ansible-roles/webapps/nextcloud/tasks/user.yml

---
- name: Check nextcloud user id is over 2999
  ansible.builtin.assert:
    that:
      - nextcloud_user_uid >= 3000

- name: Create {{ nextcloud_user }} unix group

  ansible.builtin.group:
    name: "{{ nextcloud_user | mandatory }}"
    state: present
    gid: "{{ nextcloud_user_uid | mandatory }}"
  tags:
    - nextcloud

- name: Create {{ nextcloud_user | mandatory }} unix user
  ansible.builtin.user:
    name: "{{ nextcloud_user | mandatory }}"
    group: "{{ nextcloud_user | mandatory }}"
    home: "{{ nextcloud_home | mandatory }}"
    uid: "{{ nextcloud_user_uid | mandatory }}"
    shell: '/bin/bash'
    create_home: True
    state: present
#    mode: "0755"
  tags:
  - nextcloud

- name: Set mode for home directory
  ansible.builtin.file:
    path: "{{ nextcloud_home }}"
    mode: "0701"

- name: Create top-level directories
  ansible.builtin.file:
    dest: "{{ item }}"
    state: directory
    mode: "0700"
    owner: "{{ nextcloud_user }}"
    group: "{{ nextcloud_user }}"
  loop:
    - "{{ nextcloud_home }}/log"
    - "{{ nextcloud_home }}/tmp"
    - "{{ nextcloud_home }}/data"
  tags:
    - nextcloud

- name: Mount up Ceph volume by UUID
  ansible.posix.mount:
    path: "{{ nextcloud_data }}"
    src: "UUID={{ nextcloud_data_uuid }}"
    fstype: ext4
    opts: defaults,noexec,nosuid,nodev,relatime,lazytime
    state: mounted

- name: Set volume's root permissions and ownership
  ansible.builtin.file:
    path: "{{ nextcloud_data }}"
    owner: "{{ nextcloud_user }}"
    group: "{{ nextcloud_user }}"
    mode: "0700"
nextcloud: New role 2020-10-02 16:51:05 +02:00			`---`
webapps/nextcloud: fix misplaced gid attr and added check for nexctcloud uid 2023-11-09 16:48:17 +01:00			`- name: Check nextcloud user id is over 2999`
			`ansible.builtin.assert:`
			`that:`
			`- nextcloud_user_uid >= 3000`

webapp/nextcloud: Change default folder mode to 0700 (+ better tasks name for user/group creation) 2022-09-01 12:38:10 +02:00			`- name: Create {{ nextcloud_user }} unix group`
Use FQCN Fully Qualified Collection Name 2023-03-20 23:33:19 +01:00
			`ansible.builtin.group:`
webapps/nextcloud: Use var nextcloud_user for unix group instead of instance_name to prevent mixup 2022-09-01 12:02:23 +02:00			`name: "{{ nextcloud_user \| mandatory }}"`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`state: present`
webapps/nextcloud: fix misplaced gid attr and added check for nexctcloud uid 2023-11-09 16:48:17 +01:00			`gid: "{{ nextcloud_user_uid \| mandatory }}"`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`tags:`
			`- nextcloud`

webapp/nextcloud: Change default folder mode to 0700 (+ better tasks name for user/group creation) 2022-09-01 12:38:10 +02:00			`- name: Create {{ nextcloud_user \| mandatory }} unix user`
Use FQCN Fully Qualified Collection Name 2023-03-20 23:33:19 +01:00			`ansible.builtin.user:`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`name: "{{ nextcloud_user \| mandatory }}"`
webapps/nextcloud: Use var nextcloud_user for unix group instead of instance_name to prevent mixup 2022-09-01 12:02:23 +02:00			`group: "{{ nextcloud_user \| mandatory }}"`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`home: "{{ nextcloud_home \| mandatory }}"`
webapps/nextcloud Added var nextcloud_user_uid to enforce uid for nextcloud user 2023-11-09 15:19:15 +01:00			`uid: "{{ nextcloud_user_uid \| mandatory }}"`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`shell: '/bin/bash'`
Fix missing quote, option createhome -> create_home in Ansible 3.10, no mode option in user module (fix error introduced in e75eeb8c3fa6ed1dcb3f584f3408eb3f8e24b5e0) 2021-10-26 15:34:13 +02:00			`create_home: True`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`state: present`
Fix missing quote, option createhome -> create_home in Ansible 3.10, no mode option in user module (fix error introduced in e75eeb8c3fa6ed1dcb3f584f3408eb3f8e24b5e0) 2021-10-26 15:34:13 +02:00			`# mode: "0755"`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`tags:`
			`- nextcloud`

webapps/nextcloud: Set home directory's mode 2024-01-23 18:00:54 +01:00			`- name: Set mode for home directory`
			`ansible.builtin.file:`
			`path: "{{ nextcloud_home }}"`
			`mode: "0701"`

nextcloud: New role 2020-10-02 16:51:05 +02:00			`- name: Create top-level directories`
Use FQCN Fully Qualified Collection Name 2023-03-20 23:33:19 +01:00			`ansible.builtin.file:`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`dest: "{{ item }}"`
			`state: directory`
webapp/nextcloud: Change default folder mode to 0700 (+ better tasks name for user/group creation) 2022-09-01 12:38:10 +02:00			`mode: "0700"`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`owner: "{{ nextcloud_user }}"`
			`group: "{{ nextcloud_user }}"`
Use 'loop' syntax instead of 'with_items' 2021-05-04 14:18:40 +02:00			`loop:`
nextcloud: New role 2020-10-02 16:51:05 +02:00			`- "{{ nextcloud_home }}/log"`
			`- "{{ nextcloud_home }}/tmp"`
			`- "{{ nextcloud_home }}/data"`
			`tags:`
			`- nextcloud`
Add task for mount nextcloud_data volume 2023-05-19 16:21:41 +02:00
			`- name: Mount up Ceph volume by UUID`
			`ansible.posix.mount:`
			`path: "{{ nextcloud_data }}"`
fix Add Ceph volume to fstab : missing UUID= in src 2023-12-07 11:02:04 +01:00			`src: "UUID={{ nextcloud_data_uuid }}"`
Add task for mount nextcloud_data volume 2023-05-19 16:21:41 +02:00			`fstype: ext4`
			`opts: defaults,noexec,nosuid,nodev,relatime,lazytime`
webapps/nextcloud: Ajouter volume dans fstab 2023-12-07 09:34:04 +01:00			`state: mounted`
webapps/nextcloud: Set owner and mode once mounted 2023-12-07 09:42:34 +01:00
			`- name: Set volume's root permissions and ownership`
			`ansible.builtin.file:`
			`path: "{{ nextcloud_data }}"`
			`owner: "{{ nextcloud_user }}"`
			`group: "{{ nextcloud_user }}"`
			`mode: "0700"`