senselab/ansible-role-nextcloud
4
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Anpassungen für Alias-Domains

Browse source
This commit is contained in:
phil 2021-10-14 16:09:47 +02:00
parent 118e5bc42f
commit c611852b77
9 changed files with 28 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
defaults/main.yml
View file

@ -13,7 +13,7 @@ nextcloud_php_memory_limit: 512M
nextcloud_php_upload_limit: 512M nextcloud_php_upload_limit: 512M
nextcloud_trusted_domains: ['localhost', '{{ instance.domain }}'] nextcloud_trusted_domains: ['localhost', '{{ instance.domain }}']
nextcloud_trusted_proxies: ['10.42.7.1'] nextcloud_trusted_proxies: ['10.42.7.1']
nextcloud_version: nextcloud-21.0.3 nextcloud_version: nextcloud-22.2.0
nextcloud_mail_from: noreply nextcloud_mail_from: noreply
nextcloud_mail_domain: postfach.senselab.org nextcloud_mail_domain: postfach.senselab.org
nextcloud_smtp_auth_type: LOGIN nextcloud_smtp_auth_type: LOGIN

3
tasks/gateway.yml
View file

@ -11,10 +11,11 @@
lineinfile: lineinfile:
path: /etc/dehydrated/domains.txt path: /etc/dehydrated/domains.txt
insertafter: "^# nextcloud" insertafter: "^# nextcloud"
line: "{{ instance.alias }}" line: "{{ item }}"
when: instance.alias is defined when: instance.alias is defined
register: dehydrated register: dehydrated
delegate_to: "{{ gateway_host }}" delegate_to: "{{ gateway_host }}"
loop: "{{ instance.alias }}"
- name: "gateway: {{ instance.domain }}: Zertifikat erstellen" - name: "gateway: {{ instance.domain }}: Zertifikat erstellen"
command: dehydrated --cron -g command: dehydrated --cron -g

5
tasks/main.yml
View file

@ -2,13 +2,18 @@
- import_tasks: version.yml - import_tasks: version.yml
tags: version tags: version
- import_tasks: gateway.yml - import_tasks: gateway.yml
tags: gateway
- import_tasks: database.yml - import_tasks: database.yml
tags: database
- import_tasks: php.yml - import_tasks: php.yml
tags: php
- import_tasks: apache.yml - import_tasks: apache.yml
tags: apache
- name: "Nextcloud installieren" - name: "Nextcloud installieren"
include_tasks: nextcloud.yml include_tasks: nextcloud.yml
when: nc_is_installed.stat.exists == False when: nc_is_installed.stat.exists == False
tags: nextcloud
- import_tasks: nextcloud_configuration.yml - import_tasks: nextcloud_configuration.yml
tags: configuration tags: configuration

1
tasks/nextcloud_configuration.yml
View file

@ -1,5 +1,4 @@
--- ---
#todo: Auch auf instances.alias anwenden
- name: "configuration: {{ instance.domain }}: trusted domains einrichten" - name: "configuration: {{ instance.domain }}: trusted domains einrichten"
command: 'php {{ nextcloud_install_path }}/occ config:system:set trusted_domains {{ item.0 }} --value "{{ item.1 }}"' command: 'php {{ nextcloud_install_path }}/occ config:system:set trusted_domains {{ item.0 }} --value "{{ item.1 }}"'
become: true become: true

2
tasks/packages.yml
View file

@ -6,7 +6,7 @@
- name: "packages: Datenbank-Pakete installieren" - name: "packages: Datenbank-Pakete installieren"
apt: apt:
pkg: pkg:
- python-pymysql - python3-pymysql
update_cache: yes update_cache: yes
cache_valid_time: 3600 cache_valid_time: 3600
delegate_to: "{{ database_host }}" delegate_to: "{{ database_host }}"

2
tasks/redis.yml
View file

@ -20,4 +20,4 @@
path: "{{ redis_config_file }}" path: "{{ redis_config_file }}"
regexp: '^databases 16$' regexp: '^databases 16$'
line: 'databases {{ instances_number }}' line: 'databases {{ instances_number }}'
when: instances_number <= 16 when: instances_number|int <= 16

6
templates/apache_alias.j2
View file

@ -1 +1,5 @@
ServerAlias {{ instance.alias }} {% if instance.alias is defined %}
{% for alias in instance.alias %}
ServerAlias {{ alias }}
{% endfor %}
{% endif %}

18
templates/nginx_site.j2
View file

@ -1,10 +1,10 @@
server { server {
listen 80; listen 80;
server_name {{ instance.domain }};
{% if instance.alias is defined %} {% if instance.alias is defined %}
server_name {{ instance.domain }}; {% for alias in instance.alias %}
server_name {{ instance.alias }}; server_name {{ alias }};
{% else %} {% endfor %}
server_name {{ instance.domain }};
{% endif %} {% endif %}
include snippets/letsencrypt.conf; include snippets/letsencrypt.conf;
location / { return 301 https://$http_host$request_uri; } location / { return 301 https://$http_host$request_uri; }
@ -31,11 +31,12 @@ server {
} }
{% if instance.alias is defined %} {% if instance.alias is defined %}
{% for alias in instance.alias %}
server { server {
listen 443 ssl http2; listen 443 ssl http2;
server_name {{ instance.alias }}; server_name {{ alias }};
ssl_certificate /var/lib/dehydrated/certs/{{ instance.alias }}/fullchain.pem; ssl_certificate /var/lib/dehydrated/certs/{{ alias }}/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/{{ instance.alias }}/privkey.pem; ssl_certificate_key /var/lib/dehydrated/certs/{{ alias }}/privkey.pem;
include /etc/nginx/proxy_params; include /etc/nginx/proxy_params;
add_header Referrer-Policy $referrerpolicy; add_header Referrer-Policy $referrerpolicy;
add_header Strict-Transport-Security $sts; add_header Strict-Transport-Security $sts;
@ -50,4 +51,5 @@ server {
proxy_pass http://{{ inventory_hostname }}:80; proxy_pass http://{{ inventory_hostname }}:80;
} }
} }
{% endif %} {% endfor %}
{% endif %}

4
vars/main.yml
View file

@ -10,6 +10,8 @@ instances:
user: bufas user: bufas
database: nc_bufas database: nc_bufas
- domain: nextcloud.systemausfall.org - domain: nextcloud.systemausfall.org
alias: speicher.roko.li alias:
- cloud.rostocker-institut.org
- speicher.roko.li
user: nextcloud user: nextcloud
database: nc_nextcloud database: nc_nextcloud