dépôts / lhc / ansible.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
maj creation_nuage
[lhc/ansible.git] / tasks / config_nuage.yml
1 - name: Install required packages
2 ansible.builtin.apt:
3 name:
4 # - php-ctype
5 - php-curl
6 # - php-dom
7 # - php-fileinfo
8 - php-gd
9 - php-json
10 - "php{{ php_version }}-xml"
11 - php-mbstring
12 # - php-openssl
13 # - php-posix
14 # - php-session
15 # - php-simplexml
16 # - php-xmlreader
17 # - php-xmlwriter
18 - php-zip
19 # - php-zlib
20 # - php-pdo_pgsql
21 - "php{{ php_version }}-pgsql"
22 - php-pgsql
23 - php-intl
24 - php-bz2
25 # - php-sodium
26 - php-gmp
27 # - php-exif
28 - php-redis
29 - php-imagick
30 state: present
31
32 - name: Boucle d'ajout du user php dans plusieurs groupe
33 ansible.builtin.user:
34 name: "php_{{ SIGLE }}_{{ SITE }}"
35 groups: "{{ item }}"
36 append: true
37 loop:
38 - nextcloud
39 - postgres-data
40 - redis
41 - "site_{{ SIGLE }}_{{ SITE }}"
42
43 - name: Bloc nextcloud_version
44 when: nouvelle_version is undefined
45 block:
46 - name: Demande la version de nextcloud à installer
47 ansible.builtin.pause:
48 prompt: "Quelle version de nextcloud doit être utilisée"
49 echo: true
50 register: nextcloud_version_prompt
51
52 - name: Definir nouvelle_version
53 ansible.builtin.set_fact:
54 nouvelle_version: "{{ nextcloud_version.user_input }}"
55
56 - name: Demande la version de nextcloud déjà installer
57 ansible.builtin.pause:
58 prompt: "Quelle version de nextcloud déjà installée"
59 echo: true
60 register: ancienne_version_prompt
61
62 - name: Definir ancienne_version
63 ansible.builtin.set_fact:
64 ancienne_version: "{{ ancienne_version.user_input }}"
65
66 - name: Inclure la verif de l'install nextcloud
67 ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml
68
69 - name: "[PostgreSQL] - {{ nextcloud_php_user }} role is created."
70 become_user: postgres
71 become: true
72 community.postgresql.postgresql_user:
73 name: "{{ nextcloud_php_user }}"
74 state: present
75 role_attr_flags: CREATEDB
76
77 - name: "[PostgreSQL] - {{ nextcloud_db_name }} database is created."
78 become_user: postgres
79 become: true
80 community.postgresql.postgresql_db:
81 name: "{{ nextcloud_db_name }}"
82 state: "{{ item }}"
83 owner: "{{ nextcloud_php_user }}"
84 loop:
85 - absent
86 - present
87
88 - name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
89 become_user: postgres
90 become: true
91 community.postgresql.postgresql_privs:
92 db: "{{ item.db }}"
93 privs: "{{ item.privs }}"
94 type: "{{ item.type |default(omit)}}"
95 objs: "{{ item.objs }}"
96 role: "{{ item.role }}"
97 grant_option: "{{ item.grant_option |default(omit) }}"
98 loop_control:
99 label: "{{ item.name }}"
100 loop:
101 - db: "{{ nextcloud_db_name }}"
102 privs: "ALL"
103 type: "schema"
104 objs: "public"
105 role: "{{ nextcloud_php_user }}"
106 grant_option: true
107 name: "GRANT ALL ON SCHEMA public TO php_{{ SIGLE }}_nuage WITH GRANT OPTION;"
108
109 - name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud
110 community.postgresql.postgresql_pg_hba:
111 dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf"
112 contype: local
113 users: "php_{{ SIGLE}}_{{SITE}}"
114 databases: "php_{{ SIGLE}}_{{SITE}}"
115 method: peer
116 keep_comments_at_rules: true
