From 1bf73a13c5876ad0d36edf6baf19a4bd2055eea4 Mon Sep 17 00:00:00 2001 From: rominique Date: Fri, 15 Mar 2024 11:37:00 +0100 Subject: [PATCH] maj creation_nuage --- creation_nouveau_site.yml | 8 +- group_vars/vm.yml | 5 +- host_vars/ligatures.yml | 9 +- host_vars/localhost.yml | 2 +- tasks/backup_from_ateliers.yml | 2 +- tasks/config_nextcloud.yml | 211 ----------------- tasks/config_nuage.yml | 311 ++++++++++++++++++++++++++ tasks/config_pool_php.yml | 4 +- tasks/rsync_from_ateliers.yml | 50 +++++ tasks/update_nextcloud.yml | 18 +- templates/nextcloud_console.j2 | 7 + templates/nextcloud_cron.j2 | 7 + templates/nextcloud_install_config.j2 | 42 ++++ templates/nextcloud_sigle_config.j2 | 50 +++++ templates/sigle_config_template.j2 | 10 - update_nuage_instance.yml | 4 +- 16 files changed, 496 insertions(+), 244 deletions(-) delete mode 100644 tasks/config_nextcloud.yml create mode 100644 tasks/config_nuage.yml create mode 100644 tasks/rsync_from_ateliers.yml create mode 100644 templates/nextcloud_console.j2 create mode 100644 templates/nextcloud_cron.j2 create mode 100644 templates/nextcloud_install_config.j2 create mode 100644 templates/nextcloud_sigle_config.j2 delete mode 100644 templates/sigle_config_template.j2 diff --git a/creation_nouveau_site.yml b/creation_nouveau_site.yml index cd2f0f2..f3240da 100644 --- a/creation_nouveau_site.yml +++ b/creation_nouveau_site.yml @@ -7,17 +7,15 @@ vars: # config_nginx: true à l'avenir on pourrait demander à l'utilisateur de choisir si il veut configurer nginx - php_version: 8.0 - postgres_version: 15 - nouvelle_version: 27.1.6 # nextcloud - ancienne_version: 27.1.5 # nextcloud + # nouvelle_version: 27.1.7 # nextcloud + # ancienne_version: 27.1.6 # nextcloud vars_prompt: - name: SITE prompt: 'quel type de site?(ex: nuage, www, wiki, paheko)' private: false - default: "paheko" + default: "nuage" - name: TLD prompt: 'TLD du site à mettre à jour?(ex: org)' diff --git a/group_vars/vm.yml b/group_vars/vm.yml index 1d18013..95c2ae0 100644 --- a/group_vars/vm.yml +++ b/group_vars/vm.yml @@ -1,7 +1,9 @@ nextcloud_webroot: "{{ nextcloud_files_path }}/instance" nextcloud_websrv_user: www-data +nextcloud_php_user: www-data nextcloud_files_path: "/opt/nuage" -nouvelle_version: 23.0.12 +nouvelle_version: 26 +ancienne_version: 25 # possble value: # 23.0.12 # 24.0.12 @@ -9,6 +11,7 @@ nouvelle_version: 23.0.12 # 26.0.4 php_fpm_service: php{{ php_version }}-fpm php_version: '8.0' +postgres_version: 13 nextcloud_tmp_path: "/tmp/nextcloud/{{ DOMAIN }}" nextcloud_backup_path: "/opt/nuage/backups/{{ DOMAIN }}" nextcloud_db_name: "nextcloud" diff --git a/host_vars/ligatures.yml b/host_vars/ligatures.yml index 9315720..d63cf76 100644 --- a/host_vars/ligatures.yml +++ b/host_vars/ligatures.yml @@ -1,8 +1,11 @@ -nextcloud_websrv_user: "php_{{ SIGLE }}_nuage" -nextcloud_sources_files_path: "/home/sites/data/nextcloud/sources" +nextcloud_php_user: "php_{{ SIGLE }}_nuage" +nextcloud_websrv_user: "site_{{ SIGLE }}_nuage" +nextcloud_sources_files_path: "../../../nextcloud/sources" nextcloud_common_files_path: "/home/sites/data/nextcloud/common" nextcloud_webroot: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/nuage" nextcloud_source: "{{ nextcloud_sources_files_path }}/nextcloud-{{ nouvelle_version }}" nextcloud_common: "{{ nextcloud_common_files_path }}/nextcloud-{{ nouvelle_version }}" php_fpm_service: php{{ php_version}}-fpm -php_version: '8.2' \ No newline at end