Compare commits
8 commits
stable
...
backup/jle
Author | SHA1 | Date | |
---|---|---|---|
Jérémy Lecour | 5dc79e7e32 | ||
Jérémy Lecour | de38ecd881 | ||
Jérémy Lecour | d78cb1dbef | ||
Jérémy Lecour | e2c4472de5 | ||
Jérémy Lecour | b2aaf14e80 | ||
Jérémy Lecour | c4731fb37e | ||
Jérémy Lecour | 0545863df2 | ||
Victor LABORIE | 05ce477141 |
|
@ -20,6 +20,7 @@ The **patch** part changes incrementally at each release.
|
|||
* haproxy: install Munin plugins
|
||||
* proftpd: use proftpd_accounts list for manage ftp accounts
|
||||
* etc-git: add tags for Ansible
|
||||
* php: FPM default pool can be removed or not installed
|
||||
|
||||
### Changed
|
||||
* elasticsearch: use ES_TMPDIR variable for custom tmpdir, (from `/etc/default/elasticsearch` instead of changing `/etc/elesticsearch/jvm.options`).
|
||||
|
@ -33,6 +34,8 @@ The **patch** part changes incrementally at each release.
|
|||
* nginx: fix basic auth for default vhost
|
||||
* dovecot: fix support of plus sign
|
||||
* mysql/mysql-oracle: mysqltuner cron task is executable
|
||||
* php: fix FPM custom file permissions
|
||||
* php: more tasks notify FPM handler to restart if needed
|
||||
|
||||
## [9.1.6] - 2018-02-02
|
||||
|
||||
|
|
4
nextcloud/defaults/main.yml
Normal file
4
nextcloud/defaults/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
nextcloud_root: '/home'
|
||||
nextcloud_version: "13.0.1"
|
||||
nextcloud_instances: {}
|
165
nextcloud/tasks/main.yml
Normal file
165
nextcloud/tasks/main.yml
Normal file
|
@ -0,0 +1,165 @@
|
|||
---
|
||||
- name: Install dependencies
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- bzip2
|
||||
- php-ctype
|
||||
- php-gd
|
||||
- php-json
|
||||
- php-xml
|
||||
- php-mbstring
|
||||
- php-zip
|
||||
- php-pdo-mysql
|
||||
- php-curl
|
||||
- php-bz2
|
||||
- php-intl
|
||||
- php-mcrypt
|
||||
- php-ldap
|
||||
- php-imap
|
||||
- php-gmp
|
||||
- php-apcu
|
||||
- php-redis
|
||||
- python-mysqldb
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Create Nextcloud groups
|
||||
group:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Create Nextcloud users
|
||||
user:
|
||||
name: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
home: "{{ nextcloud_root }}/{{ item }}"
|
||||
shell: '/bin/bash'
|
||||
createhome: True
|
||||
state: present
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Create needed directories
|
||||
file:
|
||||
dest: "{{ nextcloud_root }}/{{ item[0] }}/{{ item[1] }}"
|
||||
state: directory
|
||||
mode: "0770"
|
||||
owner: "{{ item[0] }}"
|
||||
group: "{{ item[0] }}"
|
||||
with_nested:
|
||||
- "{{ nextcloud_instances | list }}"
|
||||
- [ 'logs', 'config', 'data', 'tmp' ]
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Retrieve Nextcloud archive
|
||||
get_url:
|
||||
url: "https://download.nextcloud.com/server/releases/nextcloud-{{ item.value.version | default(nextcloud_version) }}.tar.bz2"
|
||||
dest: "/home/nextcloud-{{ item.value.version | default(nextcloud_version) }}.tar.bz2"
|
||||
with_dict: "{{ nextcloud_instances }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Retrieve Nextcloud sha256 checksum
|
||||
get_url:
|
||||
url: "https://download.nextcloud.com/server/releases/nextcloud-{{ item.value.version | default(nextcloud_version) }}.tar.bz2.sha256"
|
||||
dest: "/home/nextcloud-{{ item.value.version | default(nextcloud_version) }}.tar.bz2.sha256"
|
||||
with_dict: "{{ nextcloud_instances }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Verify Nextcloud sha256 checksum