117 comment: "autoriser le user php_{{ SIGLE}}_{{SITE}} à se connecter à la bdd du meme nom"
118
119 - name: Boucle création des répertoires app, config et data nextcloud
120 ansible.builtin.file:
121 path: "{{ item.path }}"
122 state: "{{ item.state }}"
123 owner: "{{ item.owner }}"
124 group: "{{ item.group }}"
125 mode: "{{ item.mode }}"
126 loop_control:
127 label: "{{ item.path }}"
128 loop:
129 - path: "{{ nextcloud_source }}/apps"
130 state: directory
131 owner: "{{ nextcloud_php_user }}"
132 group: "{{ nextcloud_websrv_user }}"
133 mode: '2750'
134 - path: "{{ nextcloud_source }}/config"
135 state: directory
136 owner: "{{ nextcloud_php_user }}"
137 group: "{{ nextcloud_websrv_user }}"
138 mode: '2750'
139 - path: "{{ nextcloud_source }}/data"
140 state: directory
141 owner: "{{ nextcloud_php_user }}"
142 group: "{{ nextcloud_websrv_user }}"
143 mode: '2750'
144
145 - name: Create nextcloud root dir symbolic link
146 ansible.builtin.file:
147 src: "{{ nextcloud_source }}"
148 dest: "{{ nextcloud_webroot }}/nextcloud"
149 owner: nextcloud
150 group: nextcloud
151 state: link
152 follow: false
153
154 - name: Create nextcloud common app dir symbolic link
155 ansible.builtin.file:
156 src: "{{ nextcloud_common }}"
157 dest: "{{ nextcloud_webroot }}/common"
158 owner: nextcloud
159 group: nextcloud
160 state: link
161 follow: false
162
163 - name: créer les fichiers spécifiques nextcloud
164 ansible.builtin.template:
165 src: "templates/{{ item.src }}"
166 dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
167 owner: "{{ item.owner }}"
168 group: "{{ item.group}}"
169 mode: "{{ item.mode }}"
170 loop:
171 - src: "nextcloud_cron.j2"
172 dest: "cron"
173 owner: "{{ nextcloud_php_user }}"
174 group: "{{ nextcloud_websrv_user }}"
175 mode: '750'
176 - src: "nextcloud_console.j2"
177 dest: "console"
178 owner: "{{ nextcloud_websrv_user }}"
179 group: "{{ nextcloud_websrv_user }}"
180 mode: '750'
181 - src: "nextcloud_install_config.j2"
182 dest: "config/config.php"
183 owner: "{{ nextcloud_php_user }}"
184 group: "{{ nextcloud_websrv_user }}"
185 mode: '640'
186
187 # - name: Lancement du script d'installation nextcloud # noqa : command-instead-of-module
188 # become_user: "{{ nextcloud_php_user }}"
189 # become: true
190 # ansible.builtin.command: >
191 # ./console maintenance:install
192 # --database='pgsql'
193 # --database-name="php_{{ SIGLE }}_{{ SITE }}"
194 # --database-user="php_{{ SIGLE }}_{{ SITE }}/data/"
195 # --database-host="/var/run/postgresql/"
196 # --admin-user='admin'
197 # --admin-pass='ckoideja'
198 # --data-dir="/home/sites/data/$TLD/{{ DOMAIN }}/{{ SITE }}/data/"
199 # args:
200 # chdir: "{{ nextcloud_webroot }}"
201 # register: install_result
202
203 # - name: créer les fichiers spécifiques nextcloud
204 # ansible.builtin.template:
205 # src: "templates/{{ item.src }}"
206 # dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
207 # owner: "{{ item.owner }}"
208 # group: "{{ item.group}}"
209 # mode: "{{ item.mode }}"
210 # loop:
211 # - src: "nextcloud_sigle_config.j2"
212 # dest: "config/{{ SIGLE }}.config.php"
213 # owner: "{{ nextcloud_php_user }}"
214 # group: "{{ nextcloud_websrv_user }}"
215 # mode: '640'
216
217 # - name: Creation d'un lien symbolique vers le configuration nextcloud commun