of file +php_version: '8.2' +postgres_version: 15 +nextcloud_db_name: "php_{{ SIGLE }}_nuage" \ No newline at end of file diff --git a/host_vars/localhost.yml b/host_vars/localhost.yml index 391cefc..b8817bc 100644 --- a/host_vars/localhost.yml +++ b/host_vars/localhost.yml @@ -1 +1 @@ -nextcloud_tmp_path: "/tmp/nextcloud/{{ domain }}" \ No newline at end of file +nextcloud_tmp_path: "/tmp/nextcloud/{{ DOMAIN }}" \ No newline at end of file diff --git a/tasks/backup_from_ateliers.yml b/tasks/backup_from_ateliers.yml index d662d64..f47f395 100644 --- a/tasks/backup_from_ateliers.yml +++ b/tasks/backup_from_ateliers.yml @@ -61,7 +61,7 @@ # become_user: "{{ nextcloud_websrv_user }}" ansible.builtin.fetch: src: "{{ item }}" - dest: "/tmp/nextcloud/{{ domain }}/" + dest: "/tmp/nextcloud/{{ DOMAIN }}/" flat: true loop: - "{{ nextcloud_tmp_path }}/dump.pgc" diff --git a/tasks/config_nextcloud.yml b/tasks/config_nextcloud.yml deleted file mode 100644 index a9042bf..0000000 --- a/tasks/config_nextcloud.yml +++ /dev/null @@ -1,211 +0,0 @@ -- name: Install required packages - ansible.builtin.apt: - name: - - php-ctype - - php-curl - - php-dom - - php-fileinfo - - php-gd - - php-json - - php-libxml - - php-mbstring - - php-openssl - - php-posix - - php-session - - php-simplexml - - php-xmlreader - - php-xmlwriter - - php-zip - - php-zlib - - php-pdo_pgsql - - php-intl - - php-bz2 - - php-sodium - - php-gmp -# - php-exif - - php-redis - - php-imagick - state: present - -- name: Boucle d'ajout du user php dans plusieurs groupe - ansible.builtin.user: - name: "php_{{ SIGLE }}_{{ SITE }}" - groups: "{{ item }}" - append: true - loop: - - nextcloud - - postgres-data - - redis - - "site_{{ SIGLE }}_{{ SITE }}" - -- name: Bloc nextcloud_version - when: nouvelle_version is undefined - block: - - name: Demande la version de nextcloud à installer - ansible.builtin.pause: - prompt: "Quelle version de nextcloud doit être utilisée" - echo: true - register: nextcloud_version_prompt - - - name: Definir nouvelle_version - ansible.builtin.set_fact: - nouvelle_version: "{{ nextcloud_version.user_input }}" - - - name: Demande la version de nextcloud déjà installer - ansible.builtin.pause: - prompt: "Quelle version de nextcloud déjà installée" - echo: true - register: ancienne_version_prompt - - - name: Definir ancienne_version - ansible.builtin.set_fact: - ancienne_version: "{{ ancienne_version.user_input }}" - -- name: Inclure la verif de l'install nextcloud - ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml - -- name: "[PostgreSQL] - {{ nextcloud_websrv_user }} role is created." - become_user: postgres - become: true - community.postgresql.postgresql_user: - name: "{{ nextcloud_websrv_user }}" - state: present - role_attr_flags: CREATEDB - -- name: "[PostgreSQL] - {{ nextcloud_db_name }} database is created." - become_user: postgres - become: true - community.postgresql.postgresql_db: - name: "{{ nextcloud_db_name }}" - state: "{{ item }}" - owner: "{{ nextcloud_websrv_user }}" - loop: - - absent - - present - -- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php - community.postgresql.postgresql_privs: - db: "{{ item.db }}" - privs: "{{ item.privs }}" - type: "{{ item.type }}" - objs: "{{ item.objs }}" - role: "{{ item.role }}" - grant_option: "{{ item.grant_option |default(false) }}" - loop_control: "{{ item.name }}" - loop: - - db: "{{ php_${SIGLE}_nuage }}" - privs: "ALL" - type: "schema" - objs: "public" - role: "{{ php_${SIGLE}_nuage }}" - grant_option: true - name: "GRANT ALL ON SCHEMA public TO php_${SIGLE}_nuage WITH GRANT OPTION;" - - db: "{{ php_${SIGLE}_nuage }}" - privs: "USAGE,CREATE" - type: "schema" - objs: "public" - role: "{{ php_${SIGLE}_nuage }}" - name: "GRANT USAGE,CREATE ON SCHEMA public TO php_${SIGLE}_nuage;" - - db: "{{ php_${SIGLE}_nuage }}" - privs: "SELECT" - type: "table" - objs: "pg_namespace" - role: "{{ php_${SIGLE}_nuage }}" - name: GRANT SELECT ON TABLE pg_namespace TO php_${SIGLE}_nuage; - - db: "{{ php_${SIGLE}_nuage }}" - privs: "SELECT" - type: "table" - objs: "pg_collation" - role: "{{ php_${SIGLE}_nuage }}" - name: GRANT SELECT ON TABLE pg_collation TO php_${SIGLE}_nuage; - - db: "{{ php_${SIGLE}_nuage }}" - privs: "SELECT" - type: "table" - objs: "pg_index" - role: "{{ php_${SIGLE}_nuage }}" - name: GRANT SELECT ON TABLE pg_index TO php_${SIGLE}_nuage; - - db: "{{ php_${SIGLE}_nuage }}" - privs: "SELECT" - type: "table" - objs: "pg_attrdef" - role: "{{ php_${SIGLE}_nuage }}" - name: GRANT SELECT ON TABLE pg_attrdef TO php_${SIGLE}_nuage; - - db: "{{ php_${SIGLE}_nuage }}" - privs: "SELECT" - type: "table" - objs: "pg_description" - role: "{{ php_${SIGLE}_nuage }}" - name: GRANT SELECT ON TABLE pg_description TO php_${SIGLE}_nuage; - - db: "{{ php_${SIGLE}_nuage }}" - privs: "SELECT" - type: "table" - objs: "pg_settings" - role: "{{ php_${SIGLE}_nuage }}" - name: GRANT SELECT ON TABLE pg_settings TO php_${SIGLE}_nuage; - - db: "{{ php_${SIGLE}_nuage }}" - privs: "SELECT" - objs: "pg_database" - role: "{{ php_${SIGLE}_nuage }}" - name: GRANT SELECT ON pg_database TO php_${SIGLE}_nuage; - -- name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud - community.postgresql.postgresql_pg_hba: - dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf" - contype: local - users: "php_{{ SIGLE}}_{{SITE}}" - databases: "php_{{ SIGLE}}_{{SITE}}" - method: peer - keep_comments_at_rules: true - comment: "autoriser le user php_{{ SIGLE}}_{{SITE}} à se connecter à la bdd du meme nom" - -# - name: Update nextcloud root dir symbolic link -# become: true -# ansible.builtin.file: -# src: "{{ nextcloud_source }}" -# dest: "{{ nextcloud_webroot }}/nextcloud" -# owner: nextcloud -# group: nextcloud -# state: link -# follow: false - -# - name: Update nextcloud common app dir symbolic link -# become: true -# ansible.builtin.file: -# src: "{{ nextcloud_common }}" -# dest: "{{ nextcloud_webroot }}/common" -# owner: nextcloud -# group: nextcloud -# state: link -# follow: false - -# copy skeleton? - -# lancement de la commande d'installation - -# lien symbolic common conf - -- name: Create sigle nextcloud config - become_user: "{{ nextcloud_websrv_user }}" - become: true - ansible.builtin.template: - src: templates/sigle.config.php.j2 - dest: "{{ nextcloud_webroot }}/config/sigle.config.php" - owner: "{{ nextcloud_websrv_user }}" - group: "{{ nextcloud_websrv_user }}" - mode: '640' # or u=rwx,g=r,o= - -- name: Creation d'un fichier cron pour /etc/cron.d - ansible.builtin.cron: - name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan " - minute: "5" - user: "php_{{ SIGLE}}_{{SITE}}" - job: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/cron" - -- name: Recharger plusieurs services - ansible.builtin.service: - name: "{{ item }}" - state: reloaded - loop: - - "postgresql" - - "php{{ php_version }}-fpm" - - "nginx" diff --git a/tasks/config_nuage.yml