|
||||
command: "sha256sum -c nextcloud-{{ item.value.version | default(nextcloud_version) }}.tar.bz2.sha256"
|
||||
changed_when: False
|
||||
args:
|
||||
chdir: "/home/"
|
||||
with_dict: "{{ nextcloud_instances }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Extract Nextcloud archive
|
||||
unarchive:
|
||||
src: '/home/nextcloud-{{ item.value.version | default(nextcloud_version) }}.tar.bz2'
|
||||
dest: "{{ nextcloud_root }}/{{ item.key }}"
|
||||
remote_src: True
|
||||
mode: "0750"
|
||||
owner: "{{ item.key }}"
|
||||
group: "{{ item.key }}"
|
||||
with_dict: "{{ nextcloud_instances }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- include: mysql.yml
|
||||
|
||||
- name: Link config dir to global config dir
|
||||
file:
|
||||
src: "{{ nextcloud_root }}/{{ item }}/config/config.php"
|
||||
dest: "{{ nextcloud_root }}/{{ item }}/nextcloud/config/config.php"
|
||||
state: link
|
||||
owner: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
force: True
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Install Nextcloud
|
||||
shell: "php ./occ maintenance:install --database mysql --database-name {{ item.key }} --database-user {{ item.key }} --database-pass {{ item.value.db_pass }} --admin-user admin --admin-pass toor --data-dir {{ nextcloud_root }}/{{ item.key }}/data"
|
||||
args:
|
||||
chdir: "{{ nextcloud_root }}/{{ item.key }}/nextcloud/"
|
||||
creates: "{{ nextcloud_root }}/{{ item.key }}/config/config.php"
|
||||
with_dict: "{{ nextcloud_instances }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Configure Nextcloud cron
|
||||
cron:
|
||||
name: 'Nextcloud'
|
||||
minute: "*/15"
|
||||
job: "php -f ~/nextcloud/cron.php"
|
||||
user: "{{ item }}"
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Erase previously trusted domains config
|
||||
shell: "php ./occ config:system:set trusted_domains"
|
||||
args:
|
||||
chdir: "{{ nextcloud_root }}/{{ item }}/nextcloud/"
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Configure trusted domains
|
||||
shell: "php ./occ config:system:set trusted_domains {{ item[1] }} --value {{ nextcloud_instances[item[0]].domains[item[1]] }}"
|
||||
args:
|
||||
chdir: "{{ nextcloud_root }}/{{ item[0] }}/nextcloud/"
|
||||
with_nested:
|
||||
- "{{ nextcloud_instances | list }}"
|
||||
- "{{ range(0, nextcloud_instances | list | length ) | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
#- name: Configure memcache local to APCu
|
||||
# shell: "php ./occ config:system:set memcache.local --value '\\OC\\Memcache\\APCu'"
|
||||
# args:
|
||||
# chdir: "{{ nextcloud_root }}/{{ item }}/nextcloud/"
|
||||
# with_items: "{{ nextcloud_instances | list }}"
|
||||
# tags:
|
||||
# - nextcloud
|
||||
|
||||
- name: Fix right on config.php
|
||||
file:
|
||||
dest: "{{ nextcloud_root }}/{{ item }}/config/config.php"
|
||||
owner: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
mode: "0660"
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
78
nextcloud/tasks/mysql.yml
Normal file
78
nextcloud/tasks/mysql.yml
Normal file
|
@ -0,0 +1,78 @@
|
|||
---
|
||||
- name: Generate Mysql password
|
||||
shell: 'apg -n 1 -m 16 -M lcN'
|
||||
register: nextcloud_apg_password
|
||||
check_mode: no
|
||||
changed_when: False
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Set Mysql password
|
||||
set_fact:
|
||||
nextcloud_instances: "{{ nextcloud_instances | combine({ item[0]: nextcloud_instances[item[0]] | combine({ 'db_pass': item[1].stdout }) }, recursive=True) }}"
