Fixes für zentrale Verwaltung
This commit is contained in:
parent
b33a014729
commit
a6fea170a4
10 changed files with 62 additions and 11 deletions
|
@ -4,6 +4,7 @@ mysql_socket: /var/run/mysqld/mysqld.sock
|
|||
nextcloud_admin_pw: admin
|
||||
nextcloud_admin_user: systemausfall.org
|
||||
nextcloud_admin_pw: admin
|
||||
nextcloud_db_password: "{{ lookup('password', '/tmp/{{ instance.domain }}_db_pwd length=42 chars=ascii_letters,digits') }}"
|
||||
nextcloud_dl_url: https://download.nextcloud.com/server/releases
|
||||
nextcloud_install_path: "/data/nextcloud/{{ instance.domain }}"
|
||||
nextcloud_config_file: "{{ nextcloud_install_path }}/config/config.php"
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
service:
|
||||
name: nginx
|
||||
state: reloaded
|
||||
delegate_to: "{{ nextcloud_gateway }}"
|
||||
delegate_to: "{{ gateway_host }}"
|
||||
|
||||
- name: restart phpfpm
|
||||
service:
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
mysql_user:
|
||||
name: "{{ instance.database }}"
|
||||
host: "{{ inventory_hostname }}"
|
||||
password: "{{ lookup('password', '/tmp/nc_db_password chars=ascii_letters') }}"
|
||||
password: "{{ nextcloud_db_password }}"
|
||||
priv: "{{ instance.database }}.*:ALL"
|
||||
state: present
|
||||
login_unix_socket: "{{ mysql_socket }}"
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
---
|
||||
- name: "fixes: {{ instance.domain }} https://github.com/nextcloud/files_pdfviewer/issues/381"
|
||||
- name: "fixes: {{ instance.domain }}: https://github.com/nextcloud/files_pdfviewer/issues/381"
|
||||
get_url:
|
||||
url: https://raw.githubusercontent.com/nextcloud/files_pdfviewer/6d81ffbb65c3758bece144e0aff07b4a0ad20eef/js/files_pdfviewer-main.js
|
||||
dest: "{{ nextcloud_install_path }}/apps/files_pdfviewer/js/files_pdfviewer-main.js"
|
||||
owner: "{{ instance.user }}"
|
||||
group: "{{ instance.user }}"
|
||||
when: nc_installed_version >= "21.0.2"
|
||||
when: nc_installed_version.stdout >= "21.0.2"
|
||||
|
|
|
@ -4,7 +4,14 @@
|
|||
path: /etc/dehydrated/domains.txt
|
||||
insertafter: "^# nextcloud"
|
||||
line: "{{ instance.domain }}"
|
||||
# when: dehydrated_installiert
|
||||
delegate_to: "{{ gateway_host }}"
|
||||
|
||||
- name: "gateway: {{ instance.domain }}: Alias zur Zertifikatsliste hinzufügen"
|
||||
lineinfile:
|
||||
path: /etc/dehydrated/domains.txt
|
||||
insertafter: "^# nextcloud"
|
||||
line: "{{ instance.alias }}"
|
||||
when: instance.alias is defined
|
||||
delegate_to: "{{ gateway_host }}"
|
||||
|
||||
- name: "gateway: {{ instance.domain }}: Zertifikat erstellen"
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
- import_tasks: version.yml
|
||||
tags: version
|
||||
|
||||
- import_tasks: packages.yml
|
||||
- import_tasks: gateway.yml
|
||||
- import_tasks: database.yml
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
command: >
|
||||
php "{{ nextcloud_install_path }}"/occ maintenance:install --database "mysql"
|
||||
--database-name "{{ instance.database }}" --database-user "{{ instance.database }}"
|
||||
--database-pass "{{ lookup('password', '/tmp/nc_db_password chars=ascii_letters') }}" --database-host "{{ database_host }}"
|
||||
--database-pass "{{ nextcloud_db_password }}" --database-host "{{ database_host }}"
|
||||
--admin-user "{{ nextcloud_admin_user }}" --admin-pass "{{ nextcloud_admin_pw }}"
|
||||
become: true
|
||||
become_user: "{{ instance.user }}"
|
||||
|
|
|
@ -3,12 +3,14 @@
|
|||
stat:
|
||||
path: "{{ nextcloud_install_path }}/version.php"
|
||||
register: nc_is_installed
|
||||
changed_when: false
|
||||
|
||||
- name: "version: {{ instance.domain }}: Prüfe NC-Version"
|
||||
shell:
|
||||
cmd: occ -V | cut -d ' ' -f2
|
||||
cmd: ./occ -V | cut -d ' ' -f2
|
||||
chdir: "{{ nextcloud_install_path }}"
|
||||
become: true
|
||||
become_user: "{{ instance.user }}"
|
||||
register: nc_installed_version
|
||||
when: nc_is_installed.stat.exists
|
||||
changed_when: false
|
||||
|
|
|
@ -1,13 +1,18 @@
|
|||
server {
|
||||
listen 80;
|
||||
server_name {{ instance.domain }};
|
||||
{% if instance.alias is defined %}
|
||||
server_name {{ instance.domain }};
|
||||
server_name {{ instance.alias }};
|
||||
{% else %}
|
||||
server_name {{ instance.domain }};
|
||||
{% endif %}
|
||||
include snippets/letsencrypt.conf;
|
||||
location / { return 301 https://$http_host$request_uri; }
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name {{ instance.domain }};
|
||||
listen 443 ssl http2;
|
||||
ssl_certificate /var/lib/dehydrated/certs/{{ instance.domain }}/fullchain.pem;
|
||||
ssl_certificate_key /var/lib/dehydrated/certs/{{ instance.domain }}/privkey.pem;
|
||||
include /etc/nginx/proxy_params;
|
||||
|
@ -24,3 +29,25 @@ server {
|
|||
proxy_pass http://{{ inventory_hostname }}:80;
|
||||
}
|
||||
}
|
||||
|
||||
{% if instance.alias is defined %}
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name {{ instance.alias }};
|
||||
ssl_certificate /var/lib/dehydrated/certs/{{ instance.alias }}/fullchain.pem;
|
||||
ssl_certificate_key /var/lib/dehydrated/certs/{{ instance.alias }}/privkey.pem;
|
||||
include /etc/nginx/proxy_params;
|
||||
add_header Referrer-Policy $referrerpolicy;
|
||||
add_header Strict-Transport-Security $sts;
|
||||
add_header X-Content-Type-Options $xcontentoptions;
|
||||
add_header X-XSS-Protection $xxssprotection;
|
||||
|
||||
location ~ /.well-known/(carddav|caldav) {
|
||||
return 301 $scheme://$host/remote.php/dav;
|
||||
}
|
||||
|
||||
location ~ \.* {
|
||||
proxy_pass http://{{ inventory_hostname }}:80;
|
||||
}
|
||||
}
|
||||
{% endif %}
|
|
@ -1,2 +1,15 @@
|
|||
---
|
||||
# vars file for nextcloud
|
||||
instances:
|
||||
- domain: cloud.eine-welt-mv.de
|
||||
user: ewlnmv
|
||||
database: nc_ewlnmv
|
||||
- domain: cloud.karo.ag
|
||||
user: karoag
|
||||
database: nc_karoag
|
||||
- domain: nextcloud.bufas.net
|
||||
user: bufas
|
||||
database: nc_bufas
|
||||
- domain: nextcloud.systemausfall.org
|
||||
alias: speicher.roko.li
|
||||
user: nextcloud
|
||||
database: nc_nextcloud
|
||||
|
|
Loading…
Reference in a new issue