  - name: "[NC] - removing possibly old or incomplete config.php"
    file:
      path: "{{ nextcloud_webroot }}/config/config.php"
      state: absent
40
41
42
  - name: "[NC] - Run occ installation command"
    become_user: "{{ websrv_user }}"
    command: >
43
44
45
46
47
48
49
50
51
        php occ maintenance:install
        --database={{ nextcloud_tmp_backend }}
        --database-host={{ nextcloud_db_host }}
        --database-name={{ nextcloud_db_name }}
        --database-user={{ nextcloud_db_admin }}
        --database-pass={{ nextcloud_db_pwd }}
        --admin-user={{ nextcloud_admin_name }}
        --admin-pass={{ nextcloud_admin_pwd }}
        --data-dir={{ nextcloud_data_dir }}
52
53
54
    args:
      chdir: "{{ nextcloud_webroot }}"
      creates: "{{ nextcloud_webroot }}/config/config.php"
55
56

  - name: "[NC] - Verify config.php - check filesize"
57
58
59
    stat: path="{{ nextcloud_webroot }}/config/config.php"
    register: _confsize
    failed_when: _confsize.stat.size is undefined or _confsize.stat.size <= 100
60
61
62

  - name: "[NC] - Verify config.php - php syntax check"
    command: "php -l {{ nextcloud_webroot }}/config/config.php"
63
64
65
    register: _confphp
    changed_when: False
    failed_when: _confphp.rc is defined and _confphp.rc != 0
66

67
68
69
70
71
72
  rescue:
    - name: "[NC] - removing config.php when occ fail"
      file:
        path: "{{ nextcloud_webroot }}/config/config.php"
        state: absent
      failed_when: True
73

74
- name: "[NC] - Add trusted domain in config.php"
Aalaesar's avatar
Aalaesar committed
75
76
77
78
79
  lineinfile:
    dest: "{{ nextcloud_webroot }}/config/config.php"
    line: "    1 => '{{ nextcloud_trusted_domain }}',"
    insertafter: "0 => '"
    state: present
80
81
82
83
84
85
86
87
88
89
  when: nextcloud_trusted_domain is string

- name: "[NC] - Add trusted domains in config.php"
  lineinfile:
    dest: "{{ nextcloud_webroot }}/config/config.php"
    line: "    {{ item.0 +1 }} => '{{ item.1 }}',"
    insertafter: "{{ item.0 }} => '"
    state: present
  with_indexed_items: "{{ nextcloud_trusted_domain }}"
  when: not nextcloud_trusted_domain is string
Aalaesar's avatar
Aalaesar committed
90

91
- name: "[NC] - Add local cache and urandom in config.php"
Aalaesar's avatar
Aalaesar committed
92
93
  lineinfile:
    dest: "{{ nextcloud_webroot }}/config/config.php"
94
    line: "{{ item }}"
Aalaesar's avatar
Aalaesar committed
95
96
    insertbefore: "\\);"
    state: present
97
98
99
  with_items:
    - "  'memcache.local' => '\\OC\\Memcache\\APCu',"
    - "  'open_basedir' => '/dev/urandom'"
Aalaesar's avatar
Aalaesar committed
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

- name: "[NC] - Ensure Nextcloud directories are 0750"
  command: find {{ nextcloud_data_dir }} -type d -exec chmod -c 0750 {} \;
  register: chmod_result
  changed_when: "chmod_result.stdout != \"\""

- name: "[NC] - Ensure Nextcloud files are 0640"
  command: find {{ nextcloud_data_dir }} -type f -exec chmod -c 0640 {} \;
  register: chmod_result
  changed_when: "chmod_result.stdout != \"\""

- name: "[NC] - Setting stronger directory ownership"
  file:
    path: "{{ nextcloud_webroot }}/{{ item }}/"
    recurse: yes
    owner: "{{ websrv_user }}"
    group: "{{ websrv_group }}"
    state: directory
  with_items:
    - apps
    - assets
    - config
    - themes
    - updater

125
- name: "[NC] - Give back execution permission to occ"
Aalaesar's avatar
Aalaesar committed
126
127
  file:
    path: "{{ nextcloud_webroot }}/occ"
128
    mode: 0750