218 # ansible.builtin.file:
219 # src: "../../../../nextcloud/common/common.config.php"
220 # dest: "config/common.config.php"
221 # owner: nextcloud
222 # group: nextcloud
223 # state: link
224 # follow: false
225
226 # - name: Create sigle nextcloud config
227 # become_user: "{{ nextcloud_php_user }}"
228 # become: true
229 # ansible.builtin.template:
230 # src: templates/sigle.config.php.j2
231 # dest: "{{ nextcloud_webroot }}/config/sigle.config.php"
232 # owner: "{{ nextcloud_php_user }}"
233 # group: "{{ nextcloud_websrv_user }}"
234 # mode: '640' # or u=rwx,g=r,o=
235
236 # - name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
237 # become_user: postgres
238 # become: true
239 # community.postgresql.postgresql_privs:
240 # db: "{{ item.db }}"
241 # privs: "{{ item.privs }}"
242 # type: "{{ item.type |default(omit)}}"
243 # objs: "{{ item.objs }}"
244 # role: "{{ item.role }}"
245 # grant_option: "{{ item.grant_option |default(omit) }}"
246 # loop_control:
247 # label: "{{ item.name }}"
248 # loop:
249 # - db: "{{ nextcloud_db_name }}"
250 # privs: "USAGE,CREATE"
251 # type: "schema"
252 # objs: "public"
253 # role: "{{ nextcloud_php_user }}"
254 # name: "GRANT USAGE,CREATE ON SCHEMA public TO php_{{ SIGLE }}_nuage;"
255 # - db: "{{ nextcloud_db_name }}"
256 # privs: "SELECT"
257 # type: "table"
258 # objs: "pg_namespace"
259 # role: "{{ nextcloud_php_user }}"
260 # name: "GRANT SELECT ON TABLE pg_namespace TO php_{{ SIGLE }}_nuage;"
261 # - db: "{{ nextcloud_db_name }}"
262 # privs: "SELECT"
263 # type: "table"
264 # objs: "pg_collation"
265 # role: "{{ nextcloud_php_user }}"
266 # name: "GRANT SELECT ON TABLE pg_collation TO php_{{ SIGLE }}_nuage;"
267 # - db: "{{ nextcloud_db_name }}"
268 # privs: "SELECT"
269 # type: "table"
270 # objs: "pg_index"
271 # role: "{{ nextcloud_php_user }}"
272 # name: "GRANT SELECT ON TABLE pg_index TO php_{{ SIGLE }}_nuage;"
273 # - db: "{{ nextcloud_db_name }}"
274 # privs: "SELECT"
275 # type: "table"
276 # objs: "pg_attrdef"
277 # role: "{{ nextcloud_php_user }}"
278 # name: "GRANT SELECT ON TABLE pg_attrdef TO php_{{ SIGLE }}_nuage;"
279 # - db: "{{ nextcloud_db_name }}"
280 # privs: "SELECT"
281 # type: "table"
282 # objs: "pg_description"
283 # role: "{{ nextcloud_php_user }}"
284 # name: "GRANT SELECT ON TABLE pg_description TO php_{{ SIGLE }}_nuage;"
285 # - db: "{{ nextcloud_db_name }}"
286 # privs: "SELECT"
287 # type: "table"
288 # objs: "pg_settings"
289 # role: "{{ nextcloud_php_user }}"
290 # name: "GRANT SELECT ON TABLE pg_settings TO php_{{ SIGLE }}_nuage;"
291 # - db: "{{ nextcloud_db_name }}"
292 # privs: "SELECT"
293 # objs: "pg_database"
294 # role: "{{ nextcloud_php_user }}"
295 # name: "GRANT SELECT ON pg_database TO php_{{ SIGLE }}_nuage;"
296
297 # - name: Creation d'un fichier cron pour /etc/cron.d
298 # ansible.builtin.cron:
299 # name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan "
300 # minute: "5"
301 # user: "php_{{ SIGLE}}_{{SITE}}"
302 # job: "{{ nextcloud_source }}/cron"
303
304 # - name: Recharger plusieurs services
305 # ansible.builtin.service:
306 # name: "{{ item }}"
307 # state: reloaded
308 # loop:
309 # - "postgresql"
310 # - "php{{ php_version }}-fpm"
311 # - "nginx"
dépôt ansible des machines LHC