|
||||
with_together:
|
||||
- "{{ nextcloud_instances | list }}"
|
||||
- "{{ nextcloud_apg_password.results }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Create Mysql database
|
||||
mysql_db:
|
||||
name: "{{ item }}"
|
||||
config_file: "/root/.my.cnf"
|
||||
state: present
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Create Mysql user
|
||||
mysql_user:
|
||||
name: "{{ item.key }}"
|
||||
password: '{{ item.value.db_pass }}'
|
||||
priv: "{{ item.key }}.*:ALL"
|
||||
config_file: "/root/.my.cnf"
|
||||
update_password: always
|
||||
state: present
|
||||
with_dict: "{{ nextcloud_instances }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Store credentials in my.cnf
|
||||
ini_file:
|
||||
dest: "/home/{{ item }}/.my.cnf"
|
||||
owner: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
mode: "0600"
|
||||
section: client
|
||||
option: 'user'
|
||||
value: '{{ item }}'
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Store credentials in my.cnf
|
||||
ini_file:
|
||||
dest: "/home/{{ item }}/.my.cnf"
|
||||
owner: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
mode: "0600"
|
||||
section: client
|
||||
option: 'database'
|
||||
value: '{{ item }}'
|
||||
with_items: "{{ nextcloud_instances | list }}"
|
||||
tags:
|
||||
- nextcloud
|
||||
|
||||
- name: Store credentials in my.cnf
|
||||
ini_file:
|
||||
dest: "/home/{{ item.key }}/.my.cnf"
|
||||
owner: "{{ item.key }}"
|
||||
group: "{{ item.key }}"
|
||||
mode: "0600"
|
||||
section: client
|
||||
option: 'password'
|
||||
value: '{{ item.value.db_pass }}'
|
||||
with_dict: "{{ nextcloud_instances }}"
|
||||
tags:
|
||||
- nextcloud
|
|
@ -4,3 +4,4 @@ php_sury_enable: False
|
|||
php_fpm_enable: False
|
||||
php_apache_enable: False
|
||||
php_symfony_requirements: False
|
||||
php_fpm_add_www_pool: True
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
name: '{{ item }}'
|
||||
state: present
|
||||
with_items:
|
||||
- php5-fpm
|
||||
- php5
|
||||
- php5-fpm
|
||||
- php5
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- name: "Install PHP FPM packages (Debian 9 or later)"
|
||||
|
@ -14,8 +14,8 @@
|
|||
name: '{{ item }}'
|
||||
state: present
|
||||
with_items:
|
||||
- php-fpm
|
||||
- php
|
||||
- php-fpm
|
||||
- php
|
||||
when: ansible_distribution_major_version | version_compare('9', '>=')
|
||||
|
||||
- name: "Set config files for FPM (jessie)"
|
||||
|
@ -43,12 +43,13 @@
|
|||
mode: "0644"
|
||||
create: yes
|
||||
with_items:
|
||||
- { option: "short_open_tag", value: "Off" }
|
||||
- { option: "expose_php", value: "Off" }
|
||||
- { option: "display_errors", value: "Off" }
|
||||
- { option: "log_errors", value: "On" }
|
||||
- { option: "html_errors", value: "Off" }
|
||||
- { option: "allow_url_fopen", value: "Off" }
|
||||
- { option: "short_open_tag", value: "Off" }
|
||||
- { option: "expose_php", value: "Off" }
|
||||
- { option: "display_errors", value: "Off" }
|
||||
- { option: "log_errors", value: "On" }
|
||||
- { option: "html_errors", value: "Off" }
|
||||
- { option: "allow_url_fopen", value: "Off" }
|
||||
notify: restart php-fpm
|
||||
|
||||
- name: Disable PHP functions for FPM
|
||||
ini_file:
|
||||
|
@ -56,6 +57,7 @@
|
|||
section: PHP
|
||||
option: disable_functions
|
||||
value: "exec,shell-exec,system,passthru,putenv,popen"
|
||||
notify: restart php-fpm
|
||||
|
||||
- name: Custom php.ini for FPM
|
||||
copy:
|
||||
|
@ -63,6 +65,7 @@
|
|||
content: |
|
||||
; Put customized values here.