b/tasks/config_nuage.yml new file mode 100644 index 0000000..112d408 --- /dev/null +++ b/tasks/config_nuage.yml @@ -0,0 +1,311 @@ +- name: Install required packages + ansible.builtin.apt: + name: +# - php-ctype + - php-curl +# - php-dom +# - php-fileinfo + - php-gd + - php-json + - "php{{ php_version }}-xml" + - php-mbstring +# - php-openssl +# - php-posix +# - php-session +# - php-simplexml +# - php-xmlreader +# - php-xmlwriter + - php-zip +# - php-zlib +# - php-pdo_pgsql + - "php{{ php_version }}-pgsql" + - php-pgsql + - php-intl + - php-bz2 +# - php-sodium + - php-gmp +# - php-exif + - php-redis + - php-imagick + state: present + +- name: Boucle d'ajout du user php dans plusieurs groupe + ansible.builtin.user: + name: "php_{{ SIGLE }}_{{ SITE }}" + groups: "{{ item }}" + append: true + loop: + - nextcloud + - postgres-data + - redis + - "site_{{ SIGLE }}_{{ SITE }}" + +- name: Bloc nextcloud_version + when: nouvelle_version is undefined + block: + - name: Demande la version de nextcloud à installer + ansible.builtin.pause: + prompt: "Quelle version de nextcloud doit être utilisée" + echo: true + register: nextcloud_version_prompt + + - name: Definir nouvelle_version + ansible.builtin.set_fact: + nouvelle_version: "{{ nextcloud_version.user_input }}" + + - name: Demande la version de nextcloud déjà installer + ansible.builtin.pause: + prompt: "Quelle version de nextcloud déjà installée" + echo: true + register: ancienne_version_prompt + + - name: Definir ancienne_version + ansible.builtin.set_fact: + ancienne_version: "{{ ancienne_version.user_input }}" + +- name: Inclure la verif de l'install nextcloud + ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml + +- name: "[PostgreSQL] - {{ nextcloud_php_user }} role is created." + become_user: postgres + become: true + community.postgresql.postgresql_user: + name: "{{ nextcloud_php_user }}" + state: present + role_attr_flags: CREATEDB + +- name: "[PostgreSQL] - {{ nextcloud_db_name }} database is created." + become_user: postgres + become: true + community.postgresql.postgresql_db: + name: "{{ nextcloud_db_name }}" + state: "{{ item }}" + owner: "{{ nextcloud_php_user }}" + loop: + - absent + - present + +- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php + become_user: postgres + become: true + community.postgresql.postgresql_privs: + db: "{{ item.db }}" + privs: "{{ item.privs }}" + type: "{{ item.type |default(omit)}}" + objs: "{{ item.objs }}" + role: "{{ item.role }}" + grant_option: "{{ item.grant_option |default(omit) }}" + loop_control: + label: "{{ item.name }}" + loop: + - db: "{{ nextcloud_db_name }}" + privs: "ALL" + type: "schema" + objs: "public" + role: "{{ nextcloud_php_user }}" + grant_option: true + name: "GRANT ALL ON SCHEMA public TO php_{{ SIGLE }}_nuage WITH GRANT OPTION;" + +- name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud + community.postgresql.postgresql_pg_hba: + dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf" + contype: local + users: "php_{{ SIGLE}}_{{SITE}}" + databases: "php_{{ SIGLE}}_{{SITE}}" + method: peer + keep_comments_at_rules: true + comment: "autoriser le user php_{{ SIGLE}}_{{SITE}} à se connecter à la bdd du meme nom" + +- name: Boucle création des répertoires app, config et data nextcloud + ansible.builtin.file: + path: "{{ item.path }}" + state: "{{ item.state }}" + owner: "{{ item.owner }}" + group: "{{ item.group }}" + mode: "{{ item.mode }}" + loop_control: + label: "{{ item.path }}" + loop: + - path: "{{ nextcloud_source }}/apps" + state: directory + owner: "{{ nextcloud_php_user }}" + group: "{{ nextcloud_websrv_user }}" + mode: '2750' + - path: "{{ nextcloud_source }}/config" + state: directory + owner: "{{ nextcloud_php_user }}" + group: "{{ nextcloud_websrv_user }}" + mode: '2750' + - path: "{{ nextcloud_source }}/data" + state: directory + owner: "{{ nextcloud_php_user }}" + group: "{{ nextcloud_websrv_user }}" + mode: '2750' + +- name: Create nextcloud root dir symbolic link + ansible.builtin.file: + src: "{{ nextcloud_source }}" + dest: "{{ nextcloud_webroot }}/nextcloud" + owner: nextcloud + group: nextcloud + state: link + follow: false + +- name: Create nextcloud common app dir symbolic link + ansible.builtin.file: + src: "{{ nextcloud_common }}" + dest: "{{ nextcloud_webroot }}/common" + owner: nextcloud + group: nextcloud + state: link + follow: false + +- name: créer les fichiers spécifiques nextcloud + ansible.builtin.template: + src: "templates/{{ item.src }}" + dest: "{{ nextcloud_webroot }}/{{ item.dest }}" + owner: "{{ item.owner }}" + group: "{{ item.group}}" + mode: "{{ item.mode }}" + loop: + - src: "nextcloud_cron.j2" + dest: "cron" + owner: "{{ nextcloud_php_user }}" + group: "{{ nextcloud_websrv_user }}" + mode: '750' + - src: "nextcloud_console.j2" + dest: "console" + owner: "{{ nextcloud_websrv_user }}" + group: "{{ nextcloud_websrv_user }}" + mode: '750' + - src: "nextcloud_install_config.j2" + dest: "config/config.php" + owner: "{{ nextcloud_php_user }}" + group: "{{ nextcloud_websrv_user }}" + mode: '640' + +# - name: Lancement du script d'installation nextcloud # noqa : command-instead-of-module +# become_user: "{{ nextcloud_php_user }}" +# become: true +# ansible.builtin.command: > +# ./console maintenance:install +# --database='pgsql' +# --database-name="php_{{ SIGLE }}_{{ SITE }}" +# --database-user="php_{{ SIGLE }}_{{ SITE }}/data/" +# --database-host="/var/run/postgresql/" +# --admin-user='admin' +# --admin-pass='ckoideja' +# --data-dir="/home/sites/data/$TLD/{{ DOMAIN }}/{{ SITE }}/data/" +# args: +# chdir: "{{ nextcloud_webroot }}" +# register: install_result + +# - name: créer les fichiers spécifiques nextcloud +# ansible.builtin.template: +# src: "templates/{{ item.src }}" +# dest: "{{ nextcloud_webroot }}/{{ item.dest }}" +# owner: "{{ item.owner }}" +# group: "{{ item.group}}" +# mode: "{{ item.mode }}" +# loop: +# - src: "nextcloud_sigle_config.j2" +# dest: "config/{{ SIGLE }}.config.php" +# owner: "{{ nextcloud_php_user }}" +# group: "{{ nextcloud_websrv_user }}" +# mode: '640' + +# - name: Creation d'un lien symbolique vers le configuration nextcloud commun +# ansible.builtin.file: +# src: "../../../../nextcloud/common/common.config.php" +# dest: "config/common.config.php" +# owner: nextcloud +# group: nextcloud +# state: link +# follow: false + +# - name: Create sigle nextcloud config +# become_user: "{{ nextcloud_php_user }}" +# become: true +# ansible.builtin.template: +# src: templates/sigle.config.php.j2 +# dest: "{{ nextcloud_webroot }}/config/sigle.config.php" +# owner: "{{ nextcloud_php_user }}" +# group: "{{ nextcloud_websrv_user }}" +# mode: '640' # or u=rwx,g=r,o= + +# - name: Pour chaque base, ajouter les droits suivants à l'utilisateur php +# become_user: postgres +# become: true +# community.postgresql.postgresql_privs: +# db: "{{ item.db }}" +# privs: "{{ item.privs }}" +# type: "{{ item.type |default(omit)}}" +# objs: "{{ item.objs }}" +# role: "{{ item.role }}" +# grant_option: "{{ item.grant_option |default(omit) }}" +# loop_control: +# label: "{{ item.name }}" +# loop: +# - db: "{{ nextcloud_db_name }}" +# privs: "USAGE,CREATE" +# type: "schema" +# objs: "public" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT USAGE,CREATE ON SCHEMA public TO php_{{ SIGLE }}_nuage;" +# - db: "{{ nextcloud_db_name }}" +# privs: "SELECT" +# type: "table" +# objs: "pg_namespace" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT SELECT ON TABLE pg_namespace TO php_{{ SIGLE }}_nuage;" +# - db: "{{ nextcloud_db_name }}" +# privs: "SELECT" +# type: "table" +# objs: "pg_collation" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT SELECT ON TABLE pg_collation TO php_{{ SIGLE }}_nuage;" +# - db: "{{ nextcloud_db_name }}" +# privs: "SELECT" +# type: "table" +# objs: "pg_index" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT SELECT ON TABLE pg_index TO php_{{ SIGLE }}_nuage;" +# - db: "{{ nextcloud_db_name }}" +# privs: "SELECT" +# type: "table" +# objs: "pg_attrdef" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT SELECT ON TABLE pg_attrdef TO php_{{ SIGLE }}_nuage;" +# - db: "{{ nextcloud_db_name }}" +# privs: "SELECT" +# type: "table" +# objs: "pg_description" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT SELECT ON TABLE pg_description TO php_{{ SIGLE }}_nuage;" +# - db: "{{ nextcloud_db_name }}" +# privs: "SELECT" +# type: "table" +# objs: "pg_settings" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT SELECT ON TABLE pg_settings TO php_{{ SIGLE }}_nuage;" +# - db: "{{ nextcloud_db_name }}" +# privs: "SELECT" +# objs: "pg_database" +# role: "{{ nextcloud_php_user }}" +# name: "GRANT SELECT ON pg_database TO php_{{ SIGLE }}_nuage;" + +# - name: Creation d'un fichier cron pour /etc/cron.d +# ansible.builtin.cron: +# name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan " +# minute: "5" +# user: "php_{{ SIGLE}}_{{SITE}}" +# job: "{{ nextcloud_source }}/cron" + +# - name: Recharger plusieurs services +# ansible.builtin.service: +# name: "{{ item }}" +# state: reloaded +# loop: +# - "postgresql" +# - "php{{ php_version }}-fpm" +# - "nginx" diff --git a/tasks/config_pool_php.yml b/tasks/config_pool_php.yml index f20d74b..02d5908 100644 --- a/tasks/config_pool_php.yml +++ b/tasks/config_pool_php.yml @@ -64,7 +64,7 @@ group: 'root' mode: '2755' -- name: Création de la conf server nginx +- name: Création de la conf du pool php ansible.builtin.template: src: "templates/php_{{ SITE }}_conf.j2" dest: "/etc/php/{{ php_version}}/fpm/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/php-fpm.conf" @@ -76,7 +76,7 @@ - name: ATTENTION la config php n'a pas été créer ansible.builtin.debug: msg: "Il n'y a pas de templates php pour votre site, il faudra le créer manuellement" - when: SITE != 'nuage' or SITE != 'paheko' + when: SITE != 'nuage' and SITE != 'paheko' # - name: recharger PHP service # ansible.builtin.service: diff --git a/tasks/rsync_from_ateliers.yml b/tasks/rsync_from_ateliers.yml new file mode 100644 index 0000000..71b3422 --- /dev/null +++ b/tasks/rsync_from_ateliers.yml @@ -0,0 +1,50 @@ +--- +# Tâches éxecutées sur le serveur ateliers + +- name: Activation du nextcloud maintenance mode + become_user: "{{ nextcloud_websrv_user }}" + become: true + ansible.builtin.command: './console maintenance:mode --on' + register: my_output + changed_when: '"already" not in my_output.stdout' + args: + chdir: "{{ nextcloud_webroot }}" + +- name: Création d'un dump de la base de donnée postgreSQL + become: true + become_user: "{{ nextcloud_websrv_user }}" + ansible.builtin.command: "pg_dump -f dump.sql -O -F c -b {{ nextcloud_db_name }}" + register: my_output + changed_when: my_output.rc != 0 + args: + chdir: "{{ nextcloud_tmp_path }}" + +- name: Synchronisation des fichiers nextcloud présent sur ateliers dans la vm de migration nextcloud + ansible.posix.synchronize: + src: "rsync://ateliers/{{ item }}" + dest: "/opt/nuage/backup/{{ DOMAIN }}/" + mode: pull + partial: true + delegate_to: vm_debian11 + loop: + - "{{ nextcloud_tmp_path }}/dump.sql" + # - "{{ nextcloud_webroot }}/data" + - "{{ nextcloud_webroot }}/config/config.php" + +- name: Supprimer les fichiers temporaires du serveur ateliers + become: true + become_user: "{{ nextcloud_websrv_user }}" + ansible.builtin.file: + path: "{{ item }}" + state: absent + loop: + - "{{ nextcloud_tmp_path }}/dump.sql" + +- name: Desactivation du nextcloud maintenance mode # noqa : command-instead-of-module + become_user: "{{ nextcloud_websrv_user }}" + become: true + ansible.builtin.command: './console maintenance:mode --off' + register: my_output + changed_when: '"already" not in my_output.stdout' + args: + chdir: "{{ nextcloud_webroot }}" diff --git a/tasks/update_nextcloud.yml b/tasks/update_nextcloud.yml index 850be74..e7e9855 100644 --- a/tasks/update_nextcloud.yml +++ b/tasks/update_nextcloud.yml @@ -1,8 +1,9 @@ -- name: Stop webserver service +- name: Active le mode maintenance # noqa : command-instead-of-module + become_user: "{{ nextcloud_websrv_user }}" become: true - ansible.builtin.service: - name: "{{ nextcloud_websrv }}" - state: stopped + ansible.builtin.command: './console maintenance:mode --on' + args: + chdir: "{{ nextcloud_webroot }}" - name: Update nextcloud root dir symbolic link become: true @@ -24,11 +25,12 @@ state: link follow: false -- name: Start webserver service +- name: Desactive le mode maintenance # noqa : command-instead-of-module + become_user: "{{ nextcloud_websrv_user }}" become: true - ansible.builtin.service: - name: "{{ nextcloud_websrv }}" - state: started + ansible.builtin.command: './console maintenance:mode --off' + args: + chdir: "{{ nextcloud_webroot }}" - name: Run nextcloud upgrade script # noqa : command-instead-of-module become_user: "{{ nextcloud_websrv_user }}" diff --git a/templates/nextcloud_console.j2 b/templates/nextcloud_console.j2 new file mode 100644 index 0000000..5bf9ed2 --- /dev/null +++ b/templates/nextcloud_console.j2 @@ -0,0 +1,7 @@ +#! /bin/bash + +BASEDIR=$(dirname $(readlink -f $0)) + +export NEXTCLOUD_CONFIG_DIR=$BASEDIR/config + +exec php $BASEDIR/nextcloud/console.php $* \ No newline at end of file diff --git a/templates/nextcloud_cron.j2 b/templates/nextcloud_cron.j2 new file mode 100644 index 0000000..7f60e05 --- /dev/null +++ b/templates/nextcloud_cron.j2 @@ -0,0 +1,7 @@ +#! /bin/bash + +BASEDIR=$(dirname $(readlink -f $0)) + +export NEXTCLOUD_CONFIG_DIR=$BASEDIR/config + +exec php -f $BASEDIR/nextcloud/cron.php $* \ No newline at end of file diff --git a/templates/nextcloud_install_config.j2 b/templates/nextcloud_install_config.j2 new file mode 100644 index 0000000..40dcc52 --- /dev/null +++ b/templates/nextcloud_install_config.j2 @@ -0,0 +1,42 @@ + '/var/run/postgresql/', + 'dbport' => '', + 'dbtableprefix' => 'oc_', + 'dbtype' => 