1 - name: Install required packages
30 - name: Boucle d'ajout du user php dans plusieurs groupe
32 name: "php_{{ SIGLE }}_{{ SITE }}"
39 - "site_{{ SIGLE }}_{{ SITE }}"
41 - name: Bloc nextcloud_version
42 when: nouvelle_version is undefined
44 - name: Demande la version de nextcloud à installer
45 ansible.builtin.pause:
46 prompt: "Quelle version de nextcloud doit être utilisée"
48 register: nextcloud_version_prompt
50 - name: Definir nouvelle_version
51 ansible.builtin.set_fact:
52 nouvelle_version: "{{ nextcloud_version.user_input }}"
54 - name: Demande la version de nextcloud déjà installer
55 ansible.builtin.pause:
56 prompt: "Quelle version de nextcloud déjà installée"
58 register: ancienne_version_prompt
60 - name: Definir ancienne_version
61 ansible.builtin.set_fact:
62 ancienne_version: "{{ ancienne_version.user_input }}"
64 - name: Inclure la verif de l'install nextcloud
65 ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml
67 - name: "[PostgreSQL] - {{ nextcloud_websrv_user }} role is created."
70 community.postgresql.postgresql_user:
71 name: "{{ nextcloud_websrv_user }}"
73 role_attr_flags: CREATEDB
75 - name: "[PostgreSQL] - {{ nextcloud_db_name }} database is created."
78 community.postgresql.postgresql_db:
79 name: "{{ nextcloud_db_name }}"
81 owner: "{{ nextcloud_websrv_user }}"
86 - name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
87 community.postgresql.postgresql_privs:
89 privs: "{{ item.privs }}"
90 type: "{{ item.type }}"
91 objs: "{{ item.objs }}"
92 role: "{{ item.role }}"
93 grant_option: "{{ item.grant_option |default(false) }}"
94 loop_control: "{{ item.name }}"
96 - db: "{{ php_${SIGLE}_nuage }}"
100 role: "{{ php_${SIGLE}_nuage }}"
102 name: "GRANT ALL ON SCHEMA public TO php_${SIGLE}_nuage WITH GRANT OPTION;"
103 - db: "{{ php_${SIGLE}_nuage }}"
104 privs: "USAGE,CREATE"
107 role: "{{ php_${SIGLE}_nuage }}"
108 name: "GRANT USAGE,CREATE ON SCHEMA public TO php_${SIGLE}_nuage;"
109 - db: "{{ php_${SIGLE}_nuage }}"
113 role: "{{ php_${SIGLE}_nuage }}"
114 name: GRANT SELECT ON TABLE pg_namespace TO php_${SIGLE}_nuage;
115 - db: "{{ php_${SIGLE}_nuage }}"
119 role: "{{ php_${SIGLE}_nuage }}"
120 name: GRANT SELECT ON TABLE pg_collation TO php_${SIGLE}_nuage;
121 - db: "{{ php_${SIGLE}_nuage }}"
125 role: "{{ php_${SIGLE}_nuage }}"
126 name: GRANT SELECT ON TABLE pg_index TO php_${SIGLE}_nuage;
127 - db: "{{ php_${SIGLE}_nuage }}"
131 role: "{{ php_${SIGLE}_nuage }}"
132 name: GRANT SELECT ON TABLE pg_attrdef TO php_${SIGLE}_nuage;
133 - db: "{{ php_${SIGLE}_nuage }}"
136 objs: "pg_description"
137 role: "{{ php_${SIGLE}_nuage }}"
138 name: GRANT SELECT ON TABLE pg_description TO php_${SIGLE}_nuage;
139 - db: "{{ php_${SIGLE}_nuage }}"
143 role: "{{ php_${SIGLE}_nuage }}"
144 name: GRANT SELECT ON TABLE pg_settings TO php_${SIGLE}_nuage;
145 - db: "{{ php_${SIGLE}_nuage }}"
148 role: "{{ php_${SIGLE}_nuage }}"
149 name: GRANT SELECT ON pg_database TO php_${SIGLE}_nuage;
151 - name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud
152 community.postgresql.postgresql_pg_hba:
153 dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf"
155 users: "php_{{ SIGLE}}_{{SITE}}"
156 databases: "php_{{ SIGLE}}_{{SITE}}"
158 keep_comments_at_rules: true
159 comment: "autoriser le user php_{{ SIGLE}}_{{SITE}} à se connecter à la bdd du meme nom"
161 # - name: Update nextcloud root dir symbolic link
163 # ansible.builtin.file:
164 # src: "{{ nextcloud_source }}"
165 # dest: "{{ nextcloud_webroot }}/nextcloud"
171 # - name: Update nextcloud common app dir symbolic link
173 # ansible.builtin.file:
174 # src: "{{ nextcloud_common }}"
175 # dest: "{{ nextcloud_webroot }}/common"
183 # lancement de la commande d'installation
185 # lien symbolic common conf
187 - name: Create sigle nextcloud config
188 become_user: "{{ nextcloud_websrv_user }}"
190 ansible.builtin.template:
191 src: templates/sigle.config.php.j2
192 dest: "{{ nextcloud_webroot }}/config/sigle.config.php"
193 owner: "{{ nextcloud_websrv_user }}"
194 group: "{{ nextcloud_websrv_user }}"
195 mode: '640' # or u=rwx,g=r,o=
197 - name: Creation d'un fichier cron pour /etc/cron.d
198 ansible.builtin.cron:
199 name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan "
201 user: "php_{{ SIGLE}}_{{SITE}}"
202 job: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/cron"
204 - name: Recharger plusieurs services
205 ansible.builtin.service:
210 - "php{{ php_version }}-fpm"