diff options
Diffstat (limited to 'roles/nextcloud/tasks/main.yml')
-rw-r--r-- | roles/nextcloud/tasks/main.yml | 136 |
1 files changed, 109 insertions, 27 deletions
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 09554e0..4c049a9 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -3,12 +3,13 @@ vars: packages: - php-cli + - php-bcmath - php-fpm - php-apcu - php-gd + - php-gmp - php-imagick - php-mbstring - - php-mcrypt - php-xml - php-curl - php-intl @@ -16,41 +17,44 @@ - php-mysql - php-zip - php-json + - php-gmp -- name: Configure PHP 7.0 Zend opcache - lineinfile: dest=/etc/php/7.0/fpm/php.ini +- name: Configure PHP 7.3 Zend opcache + lineinfile: dest=/etc/php/7.3/fpm/php.ini regexp='^;?{{ item.var }}\\s*=' line="{{ item.var }} = {{ item.value }}" owner=root group=root mode=0644 with_items: - - { var: opcache.enable, value: 1 } - - { var: opcache.enable_cli, value: 1 } - - { var: opcache.memory_consumption, value: 128 } - - { var: opcache.interned_strings_buffer, value: 8 } - - { var: opcache.max_accelerated_files, value: 10000 } - - { var: opcache.revalidate_freq, value: 1 } - - { var: opcache.fast_shutdown, value: 1 } + - { var: opcache.memory_consumption, value: 512 } + - { var: opcache.revalidate_freq, value: 180 } notify: - - Restart php7.0-fpm + - Restart php7.3-fpm -- name: Configure PHP 7.0 pool environment - lineinfile: dest=/etc/php/7.0/fpm/pool.d/www.conf - regexp='^;?env\[{{ item.var }}\]\\s*=' - line="env[{{ item.var }}] = {{ item.value }}" - owner=root group=root - mode=0644 - with_items: - - { var: HOSTNAME, value: "$HOSTNAME" } - - { var: PATH, value: "/usr/bin:/bin" } - - { var: TMP, value: "/tmp" } - - { var: TMPDIR, value: "/tmp" } - - { var: TEMP, value: "/tmp" } +- name: Create '_nextcloud' user + user: name=_nextcloud system=yes + group=nogroup + createhome=no + home=/nonexistent + shell=/usr/sbin/nologin + password=! + state=present + +- name: Delete PHP 7.3 FPM's www pool + file: path=/etc/php/7.3/fpm/pool.d/www.conf state=absent + notify: + - Restart php7.3-fpm + +- name: Configure PHP 7.3 FPM's nextcloud pool + copy: src=etc/php/fpm/pool.d/nextcloud.conf + dest=/etc/php/7.3/fpm/pool.d/nextcloud.conf + owner=root group=root + mode=0644 notify: - - Restart php7.0-fpm + - Restart php7.3-fpm -- name: Start php7.0-fpm - service: name=php7.0-fpm state=started +- name: Start php7.3-fpm + service: name=php7.3-fpm state=started - name: Copy /etc/cron.d/nextcloud copy: src=etc/cron.d/nextcloud @@ -103,6 +107,84 @@ - genkey - import_tasks: ldap.yml - when: "'LDAP-provider' not in group_names" + when: "'LDAP_provider' not in group_names" tags: - ldap + +# Note: intentionally don't set an owner/group as we don't want to set +# ownership unless the path is a mountpoint. The service will fail +# unless the data directory is mounted and accessible, and that's what +# we want. +- name: Create directory /mnt/nextcloud-data + file: path=/mnt/nextcloud-data + state=directory + mode=0700 + +- name: Create directory /var/www/nextcloud + file: path=/var/www/nextcloud + state=directory + owner=root group=root + mode=0755 + +# Note: Nextcloud doesn't like symlinked apps +# * https://github.com/nextcloud/server/issues/10437 +# * https://github.com/nextcloud/server/issues/13556 +- name: Create directory /var/www/nextcloud/apps + file: path=/var/www/nextcloud/apps + state=directory + owner=_nextcloud group=nogroup + mode=0755 + +- name: Create directory /var/log/nextcloud + file: path=/var/log/nextcloud + state=directory + owner=_nextcloud group=adm + mode=0750 + +- name: Create directory /var/cache/nextcloud + file: path=/var/cache/nextcloud + state=directory + owner=_nextcloud group=nogroup + mode=0700 + +- name: Copy Nextcloud logrotate snippet + copy: src=etc/logrotate.d/nextcloud + dest=/etc/logrotate.d/nextcloud + owner=root group=root + mode=0644 + tags: + - logrotate + +- name: Install redis-server + apt: pkg={{ packages }} + vars: + packages: + - php-redis + - redis-server + +- name: Configure Redis + lineinfile: dest=/etc/redis/redis.conf + regexp='^#?\\s*{{ item.var }}\\s+' + line="{{ item.var }} {{ item.value }}" + owner=redis group=redis + mode=0640 + with_items: + - { var: port, value: 0 } + - { var: unixsocket, value: /run/redis/redis-server.sock } + - { var: unixsocketperm, value: 660 } + notify: + - Restart Redis + +- name: Start redis-server + service: name=redis-server state=started + +- name: Add '_nextcloud' user to 'redis' group + user: name=_nextcloud groups=redis append=yes + notify: + - Restart php7.3-fpm + +- name: Install other Nextcloud dependencies + apt: pkg={{ packages }} + vars: + packages: + - libmagickcore-6.q16-6-extra |