Anpassungen für Alias-Domains

defaults/main.yml

@@ -13,7 +13,7 @@ nextcloud_php_memory_limit: 512M
 nextcloud_php_upload_limit: 512M
 nextcloud_trusted_domains: ['localhost', '{{ instance.domain }}']
 nextcloud_trusted_proxies: ['10.42.7.1']
-nextcloud_version: nextcloud-21.0.3
+nextcloud_version: nextcloud-22.2.0
 nextcloud_mail_from: noreply
 nextcloud_mail_domain: postfach.senselab.org
 nextcloud_smtp_auth_type: LOGIN

tasks/gateway.yml

@@ -11,10 +11,11 @@
   lineinfile:
     path: /etc/dehydrated/domains.txt
     insertafter: "^# nextcloud"
-    line: "{{ instance.alias }}"
+    line: "{{ item }}"
   when: instance.alias is defined
   register: dehydrated
   delegate_to: "{{ gateway_host }}"
+  loop: "{{ instance.alias }}"
 
 - name: "gateway: {{ instance.domain }}: Zertifikat erstellen"
   command: dehydrated --cron -g

tasks/main.yml

@@ -2,13 +2,18 @@
 - import_tasks: version.yml
   tags: version
 - import_tasks: gateway.yml
+  tags: gateway
 - import_tasks: database.yml
+  tags: database
 - import_tasks: php.yml
+  tags: php
 - import_tasks: apache.yml
+  tags: apache
 
 - name: "Nextcloud installieren"
   include_tasks: nextcloud.yml
   when: nc_is_installed.stat.exists == False
+  tags: nextcloud
 
 - import_tasks: nextcloud_configuration.yml
   tags: configuration

tasks/nextcloud_configuration.yml

@@ -1,5 +1,4 @@
 ---
-#todo: Auch auf instances.alias anwenden
 - name: "configuration: {{ instance.domain }}: trusted domains einrichten"
   command: 'php {{ nextcloud_install_path }}/occ config:system:set trusted_domains {{ item.0 }} --value "{{ item.1 }}"'
   become: true

tasks/packages.yml

@@ -6,7 +6,7 @@
 - name: "packages: Datenbank-Pakete installieren"
   apt:
     pkg:
-      - python-pymysql
+      - python3-pymysql
     update_cache: yes
     cache_valid_time: 3600
   delegate_to: "{{ database_host }}"

tasks/redis.yml

@@ -20,4 +20,4 @@
     path: "{{ redis_config_file }}"
     regexp: '^databases 16$'
     line: 'databases {{ instances_number }}'
-  when: instances_number <= 16
+  when: instances_number|int <= 16

templates/apache_alias.j2

@@ -1 +1,5 @@
-ServerAlias {{ instance.alias }}
+{% if instance.alias is defined %}
+  {% for alias in instance.alias %}
+ServerAlias {{ alias }}
+  {% endfor %}
+{% endif %}

templates/nginx_site.j2

@@ -1,10 +1,10 @@
 server {
         listen 80;
+	server_name {{ instance.domain }};
 {% if instance.alias is defined %}
-	server_name {{ instance.domain }};
+  {% for alias in instance.alias %}
-	server_name {{ instance.alias }};
+	server_name {{ alias }};
-{% else %}
+  {% endfor %}
-	server_name {{ instance.domain }};
 {% endif %}
         include snippets/letsencrypt.conf;
         location / { return 301 https://$http_host$request_uri; }
@@ -31,11 +31,12 @@ server {
 }
 
 {% if instance.alias is defined %}
+  {% for alias in instance.alias %}
 server {
 	listen 443 ssl http2;
-        server_name {{ instance.alias }};
+        server_name {{ alias }};
-        ssl_certificate /var/lib/dehydrated/certs/{{ instance.alias }}/fullchain.pem;
+        ssl_certificate /var/lib/dehydrated/certs/{{ alias }}/fullchain.pem;
-        ssl_certificate_key /var/lib/dehydrated/certs/{{ instance.alias }}/privkey.pem;
+        ssl_certificate_key /var/lib/dehydrated/certs/{{ alias }}/privkey.pem;
         include /etc/nginx/proxy_params;
         add_header Referrer-Policy $referrerpolicy;
         add_header Strict-Transport-Security $sts;
@@ -50,4 +51,5 @@ server {
                 proxy_pass http://{{ inventory_hostname }}:80;
         }
 }
-{% endif %}
+  {% endfor %}
+{% endif %}

vars/main.yml

@@ -10,6 +10,8 @@ instances:
     user: bufas
     database: nc_bufas
   - domain: nextcloud.systemausfall.org
-    alias: speicher.roko.li
+    alias:
+      - cloud.rostocker-institut.org 
+      - speicher.roko.li
     user: nextcloud
     database: nc_nextcloud