'pgsql', + 'apps_paths' => + array ( + 0 => + array ( + 'path' => "/home/sites/data/$TLD/$DOMAIN/$SITE/nextcloud/apps", + 'url' => '/apps', + 'writable' => false, + ), + 1 => + array ( + 'path' => "/home/sites/data/$TLD/$DOMAIN/$SITE/common", + 'url' => '/common-apps', + 'writable' => false, + ), + 2 => + array ( + 'path' => "/home/sites/data/$TLD/$DOMAIN/$SITE/apps", + 'url' => '/instance-apps', + 'writable' => true, + ), + ), + 'datadirectory' => "/home/sites/data/$TLD/$DOMAIN/$SITE/data", + 'dbname' => "php_{$SIGLE}_{$SITE}", + 'dbuser' => "php_{$SIGLE}_{$SITE}", + 'maintenance' => false, + 'overwrite.cli.url' => "http://$SITE.$DOMAIN.$TLD", + 'trusted_domains' => + array ( + 0 => "$SITE.$DOMAIN.$TLD", + ), +); diff --git a/templates/nextcloud_sigle_config.j2 b/templates/nextcloud_sigle_config.j2 new file mode 100644 index 0000000..e4b913b --- /dev/null +++ b/templates/nextcloud_sigle_config.j2 @@ -0,0 +1,50 @@ + [ + 0 => [ + 'path' => "/home/sites/data/$TLD/$DOMAIN/$SITE/nextcloud/apps", + 'url' => '/apps', + 'writable' => false, + ], + 1 => [ + 'path' => "/home/sites/data/$TLD/$DOMAIN/$SITE/common", + 'url' => '/common-apps', + 'writable' => false, + ], + 2 => [ + 'path' => "/home/sites/data/$TLD/$DOMAIN/$SITE/apps", + 'url' => '/instance-apps', + 'writable' => true, + ], + ], + 'datadirectory' => "/home/sites/data/$TLD/$DOMAIN/$SITE/data/", + 'dbname' => "php_{$SIGLE}_test_nuage", + 'dbuser' => "php_{$SIGLE}_test_nuage", + 'overwrite.cli.url' => "http://$SITE.$DOMAIN.$TLD", + 'mail_smtpmode' => 'smtp', + 'mail_smtpsecure' => 'ssl', + 'mail_sendmailmode' => 'smtp', + 'mail_from_address' => "$SITE", + 'mail_domain' => "$DOMAIN.$TLD", + 'mail_smtpauthtype' => 'PLAIN', + 'mail_smtpauth' => 1, + 'mail_smtphost' => "smtp.$DOMAIN.$TLD", + 'mail_smtpname' => "$SITE@$DOMAIN.$TLD", + 'mail_smtppassword' => "$MAIL_SMTPPASSWORD", + 'mail_smtpport' => '465', + 'trusted_domains' => [ + 0 => "$SITE.$DOMAIN.$TLD", + ], + {# 'secret' => "$SECRET", + 'passwordsalt' => "$PASSWORDSALT", + 'instanceid' => "$INSTANCEID", #} +]; \ No newline at end of file diff --git a/templates/sigle_config_template.j2 b/templates/sigle_config_template.j2 deleted file mode 100644 index 7881c52..0000000 --- a/templates/sigle_config_template.j2 +++ /dev/null @@ -1,10 +0,0 @@ - 'oc2ls3ih38ml', - 'passwordsalt' => 'eKxcXZBq+rTNj8fCWQ5/Iw+GJPpEVo', - 'secret' => 'tEVNpFGKZVmab4zIjZq5qeBNjJtgDc50Ezz9zvebjIGwxcIf', - 'version' => '22.2.0.2', - 'installed' => true, - 'maintenance' => false, -); diff --git a/update_nuage_instance.yml b/update_nuage_instance.yml index d94d637..d74ffed 100644 --- a/update_nuage_instance.yml +++ b/update_nuage_instance.yml @@ -1,6 +1,6 @@ --- # commande pour lancer le playbook: ansible-playbook update_nuage_instance.yml -# ATTENTION pour l'instance "test-nuage" il faut lancer commande pour lancer le playbook: +# ATTENTION pour l'instance "test-nuage" il faut lancer la commande ci-dessous pour lancer le playbook: # ansible-playbook update_nuage_instance.yml --extra-vars "nextcloud_websrv_user=php_lhc_test_nuage nextcloud_webroot=/home/sites/data/org/heureux-cyclage/test-nuage" - name: Promp pour définir les variables @@ -73,4 +73,4 @@ - name: Display upgrade result ansible.builtin.debug: - msg: "Le nuage de {{ domain }} a été mis à jour avec la nouvelle version {{ nouvelle_version }}" + msg: "Le nuage de {{ DOMAIN }} a été mis à jour avec la nouvelle version {{ nouvelle_version }}" -- 2.20.1