Nextcloud: Setup NC configuration via occ import

tasks/configuration.yml

@@ -3,16 +3,6 @@
   ansible.builtin.set_fact:
     nextcloud_install_path: "{{ nextcloud_root }}/{{ instances.name }}"
 
-- name: "Configuration | Richte trusted domains ein | {{ instances.name }}"
-  ansible.builtin.command:
-    cmd: 'php occ config:system:set trusted_domains {{ item.0 }} --value "{{ item.1 }}"'
-    chdir: "{{ nextcloud_install_path }}"
-  become: true
-  become_user: "{{ instances.user }}"
-  changed_when: true
-  with_indexed_items:
-    - '{{ instances.config.trusted_domains }}'
-
 - name: "Configuration | Richte cron-Job ein | {{ instances.name }}"
   ansible.builtin.cron:
     name: "nextcloud {{ instances.name }}"
@@ -21,79 +11,24 @@
     job: "php -f {{ nextcloud_install_path }}/cron.php"
     cron_file: "nextcloud"
 
-- name: "Configuration | Richte allgemeie Konfiguration ein | {{ instances.name }}"
+- name: "Configuration | Aktualisiere htaccess-Datei | {{ instances.name }}"
   ansible.builtin.command:
-    cmd: "{{ commands }}"
+    cmd: "php occ maintenance:update:htaccess --quiet"
     chdir: "{{ nextcloud_install_path }}"
   become: true
   become_user: "{{ instances.user }}"
   changed_when: true
-  loop:
-    - 'php occ config:system:set memcache.local --value "\\OC\\Memcache\\APCu"'
-    - 'php occ config:system:set memcache.distributed --value "\OC\Memcache\Redis"'
-    - "php occ background:cron"
-    - 'php occ config:system:set overwrite.cli.url --value https://{{ instances.name }}'
-    - 'php occ config:system:set htaccess.RewriteBase --value /'
-    - 'php occ maintenance:update:htaccess'
-    - 'php occ config:system:set default_language --value "de"'
-    - 'php occ config:system:set default_phone_region --value "DE"'
-  loop_control:
-    loop_var: commands
 
-- name: "Configuration | Richte Mailversand ein | {{ instances.name }}"
-  ansible.builtin.blockinfile:
-    path: "{{ nextcloud_config_file }}"
-    insertbefore: '^\);'
-    marker: "// {mark} ANSIBLE MANAGED BLOCK Mailversand"
-    block: |2
-        'mail_from_address' => '{{ instances.config.mail_from }}',
-        'mail_smtpmode' => 'smtp',
-        'mail_sendmailmode' => 'smtp',
-        'mail_domain' => '{{ instances.config.mail_domain }}',
-        'mail_smtpauthtype' => '{{ instances.config.smtp_auth_type }}',
-        'mail_smtphost' => '{{ instances.config.smtp_host }}',
-        'mail_smtpport' => '{{ instances.config.smtp_port }}',
+- name: "Configuration | Erstelle Konfiguration | {{ instances.name }}"
+  ansible.builtin.template:
+    src: config.json.j2
+    dest: "/tmp/{{ instances.name }}_config.json"
+    mode: "0644"
 
-- name: "Configuration | Richte Filelocking ein | {{ instances.name }}"
-  ansible.builtin.blockinfile:
-    path: "{{ nextcloud_config_file }}"
-    insertbefore: '^\);'
-    marker: "// {mark} ANSIBLE MANAGED BLOCK Filelocking"
-    block: |2
-        'filelocking.enabled' => true,
-        'memcache.locking' => '\OC\Memcache\Redis',
-        'redis' => array(
-             'host' => '/var/run/redis/redis-server.sock',
-             'port' => 0,
-             'dbindex' => {{ instance_id }},
-             'timeout' => 1.5,
-        ),
-
-- name: "Configuration | Richte trusted proxies ein | {{ instances.name }}"
+- name: "Configuration | Importiere Konfuration | {{ instances.name }}"
   ansible.builtin.command:
-    cmd: 'php occ config:system:set trusted_proxies {{ item.0 }} --value "{{ item.1 }}"'
+    cmd: "php occ config:import /tmp/{{ instances.name }}_config.json --quiet"
     chdir: "{{ nextcloud_install_path }}"
   become: true
   become_user: "{{ instances.user }}"
   changed_when: true
-  with_indexed_items:
-    - "{{ instances.config.trusted_proxies }}"
-
-- name: "Configuration | Richte Logging ein | {{ instances.name }}"
-  ansible.builtin.blockinfile:
-    path: "{{ nextcloud_config_file }}"
-    insertbefore: '^\);'
-    marker: "// {mark} ANSIBLE MANAGED BLOCK Logging"
-    block: |2
-        'log_type' => 'file',
-        'loglevel' => 1,
-        'logdateformat' => 'F d, Y H:i:s',
-        'log_type_audit' => 'file',
-
-- name: "Configuration | Erstelle OIDC-Konfiguration | {{ instances.name }}"
-  ansible.builtin.blockinfile:
-    path: "{{ nextcloud_config_file }}"
-    insertbefore: '^\);'
-    marker: "// {mark} ANSIBLE MANGED BLOCK OIDC"
-    block: "{{ instances.config.oidc }}"
-  when: instances.config.oidc is defined

tasks/hiddenservice.yml

@@ -3,7 +3,6 @@
   ansible.builtin.import_role:
     name: configure-hiddenservice
   delegate_to: "{{ onion_host }}"
-  when: item.config.hiddenservice is defined and item.config.hiddenservice
 
 - name: "Hiddenservice | Kopiere Apache-Anpassungen | {{ item.name }}"
   ansible.builtin.template:
@@ -11,13 +10,3 @@
     dest: "/etc/apache2/conf-available/{{ item.name }}.conf"
     mode: "0644"
   notify: reload apache
-
-# Das erste Argument gibt den Platz im Array an, beginnend mit 0.
-- name: "Hiddenservice | Richte trusted domains ein | {{ item.name }}"
-  ansible.builtin.command:
-    cmd: 'php occ config:system:set trusted_domains {{ item.config.trusted_domains | length }} --value "{{ hiddenservice_address.stdout }}"'
-    chdir: "{{ nextcloud_install_path }}"
-  become: true
-  become_user: "{{ item.user }}"
-  changed_when: true
-  when: item.config.hiddenservice is defined and item.config.hiddenservice

tasks/main.yml

@@ -38,7 +38,12 @@
 
 - name: Run Hiddenservice tasks
   ansible.builtin.include_tasks: hiddenservice.yml
+  when: item.hiddenservice is defined
   loop: "{{ nextcloud_instances }}"
+  tags: always
+  args:
+    apply:
+      tags: hiddenservice
 
 - name: Run Webserver tasks
   ansible.builtin.import_tasks: apache.yml