Update Nextcloud role to include Hiddenservice tasks

2023-05-21 23:01:31 +02:00 · 2023-05-21 23:01:31 +02:00 · 63eb7d74f7
commit 63eb7d74f7
parent 7f42bc9fd2
23 changed files with 282 additions and 244 deletions
--- a/templates/apache2/custom.conf.j2
+++ b/templates/apache2/custom.conf.j2
@ -1,7 +1,7 @@
 # {{ ansible_managed }}

-{% if instance.alias is defined %}
-{% for alias in instance.alias %}
+{% if item.alias is defined %}
+{% for alias in item.alias %}
 ServerAlias {{ alias }}
 {% endfor %}
 {% endif %}
--- a/templates/apache2/apache_site.conf.j2
+++ b/templates/apache2/apache_site.conf.j2
--- a/templates/apache2/nextcloud_sites.conf.j2
+++ b/templates/apache2/nextcloud_sites.conf.j2
@ -0,0 +1,5 @@
+### {{ ansible_managed }}
+
+{% for site in nextcloud_instances %}
+Use NCSite {{ site.name }} {{ site.user }}
+{% endfor %}
--- a/templates/fail2ban/jail.conf.j2
+++ b/templates/fail2ban/jail.conf.j2
@ -1,6 +1,6 @@
 # {{ ansible_managed }}

-[nextcloud-{{ instance.user }}]
+[nextcloud-{{ item.user }}]
 backend = auto
 enabled = true
 port = 80,443
@ -9,4 +9,4 @@ filter = nextcloud
 maxretry = 3
 bantime = 86400
 findtime = 43200
-logpath = {{ nextcloud_root }}/{{ instance.name }}/data/nextcloud.log
+logpath = {{ nextcloud_root }}/{{ item.name }}/data/nextcloud.log
--- a/templates/nginx_site.j2
+++ b/templates/nginx_site.j2
@ -1,8 +1,8 @@
 server {
        listen 80;
-	server_name {{ instance.name }};
-{% if instance.alias is defined %}
-  {% for alias in instance.alias %}
+	server_name {{ item.name }};
+{% if item.alias is defined %}
+  {% for alias in item.alias %}
 	server_name {{ alias }};
  {% endfor %}
 {% endif %}
@ -12,9 +12,9 @@ server {

 server {
 	listen 443 ssl http2;
-        server_name {{ instance.name }};
-        ssl_certificate /var/lib/dehydrated/certs/{{ instance.name }}/fullchain.pem;
-        ssl_certificate_key /var/lib/dehydrated/certs/{{ instance.name }}/privkey.pem;
+        server_name {{ item.name }};
+        ssl_certificate /var/lib/dehydrated/certs/{{ item.name }}/fullchain.pem;
+        ssl_certificate_key /var/lib/dehydrated/certs/{{ item.name }}/privkey.pem;
        include /etc/nginx/proxy_params;
        add_header Referrer-Policy $referrerpolicy;
        add_header Strict-Transport-Security $sts;
@ -30,8 +30,8 @@ server {
        }
 }

-{% if instance.alias is defined %}
-  {% for alias in instance.alias %}
+{% if item.alias is defined %}
+  {% for alias in item.alias %}
 server {
 	listen 443 ssl http2;
        server_name {{ alias }};
--- a/templates/php_fpm_pool.j2
+++ b/templates/php_fpm_pool.j2
@ -1,7 +1,7 @@
 [global]
 error_log = ${FPM_ERROR_LOG}

-[{{ instance.user }}]
+[{{ item.user }}]
 listen = ${FPM_SOCKET_PATH}
 pm = dynamic
 pm.max_children = 60