code cleanup, fixing issue #10

README.md

@@ -20,24 +20,26 @@ Role Variables
 nextcloud_domain: nextcloud.mydomain.com # domain used in nginx and nextcloud version (REQUIRED)
 mysql_root_pw: secret # root password for 
 nextcloud_repo_url: https://download.nextcloud.com/server/releases # where to get the nextcloud archive
-nextcloud_version: 12.0.2 # version to install
+nextcloud_version: 13.0.0 # version to install
 nextcloud_use_https: true # set to false if you want to run your instance behind a loadbalancer with ssl-termination
 nextcloud_ssl_cert: /etc/nginx/nextcloud.crt # self-signed ssl cert path
 nextcloud_ssl_key: /etc/nginx/nextcloud.key # ssl key path
 nextcloud_ssl_skip_gen: false # set to true if you do NOT want role to handle ssl cert generation (then you must provide nextcloud_ssl_* configured files)
 nextcloud_ssl_subject: '/C=CH/ST=Lucerne/L=Lucerne/O=/CN={{ nextcloud_domain }}' # subject for ssl cert
-nextcloud_working_dir: /nextcloud # directory for storing scripts
 nextcloud_web_root: /var/www/nextcloud # web root 
-nextcloud_data_root: '{{ nextcloud_working_dir }}/data'
-nextcloud_backup_dir: '{{ nextcloud_working_dir }}/backup'
+nextcloud_data_root: '/nextcloud/data'
 nextcloud_admin_user: admin # nextcloud admin username
 nextcloud_admin_pw: admin # nextcloud admin password
 nextcloud_mysql_db: nextcloud # name of nextcloud mysql db
 nextcloud_mysql_user: nextcloud # username for nextcloud mysql db
 nextcloud_mysql_pw: nextcloud  # password for nextcloud mysql db
 nextcloud_hsts_options: max-age=15768000; includeSubDomains; preload; # if set, hsts will be enabled with the given options
 nextcloud_upgrade: false # if set to true, nextcloud's updater.phar is run to upgrade nextcloud to the latest version
-
+nextcloud_max_upload_size: 16G # max upload size
+nextcloud_max_upload_time: 3600 # max upload time
+nextcloud_upload_tmp_dir: /nextcloud/tmp # php tmp directory
+nextcloud_http_port: 80 # http port
+nextcloud_https_port: 443 # https port
 ```
 
 Example Playbook

defaults/main.yml

@@ -3,7 +3,7 @@
 
 mysql_root_pw: secret
 nextcloud_repo_url: https://download.nextcloud.com/server/releases
-nextcloud_version: 13.0.0
+nextcloud_version: 13.0.4
 nextcloud_use_https: true
 nextcloud_domain: nextcloud.mydomain.com
 nextcloud_trusted_domains: ['localhost', '{{ nextcloud_domain }}']

tasks/installation.yml

@@ -10,7 +10,7 @@
     remote_src: true
     dest: '{{ nextcloud_web_root }}'
 
-- import_tasks: 'filesystem.yml'
+- import_tasks: 'permissions.yml'
 
 - name: installation - ensure nextcloud installation is finished
   command: 'php {{ nextcloud_web_root }}/occ maintenance:install --database "mysql" --database-name "{{ nextcloud_mysql_db }}"  --database-user "{{ nextcloud_mysql_user }}" --database-pass "{{ nextcloud_mysql_pw }}" --admin-user "{{ nextcloud_admin_user }}" --admin-pass "{{ nextcloud_admin_pw }}" --data-dir "{{ nextcloud_data_root }}"'

tasks/main.yml

@@ -67,6 +67,7 @@
     owner: root
     group: root
     mode: '0600'
+    force: no # don't overwrite, only create if not exists
 
 - name: ensure anonymous mysql user is absent
   mysql_user:
@@ -102,8 +103,8 @@
     line: '{{ item.option }} = {{ item.value }}'    
   with_items:
     - { option: 'expose_php', value: 'Off' }
-    #- { option: 'upload_max_filesize', value: '{{ nextcloud_max_upload_size }}' }
-    #- { option: 'post_max_size', value: '{{ nextcloud_max_upload_size }}' }
+    #- { option: 'upload_max_filesize', value: '{{ nextcloud_max_upload_size }}' } # -> .user.ini
+    #- { option: 'post_max_size', value: '{{ nextcloud_max_upload_size }}' } # -> .user.ini
     - { option: 'max_input_time', value: '{{ nextcloud_max_upload_time }}' }
     - { option: 'max_execution_time', value: '{{ nextcloud_max_upload_time }}' }
     - { option: 'upload_tmp_dir', value: '{{ nextcloud_upload_tmp_dir }}' }
@@ -219,11 +220,6 @@
     - nginx
     - redis
 
-#- name: ensure working dir is present
-#  file:
-#    path: '{{ nextcloud_working_dir }}'
-#    state: directory
-
 - name: ensure alias for the occ command exists in /root/.bashrc
   lineinfile:
     name: /root/.bashrc
@@ -242,7 +238,7 @@
   when: nextcloud_upgrade
 
 # call filesystem checks if not done by previous tasks
-- import_tasks: filesystem.yml
+- import_tasks: permissions.yml
   when: not new_installation.changed and not nextcloud_upgrade
 
 - name: performance tuning - ensure the nextcloud cronjob exists and runs every 15 min
@@ -251,3 +247,12 @@
     minute: 15
     user: nginx
     job: 'php -f {{ nextcloud_web_root | quote }}/cron.php'
+
+- name: ensure options are set in .user.ini
+  lineinfile:
+    path: '{{ nextcloud_web_root }}/.user.ini'
+    regexp: '^{{ item.option }}'
+    line: '{{ item.option }}={{ item.value }}'
+  with_items:
+    - { option: 'upload_max_filesize', value: '{{ nextcloud_max_upload_size }}' } 
+    - { option: 'post_max_size', value: '{{ nextcloud_max_upload_size }}' }

tasks/prerequisites.yml

@@ -93,27 +93,11 @@
     priv: '{{ nextcloud_mysql_db }}.*:ALL,GRANT'
     state: present
 
-- name: ensure php version is hidden
-  lineinfile:
-    path: /etc/php.ini
-    regexp: '^expose_php'
-    line: 'expose_php = Off'    
-  notify:
-    - reload php-fpm
-    - reload nginx
-
 - name: ensure pdo_mysql.ini config is present
   copy:
     src: pdo_mysql.ini
     dest: /etc/php.d/pdo_mysql.ini
 
-#- name: ensure redis.conf is present
-#  copy:
-#    src: redis.conf
-#    dest: /etc/redis.conf
-#  notify:
-#    - restart redis
-
 - name: ensure directory for php sessions exists and has nginx as owner
   file:
     path: /var/lib/php/session
@@ -177,11 +161,6 @@
     - nginx
     - redis
 
-#- name: ensure working dir is present
-#  file:
-#    path: '{{ nextcloud_working_dir }}'
-#    state: directory
-
 - name: ensure alias for the occ command exists in /root/.bashrc
   lineinfile:
     name: /root/.bashrc

tasks/upgrade.yml

@@ -15,7 +15,7 @@
   register: nextcloud_update_result
   changed_when: false # unsure if upgrade has been done -> inform later
 
-- import_tasks: filesystem.yml
+- import_tasks: permissions.yml
 
 - name: get current nextcloud version, after running updater.phar
   shell: '{{ nextcloud_web_root }}/occ -V'