Unverified Commit a55fca97 authored by Marc Crebassa's avatar Marc Crebassa Committed by GitHub
Browse files

Merge branch 'master' into 201

parents 50e3b8ba 274c66b4
......@@ -336,6 +336,10 @@ Defines various method for retrieving a TLS certificate.
nextcloud_tls_cert_chain: /path/to/cert/chain
# ^remote absolute path to the certificate's full chain- used only by apache - Optional
```
```YAML
nextcloud_tls_session_cache_size: 50m
```
Set the size of the shared nginx TLS session cache to 50 MB.
### System configuration
......
......@@ -80,6 +80,7 @@ nextcloud_hsts: false # recommended >= 15552000
# nextcloud_tls_cert_chain: /path/to/cert/chain
# nextcloud_tls_src_cert: /path/to/cert
# nextcloud_tls_src_cert_key: /path/to/cert/key
nextcloud_tls_session_cache_size: 50m # in Byte or human readable size notation (g|m|k)
# [APPS]
nextcloud_apps: {}
......
---
- name: "[mySQL: Debian] - Service is installed."
package:
name: "{{ 'default-' if (ansible_distribution|lower) == 'debian' else '' }}{{ nextcloud_db_backend }}-server"
name: "{{ 'default-' if (ansible_distribution|lower) == 'debian' && nextcloud_db_backend == 'mysql' else '' }}{{ nextcloud_db_backend }}-server"
state: present
register: nc_mysql_db_install
......
......@@ -91,9 +91,17 @@
# do if the app is not enabled and ( (archive path is not "") or (app is disabled) )
when:
- item.key not in nc_available_apps.enabled
- (item.value is not empty) or (item.key in nc_available_apps.disabled)
- (item.value is not none) or (item.key in nc_available_apps.disabled)
with_dict: "{{ nextcloud_apps }}"
when:
- nextcloud_apps is defined
- nextcloud_apps is mapping
tags: install_apps
- name: Add indices
command: php occ db:add-missing-indices
args:
chdir: "{{ nextcloud_webroot }}"
become_user: "{{ nextcloud_websrv_user }}"
become: yes
become_flags: "{{ ansible_become_flags | default(omit) }}"
......@@ -13,7 +13,7 @@
owner: "{{ nextcloud_websrv_user }}"
group: "{{ nextcloud_websrv_group }}"
creates: "{{ nextcloud_webroot }}/apps/{{ nc_app_name }}"
when: nc_app_cfg is not empty
when: nc_app_cfg is not none
- name: "[ App {{ nc_app_name }} ] - enable the application."
become_user: "{{ nextcloud_websrv_user }}"
......@@ -39,7 +39,7 @@
owner: "{{ nextcloud_websrv_user }}"
group: "{{ nextcloud_websrv_group }}"
creates: "{{ nextcloud_webroot }}/apps/{{ nc_app_name }}"
when: nc_app_cfg.source is not empty
when: nc_app_cfg.source is not none
- name: "[ App {{ nc_app_name }} ] - enable the application."
become_user: "{{ nextcloud_websrv_user }}"
......
......@@ -56,7 +56,7 @@
- name: "[INSTALL] - Install APCu from backports."
package:
name: "{{ php_pkg_apcu }}"
state: latest
state: present
default_release: trusty-backports
when: ansible_distribution_release == "trusty"
......
......@@ -32,7 +32,7 @@ server {
ssl_certificate {{ nextcloud_tls_cert_file }};
ssl_certificate_key {{ nextcloud_tls_cert_key_file }};
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_cache shared:SSL:{{ nextcloud_tls_session_cache_size }};
# ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
......
......@@ -9,9 +9,13 @@
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
changed_when: false
- name: update ca-certs
apt: name=ca-certificates state=latest
- block:
apt:
name: ca-certificates
state: present
- block:
- name: Remove default travis databases
package:
name:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment