vars_prompt:
- name: SITE
- prompt: 'quel type de site?(ex: nuage, www, wiki, paheko ou gestion)'
+ prompt: 'quel type de site?(ex: nuage, www, paheko ou WP)'
private: false
default: "nuage"
private: false
default: "lhc"
- - name: config_php
- prompt: 'Faut-il configurer un pool PHP?(ex: oui/non)'
- private: false
- default: "non"
-
- name: besoin_https
prompt: 'Faut-il configurer un certificat ssl pour le HTTPS?(ex: oui/non)'
private: false
default: "non"
- - name: sftp
- prompt: 'besoin de configurer un accès SFTP pour ce compte (ex: oui/non)'
- private: false
- default: "non"
-
- - name: sftp_key
- prompt: "Entrer la clé publique à autoriser pour l'acces SFTP (si nécessaire)"
- private: false
- default: "non"
-
- pre_tasks:
+ # pre_tasks:
- - name: Vérifier le sigle n'est pas déjà utilisé
- ansible.builtin.lineinfile:
- dest: /etc/passwd
- search_string: "site_{{ SIGLE }}_{{ SITE }}"
- state: absent
- check_mode: true
- changed_when: false
- register: presence_sigle
- failed_when: presence_sigle.changed
+ # - name: Vérifier le sigle n'est pas déjà utilisé
+ # ansible.builtin.lineinfile:
+ # dest: /etc/passwd
+ # search_string: "site_{{ SIGLE }}_{{ SITE }}"
+ # state: absent
+ # check_mode: true
+ # changed_when: false
+ # register: presence_sigle
+ # failed_when: presence_sigle.changed
tasks:
- name: Inclure la configuration d'un site web basique
ansible.builtin.include_tasks: tasks/config_www.yml
+ - name: Inclure les configurations optionnelles d'un site www
+ ansible.builtin.include_tasks: tasks/config_options_www.yml
+ when: SITE != 'nuage'
+
- name: Inclure la configuration nginx
ansible.builtin.include_tasks: tasks/config_nginx.yml
vars:
template_site: "{{ SITE }}"
when: besoin_https == 'non'
-# scenario pre-install nginx sans ssl
-# test installed=false or needupgrade:true
-# test installed=true et needupgrade:false
-# puis certbot à la fin
-# puis template nginx ssl pour test manuel
-
- name: Bloc permettant de générer les certificats SSL
when: besoin_https == 'oui'
block:
- name: Inclure la configuration d'un pool PHP
ansible.builtin.include_tasks: tasks/config_pool_php.yml
- when: config_php == 'oui' or SITE == 'paheko' or SITE == 'gestion' or SITE == 'nuage'
+ when: config_php == 'oui' or SITE == 'paheko' or SITE == 'WP' or SITE == 'nuage'
+
+ - name: Inclure la configuration d'une bdd postgres
+ ansible.builtin.include_tasks: tasks/config_bdd_postgres.yml
+ when: config_bdd == 'postgres' or SITE == 'nuage'
+
+ - name: Inclure la configuration d'une bdd mariadb
+ ansible.builtin.include_tasks: tasks/config_bdd_mariadb.yml
+ when: config_bdd == 'mariadb' or SITE == 'WP'
- name: Inclure la configuration nextcloud si besoin
ansible.builtin.include_tasks: tasks/config_nuage.yml
- name: Inclure la configuration paheko si besoin
ansible.builtin.include_tasks: tasks/config_paheko.yml
- when: SITE == 'paheko' or SITE == 'gestion'
+ when: SITE == 'paheko'
+
+ - name: Inclure la configuration WP si besoin
+ ansible.builtin.include_tasks: tasks/config_wp.yml
+ when: SITE == 'WP'
- name: Inclure le configuration du backup
ansible.builtin.include_tasks: tasks/config_backup.yml
nextcloud_common_files_path: "/home/sites/data/nextcloud/common"
nextcloud_webroot: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/nuage"
nextcloud_source: "{{ nextcloud_sources_files_path }}/nextcloud-{{ nouvelle_version }}"
+nextcloud_old_source: "{{ nextcloud_sources_files_path }}/nextcloud-{{ ancienne_version }}"
nextcloud_symbolic_source: "../../../nextcloud/sources/nextcloud-{{ nouvelle_version }}"
nextcloud_common: "{{ nextcloud_common_files_path }}/nextcloud-{{ nouvelle_version }}"
-nextcloud_symbolic_common: "../../../nextcloud/common/nextcloud-{{ nouvelle_version }}"
+nextcloud_old_common: "{{ nextcloud_common_files_path }}/nextcloud-{{ ancienne_version }}"
+nextcloud_symbolic_common: "../../../nextcloud/common.config.php"
php_fpm_service: php{{ php_version}}-fpm
php_version: '8.2'
postgres_version: 15
-nextcloud_db_name: "php_{{ SIGLE }}_nuage"
\ No newline at end of file
+nextcloud_db_name: "{{ nextcloud_php_user}}"
\ No newline at end of file
--- /dev/null
+- name: Active le mode maintenance # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: './console maintenance:mode --on'
+ args:
+ chdir: "{{ nextcloud_webroot }}"
+
+- name: Create a dump of the postgreSQL database # noqa : command-instead-of-module
+ become: true
+ become_user: "{{ nextcloud_php_user }}"
+ ansible.builtin.command: "pg_dump -f /tmp/dump.pgc -F c -O -b {{ nextcloud_db_name }}"
+ args:
+ chdir: "{{ nextcloud_webroot }}"
+
+- name: Copy nextcloud config file
+ become: true
+ ansible.builtin.copy:
+ src: "{{ nextcloud_webroot }}/config/config.php"
+ dest: "{{ nextcloud_webroot }}/config/config.php.bak"
+ remote_src: true # because the src is already on the remote host
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '640'
+
+- name: Desactive le mode maintenance # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: './console maintenance:mode --off'
+ args:
+ chdir: "{{ nextcloud_webroot }}"
\ No newline at end of file
--- /dev/null
+- name: Etckeeper commit if necessary
+ ansible.builtin.command: etckeeper commit "commit by ansible because installing {{ DOMAIN }}/{{ SITE }}"
+
+- name: Install required packages
+ ansible.builtin.apt:
+ name:
+ - ghostscript
+ - php
+ - php-mysqli
+ - php-curl
+# - php-dom
+ - php-exif
+ - php-igbinary
+ - php-mbstring
+ - imagemagick
+ - php-imagick
+ - php-intl
+ - php-openssl
+ - libxml
+ - php-xml
+ - libzip
+ - php-zip
+ - php-redis
+ state: present
+ register: php_install
+
+- name: Enable PHP modules
+ ansible.builtin.command: phpenmod imagick intl
+ when: php_install.changed
+
+
+- name: Recharger PHP et nginx
+ ansible.builtin.service:
+ name: "{{ item }}"
+ state: reloaded
+ loop:
+ - "php{{ php_version }}-fpm"
+ - "nginx"
--- /dev/null
+- name: Etckeeper commit if necessary
+ ansible.builtin.command: etckeeper commit "commit by ansible because installing {{ DOMAIN }}/{{ SITE }}"
+ ignore_errors: true
+
+- name: Install required packages
+ ansible.builtin.apt:
+ name:
+# - php-ctype
+ - php-curl
+# - php-dom
+# - php-fileinfo
+ - php-gd
+ - php-json
+ - "php{{ php_version }}-xml"
+ - php-mbstring
+# - php-openssl
+# - php-posix
+# - php-session
+# - php-simplexml
+# - php-xmlreader
+# - php-xmlwriter
+ - php-zip
+# - php-zlib
+# - php-pdo_pgsql
+ - "php{{ php_version }}-pgsql"
+ - php-pgsql
+ - php-intl
+ - php-bz2
+# - php-sodium
+ - php-gmp
+# - php-exif
+ - php-redis
+ - php-imagick
+ - python3-psycopg2 # module ansible psql
+ state: present
+
+- name: Boucle d'ajout du user php dans plusieurs groupe
+ ansible.builtin.user:
+ name: "php_{{ SIGLE }}_{{ SITE }}"
+ groups: "{{ item }}"
+ append: true
+ loop:
+ - nextcloud
+ - postgres-data
+ - redis
+ - "site_{{ SIGLE }}_{{ SITE }}"
+
+- name: Bloc nouvelle version nextcloud
+ when: nouvelle_version is undefined
+ block:
+ - name: Demande la version de nextcloud à installer
+ ansible.builtin.pause:
+ prompt: "Quelle version de nextcloud doit être utilisée"
+ echo: true
+ register: nextcloud_version_prompt
+
+ - name: Definir nouvelle_version
+ ansible.builtin.set_fact:
+ nouvelle_version: "{{ nextcloud_version_prompt.user_input }}"
+
+- name: Bloc ancienne version nextcloud
+ when: ancienne_version is undefined
+ block:
+ - name: Demande la version de nextcloud déjà installée
+ ansible.builtin.pause:
+ prompt: "Quelle version de nextcloud déjà installée"
+ echo: true
+ register: ancienne_version_prompt
+
+ - name: Definir ancienne_version
+ ansible.builtin.set_fact:
+ ancienne_version: "{{ ancienne_version_prompt.user_input }}"
+
+- name: Inclure la verif de l'install nextcloud
+ ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml
+
+- name: PostgreSQL - nextcloud_php_user role is created
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_user:
+ name: "{{ nextcloud_php_user }}"
+ state: present
+ role_attr_flags: CREATEDB
+
+- name: PostgreSQL - nextcloud_db_name database is created
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_db:
+ name: "{{ nextcloud_db_name }}"
+ state: "{{ item }}"
+ owner: "{{ nextcloud_php_user }}"
+ loop:
+ - absent
+ - present
+
+- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_privs:
+ db: "{{ item.db }}"
+ privs: "{{ item.privs }}"
+ type: "{{ item.type |default(omit) }}"
+ objs: "{{ item.objs }}"
+ role: "{{ item.role }}"
+ grant_option: "{{ item.grant_option |default(omit) }}"
+ loop_control:
+ label: "{{ item.name }}"
+ loop:
+ - db: "{{ nextcloud_db_name }}"
+ privs: "ALL"
+ type: "schema"
+ objs: "public"
+ role: "{{ nextcloud_php_user }}"
+ grant_option: true
+ name: "GRANT ALL ON SCHEMA public TO php_{{ SIGLE }}_nuage WITH GRANT OPTION;"
+
+- name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud
+ community.postgresql.postgresql_pg_hba:
+ dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf"
+ contype: local
+ users: "php_{{ SIGLE }}_{{ SITE }}"
+ databases: "php_{{ SIGLE }}_{{ SITE }}"
+ method: peer
+ keep_comments_at_rules: true
+ comment: "autoriser le user php_{{ SIGLE }}_{{ SITE }} à se connecter à la bdd du meme nom"
+
+- name: Boucle création des répertoires app, config et data nextcloud
+ ansible.builtin.file:
+ path: "{{ item.path }}"
+ state: "{{ item.state }}"
+ owner: "{{ item.owner }}"
+ group: "{{ item.group }}"
+ mode: "{{ item.mode }}"
+ loop_control:
+ label: "{{ item.path }}"
+ loop:
+ - path: "{{ nextcloud_webroot }}/apps"
+ state: directory
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '2750'
+ - path: "{{ nextcloud_webroot }}/config"
+ state: directory
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '2750'
+ - path: "{{ nextcloud_webroot }}/data"
+ state: directory
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '2750'
+
+- name: Create nextcloud root dir symbolic link
+ ansible.builtin.file:
+ src: "{{ nextcloud_symbolic_source }}"
+ dest: "{{ nextcloud_webroot }}/nextcloud"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: Create nextcloud common app dir symbolic link
+ ansible.builtin.file:
+ src: "{{ nextcloud_symbolic_common }}"
+ dest: "{{ nextcloud_webroot }}/common"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: Créer les fichiers spécifiques nextcloud
+ ansible.builtin.template:
+ src: "templates/{{ item.src }}"
+ dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
+ owner: "{{ item.owner }}"
+ group: "{{ item.group }}"
+ mode: "{{ item.mode }}"
+ loop:
+ - src: "nextcloud_cron.j2"
+ dest: "cron"
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '750'
+ - src: "nextcloud_console.j2"
+ dest: "console"
+ owner: "{{ nextcloud_websrv_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '750'
+ - src: "nextcloud_install_config.j2"
+ dest: "config/config.php"
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '640'
+
+- name: Recharger plusieurs services
+ ansible.builtin.service:
+ name: "{{ item }}"
+ state: reloaded
+ loop:
+ - "postgresql"
+ - "php{{ php_version }}-fpm"
+
+- name: Lancement du script d'installation nextcloud # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: >
+ ./console maintenance:install
+ --database='pgsql'
+ --database-name="php_{{ SIGLE }}_{{ SITE }}"
+ --database-user="php_{{ SIGLE }}_{{ SITE }}"
+ --database-host="/var/run/postgresql/"
+ --database-pass=""
+ --admin-user='admin'
+ --admin-pass='ckoideja'
+ --data-dir="/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/data/"
+ args:
+ chdir: "{{ nextcloud_webroot }}"
+ register: install_result
+ ignore_errors: true
+
+- name: Afficher les logs du script d'install
+ ansible.builtin.debug:
+ var: install_result
+ when: install_result is defined
+
+- name: Afficher les logs du script d'install
+ ansible.builtin.fail:
+ msg: "Le script d'install a échoué: Voir les logs ci-dessus"
+ when: install_result.failed
+
+- name: Créer les fichiers spécifiques nextcloud
+ ansible.builtin.template:
+ src: "templates/{{ item.src }}"
+ dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
+ owner: "{{ item.owner }}"
+ group: "{{ item.group }}"
+ mode: "{{ item.mode }}"
+ loop:
+ - src: "nextcloud_sigle_config.j2"
+ dest: "config/{{ SIGLE }}.config.php"
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '640'
+
+- name: Creation d'un lien symbolique vers le configuration nextcloud commun
+ ansible.builtin.file:
+ src: "../../../../nextcloud/common.config.php"
+ path: "{{ nextcloud_webroot }}/config/common.config.php"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_privs:
+ db: "{{ item.db }}"
+ privs: "{{ item.privs }}"
+ type: "{{ item.type | default(omit) }}"
+ objs: "{{ item.objs }}"
+ role: "{{ item.role }}"
+ grant_option: "{{ item.grant_option | default(omit) }}"
+ loop_control:
+ label: "{{ item.name }}"
+ loop:
+ - db: "{{ nextcloud_db_name }}"
+ privs: "USAGE,CREATE"
+ type: "schema"
+ objs: "public"
+ role: "{{ nextcloud_php_user }}"
+ name: "GRANT USAGE,CREATE ON SCHEMA public TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_namespace"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_namespace TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_collation"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_collation TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_index"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_index TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_attrdef"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_attrdef TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_description"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_description TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_settings"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_settings TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # objs: "pg_database"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON pg_database TO php_{{ SIGLE }}_nuage;"
+
+- name: Creation d'un fichier cron pour /etc/cron.d
+ ansible.builtin.cron:
+ name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan toutes les 5 mins"
+ minute: "*/5"
+ user: "php_{{ SIGLE }}_{{ SITE }}"
+ job: "{{ nextcloud_webroot }}/cron"
+
+- name: Recharger plusieurs services
+ ansible.builtin.service:
+ name: "{{ item }}"
+ state: reloaded
+ loop:
+ - "php{{ php_version }}-fpm"
+ - "nginx"
ansible.builtin.service:
name: nginx
state: reloaded
- when: SITE != 'nuage' and SITE != 'paheko' and SITE != 'gestion' and template_site == 'http'
+ when: SITE != 'nuage' and SITE != 'paheko' and SITE != 'WP' and template_site == 'http'
- php-gmp
# - php-exif
- php-redis
+ - imagemagick
- php-imagick
- python3-psycopg2 # module ansible psql
state: present
group: "{{ nextcloud_websrv_user }}"
mode: '640'
-- name: Creation d'un lien symbolique vers le configuration nextcloud commun
+- name: Creation d'un lien symbolique vers la configuration nextcloud common
ansible.builtin.file:
src: "../../../../nextcloud/common.config.php"
path: "{{ nextcloud_webroot }}/config/common.config.php"
--- /dev/null
+- name: Bloc demande sous-domaine
+ block:
+
+ - name: Demande sous-domaine
+ ansible.builtin.pause:
+ prompt: 'quel sous-domaine faut-il configurer?(ex: www/gestion)'
+ echo: true
+ register: config_ss_domain_promp
+
+ - name: Definir config_ss_domain
+ ansible.builtin.set_fact:
+ config_ss_domain: "{{ config_ss_domain_promp.user_input | default(SITE) }}"
+
+- name: Bloc demande des autres options
+ when: SITE != 'WP' and SITE != 'paheko'
+ block:
+
+ - name: Demande php
+ ansible.builtin.pause:
+ prompt: 'Faut-il configurer un pool PHP?(ex: oui/non)'
+ echo: true
+ register: config_php_promp
+
+ - name: Definir config_php
+ ansible.builtin.set_fact:
+ config_php: "{{ config_php_promp.user_input | default('non') }}"
+
+ - name: Demande bdd
+ ansible.builtin.pause:
+ prompt: 'Faut-il configurer une base de données SQL?(ex: mariadb/postgres/non)'
+ echo: true
+ register: config_bdd_promp
+
+ - name: Definir config_bdd
+ ansible.builtin.set_fact:
+ config_bdd: "{{ config_bdd_promp.user_input | default('non') }}"
+
+ - name: Demande sftp_key
+ ansible.builtin.pause:
+ prompt: 'besoin de configurer un accès SFTP pour ce compte (vide ou clé public)'
+ echo: true
+ register: sftp_key_promp
+
+ - name: Definir sftp_key
+ ansible.builtin.set_fact:
+ sftp_key: "{{ sftp_key_promp.user_input | default('non') }}"
- php-sqlite3
- php-intl
- php-cli
+ - imagemagick
- php-imagick
- php-mbstring
- php-gnupg
ansible.builtin.command: phpenmod sqlite3 imagick intl
when: php_install.changed
-- name: Ajout de l'utilisateur php_SIGLE_SITE
- ansible.builtin.user:
- name: "php_{{ SIGLE }}_{{ SITE }}"
- home: "/etc/php/{{ php_version }}/fpm/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
- shell: /bin/false
- system: true
- append: true
- create_home: false
- password: '!'
-# group: "php_{{ SIGLE }}_{{ SITE }}"
-
- name: Bloc paheko_version
when: paheko_version is undefined
block:
src: "/home/sites/data/paheko/{{ paheko_version }}/"
dest: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
remote_src: true # because the config file is already in the nextcloud_tmp_path
+ mode: '2750'
- name: Modification du propriétaire group et droits du dossier
ansible.builtin.file:
mode: '2750'
recurse: true
-- name: Boucle d'ajout du user php dans plusieurs groupe
- ansible.builtin.user:
- name: "php_{{ SIGLE }}_{{ SITE }}"
- groups: "{{ item }}"
- append: true
- loop:
- - "site_{{ SIGLE }}_{{ SITE }}"
-
# - name: Change displayed icon
# ansible.builtin.copy:
# src: "{{ icon }}"
owner: "root"
group: "root"
mode: '640' # or u=rwx,g=r,o=
- when: SITE == 'nuage' or SITE == 'paheko' or SITE == 'gestion'
+ when: SITE == 'nuage' or SITE == 'paheko' or SITE == 'WP'
- name: ATTENTION la config php n'a pas été créer
ansible.builtin.debug:
msg: "Il n'y a pas de templates php pour votre site, il faudra le créer manuellement"
- when: SITE != 'nuage' and SITE != 'paheko' and SITE != 'gestion'
-
-- name: recharger PHP service
- ansible.builtin.service:
- name: "php{{ php_version }}-fpm"
- state: reloaded
- when: SITE != 'nuage' and SITE != 'paheko' and SITE == 'gestion'
+ when: SITE != 'nuage' and SITE != 'paheko' or SITE != 'WP'
--- /dev/null
+- name: Etckeeper commit if necessary
+ ansible.builtin.command: etckeeper commit "commit by ansible because installing {{ DOMAIN }}/{{ SITE }}"
+ ignore_errors: true
+
+- name: Install required packages
+ ansible.builtin.apt:
+ name:
+# - php-ctype
+ - php-curl
+# - php-dom
+# - php-fileinfo
+ - php-gd
+ - php-json
+ - "php{{ php_version }}-xml"
+ - php-mbstring
+# - php-openssl
+# - php-posix
+# - php-session
+# - php-simplexml
+# - php-xmlreader
+# - php-xmlwriter
+ - php-zip
+# - php-zlib
+# - php-pdo_pgsql
+ - "php{{ php_version }}-pgsql"
+ - php-pgsql
+ - php-intl
+ - php-bz2
+# - php-sodium
+ - php-gmp
+# - php-exif
+ - php-redis
+ - php-imagick
+ - python3-psycopg2 # module ansible psql
+ state: present
+
+- name: Boucle d'ajout du user php dans plusieurs groupe
+ ansible.builtin.user:
+ name: "php_{{ SIGLE }}_{{ SITE }}"
+ groups: "{{ item }}"
+ append: true
+ loop:
+ - nextcloud
+ - postgres-data
+ - redis
+ - "site_{{ SIGLE }}_{{ SITE }}"
+
+- name: Bloc nouvelle version nextcloud
+ when: nouvelle_version is undefined
+ block:
+ - name: Demande la version de nextcloud à installer
+ ansible.builtin.pause:
+ prompt: "Quelle version de nextcloud doit être utilisée"
+ echo: true
+ register: nextcloud_version_prompt
+
+ - name: Definir nouvelle_version
+ ansible.builtin.set_fact:
+ nouvelle_version: "{{ nextcloud_version_prompt.user_input }}"
+
+- name: Bloc ancienne version nextcloud
+ when: ancienne_version is undefined
+ block:
+ - name: Demande la version de nextcloud déjà installée
+ ansible.builtin.pause:
+ prompt: "Quelle version de nextcloud déjà installée"
+ echo: true
+ register: ancienne_version_prompt
+
+ - name: Definir ancienne_version
+ ansible.builtin.set_fact:
+ ancienne_version: "{{ ancienne_version_prompt.user_input }}"
+
+- name: Inclure la verif de l'install nextcloud
+ ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml
+
+- name: PostgreSQL - nextcloud_php_user role is created
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_user:
+ name: "{{ nextcloud_php_user }}"
+ state: present
+ role_attr_flags: CREATEDB
+
+- name: PostgreSQL - nextcloud_db_name database is created
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_db:
+ name: "{{ nextcloud_db_name }}"
+ state: "{{ item }}"
+ owner: "{{ nextcloud_php_user }}"
+ loop:
+ - absent
+ - present
+
+- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_privs:
+ db: "{{ item.db }}"
+ privs: "{{ item.privs }}"
+ type: "{{ item.type |default(omit) }}"
+ objs: "{{ item.objs }}"
+ role: "{{ item.role }}"
+ grant_option: "{{ item.grant_option |default(omit) }}"
+ loop_control:
+ label: "{{ item.name }}"
+ loop:
+ - db: "{{ nextcloud_db_name }}"
+ privs: "ALL"
+ type: "schema"
+ objs: "public"
+ role: "{{ nextcloud_php_user }}"
+ grant_option: true
+ name: "GRANT ALL ON SCHEMA public TO php_{{ SIGLE }}_nuage WITH GRANT OPTION;"
+
+- name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud
+ community.postgresql.postgresql_pg_hba:
+ dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf"
+ contype: local
+ users: "php_{{ SIGLE }}_{{ SITE }}"
+ databases: "php_{{ SIGLE }}_{{ SITE }}"
+ method: peer
+ keep_comments_at_rules: true
+ comment: "autoriser le user php_{{ SIGLE }}_{{ SITE }} à se connecter à la bdd du meme nom"
+
+- name: Boucle création des répertoires app, config et data nextcloud
+ ansible.builtin.file:
+ path: "{{ item.path }}"
+ state: "{{ item.state }}"
+ owner: "{{ item.owner }}"
+ group: "{{ item.group }}"
+ mode: "{{ item.mode }}"
+ loop_control:
+ label: "{{ item.path }}"
+ loop:
+ - path: "{{ nextcloud_webroot }}/apps"
+ state: directory
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '2750'
+ - path: "{{ nextcloud_webroot }}/config"
+ state: directory
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '2750'
+ - path: "{{ nextcloud_webroot }}/data"
+ state: directory
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '2750'
+
+- name: Create nextcloud root dir symbolic link
+ ansible.builtin.file:
+ src: "{{ nextcloud_symbolic_source }}"
+ dest: "{{ nextcloud_webroot }}/nextcloud"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: Create nextcloud common app dir symbolic link
+ ansible.builtin.file:
+ src: "{{ nextcloud_symbolic_common }}"
+ dest: "{{ nextcloud_webroot }}/common"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: Créer les fichiers spécifiques nextcloud
+ ansible.builtin.template:
+ src: "templates/{{ item.src }}"
+ dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
+ owner: "{{ item.owner }}"
+ group: "{{ item.group }}"
+ mode: "{{ item.mode }}"
+ loop:
+ - src: "nextcloud_cron.j2"
+ dest: "cron"
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '750'
+ - src: "nextcloud_console.j2"
+ dest: "console"
+ owner: "{{ nextcloud_websrv_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '750'
+ - src: "nextcloud_install_config.j2"
+ dest: "config/config.php"
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '640'
+
+- name: Recharger plusieurs services
+ ansible.builtin.service:
+ name: "{{ item }}"
+ state: reloaded
+ loop:
+ - "postgresql"
+ - "php{{ php_version }}-fpm"
+
+- name: Lancement du script d'installation nextcloud # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: >
+ ./console maintenance:install
+ --database='pgsql'
+ --database-name="php_{{ SIGLE }}_{{ SITE }}"
+ --database-user="php_{{ SIGLE }}_{{ SITE }}"
+ --database-host="/var/run/postgresql/"
+ --database-pass=""
+ --admin-user='admin'
+ --admin-pass='ckoideja'
+ --data-dir="/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/data/"
+ args:
+ chdir: "{{ nextcloud_webroot }}"
+ register: install_result
+ ignore_errors: true
+
+- name: Afficher les logs du script d'install
+ ansible.builtin.debug:
+ var: install_result
+ when: install_result is defined
+
+- name: Afficher les logs du script d'install
+ ansible.builtin.fail:
+ msg: "Le script d'install a échoué: Voir les logs ci-dessus"
+ when: install_result.failed
+
+- name: Créer les fichiers spécifiques nextcloud
+ ansible.builtin.template:
+ src: "templates/{{ item.src }}"
+ dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
+ owner: "{{ item.owner }}"
+ group: "{{ item.group }}"
+ mode: "{{ item.mode }}"
+ loop:
+ - src: "nextcloud_sigle_config.j2"
+ dest: "config/{{ SIGLE }}.config.php"
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '640'
+
+- name: Creation d'un lien symbolique vers le configuration nextcloud commun
+ ansible.builtin.file:
+ src: "../../../../nextcloud/common.config.php"
+ path: "{{ nextcloud_webroot }}/config/common.config.php"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_privs:
+ db: "{{ item.db }}"
+ privs: "{{ item.privs }}"
+ type: "{{ item.type | default(omit) }}"
+ objs: "{{ item.objs }}"
+ role: "{{ item.role }}"
+ grant_option: "{{ item.grant_option | default(omit) }}"
+ loop_control:
+ label: "{{ item.name }}"
+ loop:
+ - db: "{{ nextcloud_db_name }}"
+ privs: "USAGE,CREATE"
+ type: "schema"
+ objs: "public"
+ role: "{{ nextcloud_php_user }}"
+ name: "GRANT USAGE,CREATE ON SCHEMA public TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_namespace"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_namespace TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_collation"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_collation TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_index"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_index TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_attrdef"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_attrdef TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_description"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_description TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # type: "table"
+ # objs: "pg_settings"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON TABLE pg_settings TO php_{{ SIGLE }}_nuage;"
+ # - db: "{{ nextcloud_db_name }}"
+ # privs: "SELECT"
+ # objs: "pg_database"
+ # role: "{{ nextcloud_php_user }}"
+ # name: "GRANT SELECT ON pg_database TO php_{{ SIGLE }}_nuage;"
+
+- name: Creation d'un fichier cron pour /etc/cron.d
+ ansible.builtin.cron:
+ name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan toutes les 5 mins"
+ minute: "*/5"
+ user: "php_{{ SIGLE }}_{{ SITE }}"
+ job: "{{ nextcloud_webroot }}/cron"
+
+- name: Recharger plusieurs services
+ ansible.builtin.service:
+ name: "{{ item }}"
+ state: reloaded
+ loop:
+ - "php{{ php_version }}-fpm"
+ - "nginx"
--- /dev/null
+- name: Active le mode maintenance # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: './console maintenance:mode --on'
+ args:
+ chdir: "{{ nextcloud_webroot }}"
+
+- name: Update nextcloud root dir symbolic link
+ become: true
+ ansible.builtin.file:
+ src: "../../../nextcloud/sources/nextcloud-{{ ancienne_version }}"
+ dest: "{{ nextcloud_webroot }}/nextcloud"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: Update nextcloud common app dir symbolic link
+ become: true
+ ansible.builtin.file:
+ src: "../../../nextcloud/sources/nextcloud-{{ ancienne_version }}"
+ dest: "{{ nextcloud_webroot }}/common"
+ owner: nextcloud
+ group: nextcloud
+ state: link
+ follow: false
+
+- name: "[PostgreSQL] - {{ nextcloud_db_name }} database is created."
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_db:
+ name: "{{ nextcloud_db_name }}"
+ state: "{{ item }}"
+ owner: "{{ nextcloud_php_user }}"
+ target: "/tmp/dump.pgc"
+ target_opts: "-F c"
+ loop:
+ - absent
+ - present
+ - restore
+
+- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
+ become_user: postgres
+ become: true
+ community.postgresql.postgresql_privs:
+ db: "{{ item.db }}"
+ privs: "{{ item.privs }}"
+ type: "{{ item.type |default(omit) }}"
+ objs: "{{ item.objs }}"
+ role: "{{ item.role }}"
+ grant_option: "{{ item.grant_option |default(omit) }}"
+ loop_control:
+ label: "{{ item.name }}"
+ loop:
+ - db: "{{ nextcloud_db_name }}"
+ privs: "ALL"
+ type: "schema"
+ objs: "public"
+ role: "{{ nextcloud_php_user }}"
+ grant_option: true
+ name: "GRANT ALL ON SCHEMA public TO php_{{ SIGLE }}_nuage WITH GRANT OPTION;"
+
+- name: Copy nextcloud config file
+ become: true
+ ansible.builtin.copy:
+ src: "{{ nextcloud_webroot }}/config/config.php.bak"
+ dest: "{{ nextcloud_webroot }}/config/config.php"
+ remote_src: true # because the src is already on the remote host
+ owner: "{{ nextcloud_php_user }}"
+ group: "{{ nextcloud_websrv_user }}"
+ mode: '640'
+
+- name: Desactive le mode maintenance # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: './console maintenance:mode --off'
+ args:
+ chdir: "{{ nextcloud_webroot }}"
+
+- name: Run nextcloud upgrade script # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: ./console upgrade
+ args:
+ chdir: "{{ nextcloud_webroot }}"
+ register: nc_upgrade_result
+
+- name: Obtenir la version actuelle # noqa : command-instead-of-module
+ become_user: "{{ nextcloud_php_user }}"
+ become: true
+ ansible.builtin.command: '{{ nextcloud_webroot }}/console status --output=json'
+ register: result
+
+- name: afficher la version actuelle
+ ansible.builtin.debug:
+ msg: "La version restaurée est {{ tmp.versionstring }}"
+ vars:
+ tmp: "{{ result.stdout | from_json }}"
\ No newline at end of file
- name: Active le mode maintenance # noqa : command-instead-of-module
- become_user: "{{ nextcloud_websrv_user }}"
+ become_user: "{{ nextcloud_php_user }}"
become: true
ansible.builtin.command: './console maintenance:mode --on'
args:
follow: false
- name: Desactive le mode maintenance # noqa : command-instead-of-module
- become_user: "{{ nextcloud_websrv_user }}"
+ become_user: "{{ nextcloud_php_user }}"
become: true
ansible.builtin.command: './console maintenance:mode --off'
args:
chdir: "{{ nextcloud_webroot }}"
- name: Run nextcloud upgrade script # noqa : command-instead-of-module
- become_user: "{{ nextcloud_websrv_user }}"
+ become_user: "{{ nextcloud_php_user }}"
become: true
ansible.builtin.command: ./console upgrade
args:
- name: Bloc de tâches contrôlant la fin de la maintenance de mise à jour
block:
- name: Wait for nextcloud maintenance mode to become false # noqa : command-instead-of-module
- become_user: "{{ nextcloud_websrv_user }}"
+ become_user: "{{ nextcloud_php_user }}"
become: true
ansible.builtin.command: ./console status
args:
delay: 20
rescue:
- name: Deactivate maintenance mode manually # noqa : command-instead-of-module
- become_user: "{{ nextcloud_websrv_user }}"
+ become_user: "{{ nextcloud_php_user }}"
become: true
ansible.builtin.command: ./console maintenance:mode --off
args:
+++ /dev/null
-server_name {{ SITE }}.{{ DOMAIN }}.{{ TLD }};
-root /home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/www;
-
-location / {
- try_files $uri $uri/ /_route.php?$query_string;
- index index.php /_route.php;
-}
-
-location ~ \.php {
- try_files $uri $uri/ /_route.php?$query_string;
- include /etc/nginx/conf.d/fastcgi.conf;
- fastcgi_index index.php ;
- fastcgi_param REDIRECT_STATUS 200;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:/run/php{{ php_version}}/fpm/php_{{ SIGLE }}_{{ SITE }};
-}
\ No newline at end of file
+++ /dev/null
-server {
- listen 80;
- include /etc/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/common.conf;
- access_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/access.log main buffer=32k;
- error_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/error.log warn;
-{% if ssl_ready is defined and ssl_ready %}
- return 301 https://{{ SITE }}.{{ DOMAIN }}.{{ TLD }}$request_uri;
- }
-server {
- listen 443;
- include /etc/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/common.conf;
- ssl_certificate /etc/letsencrypt/live/{{ SITE }}.{{ DOMAIN }}.{{ TLD }}/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/{{ SITE }}.{{ DOMAIN }}.{{ TLD }}/privkey.pem;
- access_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/access.log main buffer=32k;
- error_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/error.log warn;
-{% endif %}
-}
\ No newline at end of file
server {
listen 80;
server_name
- {{ SITE }}.{{ DOMAIN }}.{{ TLD }};
+ {{ config_ss_domain | default(SITE) }}.{{ DOMAIN }}.{{ TLD }};
disable_symlinks if_not_owner;
access_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/access.log main buffer=32k;
error_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/error.log warn;
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_param NEXTCLOUD_CONFIG_DIR /home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/config;
- fastcgi_pass unix:/run/php{{ php_version}}/fpm/php_{{ SIGLE }}_{{ SITE }};
+ fastcgi_pass unix:/run/php{{ php_version }}/fpm/php_{{ SIGLE }}_{{ SITE }};
#fastcgi_intercept_errors on;
fastcgi_request_buffering off;
-server_name {{ SITE }}.{{ DOMAIN }}.{{ TLD }};
+server_name {{ config_ss_domain }}.{{ DOMAIN }}.{{ TLD }};
root /home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/www;
location / {
access_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/access.log main buffer=32k;
error_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/error.log warn;
{% if ssl_ready is defined and ssl_ready %}
- return 301 https://{{ SITE }}.{{ DOMAIN }}.{{ TLD }}$request_uri;
+ return 301 https://{{ config_ss_domain }}.{{ DOMAIN }}.{{ TLD }}$request_uri;
}
server {
listen 443;
server_name
{{ DOMAIN }}.{{ TLD }}
- www.{{ DOMAIN }}.{{ TLD }};
+ {{ config_ss_domain }}.{{ DOMAIN }}.{{ TLD }};
+rewrite ^/(.*) http://{{ config_ss_domain }}.{{ DOMAIN }}.{{ TLD }}/$1 permanent;
root /home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/;
index index.html;
access_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/access.log main buffer=32k;
error_log /home/sites/log/nginx/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/error.log warn;
{% if ssl_ready is defined and ssl_ready %}
- return 301 https://{{ DOMAIN }}.{{ TLD }}$request_uri;
+ return 301 https://{{ config_ss_domain }}.{{ DOMAIN }}.{{ TLD }}$request_uri;
}
server {
listen 443 ssl;
---
# commande pour lancer le playbook: ansible-playbook update_nuage_instance.yml
# ATTENTION pour l'instance "test-nuage" il faut lancer la commande ci-dessous pour lancer le playbook:
-# ansible-playbook update_nuage_instance.yml --extra-vars "nextcloud_websrv_user=php_lhc_test_nuage nextcloud_webroot=/home/sites/data/org/heureux-cyclage/test-nuage"
+# ansible-playbook update_nuage_instance.yml --extra-vars "test_nuage=true"
- name: Promp pour définir les variables
hosts: ligatures
vars_prompt:
- name: nouvelle_version
- prompt: 'Nouvelle version nextcloud à télécharger?(ex: 27.1.0)'
+ prompt: 'Nouvelle version nextcloud à télécharger?(ex: 27.1.8)'
private: false
+ default: "27.1.8"
- name: TLD
prompt: 'TLD du site à mettre à jour?(ex: org)'
private: false
+ default: "org"
- name: DOMAIN
prompt: 'Domaine du site à mettre à jour?(ex: heureux-cyclage)'
private: false
+ default: "heureux-cyclage"
- name: SIGLE
prompt: 'Sigle du site à mettre à jour?(ex: lhc)'
private: false
+ default: "lhc"
pre_tasks:
path: "{{ nextcloud_common }}"
register: new_nextcloud_common
+ - name: specific test-nuage tasks
+ ansible.builtin.set_fact:
+ nextcloud_webroot: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/test-nuage"
+ nextcloud_websrv_user: site_lhc_test-nuage
+ nextcloud_php_user: php_lhc_test_nuage
+ when: test_nuage is defined
+
- name: Obtenir l'ancienne version # noqa : command-instead-of-module
- become_user: "{{ nextcloud_websrv_user }}"
+ become_user: "{{ nextcloud_php_user }}"
become: true
ansible.builtin.command: '{{ nextcloud_webroot }}/console status --output=json'
register: result
mode: '754' # or 'u=rwx,g=rx,o=r'
when: not new_nextcloud_common.stat.exists
- - name: Include update tasks
- ansible.builtin.include_tasks: tasks/update_nextcloud.yml
+ - name: Include backup tasks
+ ansible.builtin.include_tasks: tasks/backup_nextcloud.yml
+
+ - name: block upgrade
+ block:
+
+ - name: Include update tasks
+ ansible.builtin.include_tasks: tasks/update_nextcloud.yml
+
+ - name: Display upgrade result
+ ansible.builtin.debug:
+ msg: "Le nuage de {{ DOMAIN }} a été mis à jour avec la nouvelle version {{ nouvelle_version }}"
+
+ always:
+
+ - name: Ask if restore is necessary
+ ansible.builtin.pause:
+ prompt: 'Voulez-vous restaurer la version precedente?(oui/non)'
+ echo: true
+ register: restore_promp
+
+ - name: Definir config_ss_domain
+ ansible.builtin.set_fact:
+ restore: "{{ restore_promp.user_input | default(non) }}"
- - name: Display upgrade result
- ansible.builtin.debug:
- msg: "Le nuage de {{ DOMAIN }} a été mis à jour avec la nouvelle version {{ nouvelle_version }}"
+ - name: Include update tasks
+ ansible.builtin.include_tasks: tasks/restore_nextcloud.yml
+ when: restore == 'oui'
\ No newline at end of file