|
||||
force: no
|
||||
notify: restart php-fpm
|
||||
|
||||
- name: Set default PHP FPM values
|
||||
ini_file:
|
||||
|
@ -73,15 +76,18 @@
|
|||
mode: "0644"
|
||||
create: yes
|
||||
with_items:
|
||||
- { option: "pm", value: "ondemand" }
|
||||
- { option: "pm.max_children", value: "100" }
|
||||
- { option: "pm.process_idle_timeout", value: "10s" }
|
||||
- { option: "slowlog", value: "log/$pool.log.slow" }
|
||||
- { option: "request_slowlog_timeout", value: "5s" }
|
||||
- { option: "pm.status_path", value: "/fpm_status" }
|
||||
- { option: "request_terminate_timeout", value: "60s" }
|
||||
- { option: "chroot", value: "/var/www/html" }
|
||||
when: ansible_distribution_major_version | version_compare('9', '>=')
|
||||
- { option: "pm", value: "ondemand" }
|
||||
- { option: "pm.max_children", value: "100" }
|
||||
- { option: "pm.process_idle_timeout", value: "10s" }
|
||||
- { option: "slowlog", value: "log/$pool.log.slow" }
|
||||
- { option: "request_slowlog_timeout", value: "5s" }
|
||||
- { option: "pm.status_path", value: "/fpm_status" }
|
||||
- { option: "request_terminate_timeout", value: "60s" }
|
||||
- { option: "chroot", value: "/var/www/html" }
|
||||
notify: restart php-fpm
|
||||
when:
|
||||
- php_fpm_add_www_pool | bool
|
||||
- ansible_distribution_major_version | version_compare('9', '>=')
|
||||
|
||||
- name: Custom PHP FPM values
|
||||
copy:
|
||||
|
@ -89,7 +95,25 @@
|
|||
content: |
|
||||
; Put customized values here.
|
||||
; default_charset = "ISO-8859-1"
|
||||
mode: "0644"
|
||||
force: no
|
||||
notify: restart php-fpm
|
||||
when:
|
||||
- php_fpm_add_www_pool | bool
|
||||
- ansible_distribution_major_version | version_compare('9', '>=')
|
||||
|
||||
- name: Disable FPM www pool
|
||||
file:
|
||||
dest: "{{ item }}"
|
||||
state: absent
|
||||
with_items:
|
||||
- /etc/php/7.0/fpm/pool.d/www.conf
|
||||
- "{{ php_fpm_defaults_file }}"
|
||||
- "{{ php_fpm_custom_file }}"
|
||||
notify: restart php-fpm
|
||||
when:
|
||||
- not (php_fpm_add_www_pool | bool)
|
||||
- ansible_distribution_major_version | version_compare('9', '>=')
|
||||
|
||||
- name: "Set custom values for PHP to enable Symfony"
|
||||
ini_file:
|
||||
|
@ -99,6 +123,6 @@
|
|||
value: "{{ item.value }}"
|
||||
mode: "0644"
|
||||
with_items:
|
||||
- { option: "date.timezone", value: "Europe/Paris" }
|
||||
- { option: "date.timezone", value: "Europe/Paris" }
|
||||
notify: restart php-fpm
|
||||
when: php_symfony_requirements
|
||||
|
||||
|
|
Loading…
Reference in a new issue