dépôts / lhc / ansible.git / blob
? search:


8f59cf0b968777cd0d390e3d7dda2f7e751d0afc
[lhc/ansible.git] / tasks / config_nuage.yml
1 - name: Install required packages
2 ansible.builtin.apt:
3 name:
4 # - php-ctype
5 - php-curl
6 # - php-dom
7 # - php-fileinfo
8 - php-gd
9 - php-json
10 - "php{{ php_version }}-xml"
11 - php-mbstring
12 # - php-openssl
13 # - php-posix
14 # - php-session
15 # - php-simplexml
16 # - php-xmlreader
17 # - php-xmlwriter
18 - php-zip
19 # - php-zlib
20 # - php-pdo_pgsql
21 - "php{{ php_version }}-pgsql"
22 - php-pgsql
23 - php-intl
24 - php-bz2
25 # - php-sodium
26 - php-gmp
27 # - php-exif
28 - php-redis
29 - php-imagick
30 - python3-psycopg2 #module ansible psql
31 state: present
32
33 - name: Boucle d'ajout du user php dans plusieurs groupe
34 ansible.builtin.user:
35 name: "php_{{ SIGLE }}_{{ SITE }}"
36 groups: "{{ item }}"
37 append: true
38 loop:
39 - nextcloud
40 - postgres-data
41 - redis
42 - "site_{{ SIGLE }}_{{ SITE }}"
43
44 - name: Bloc nextcloud_version
45 when: nouvelle_version is undefined
46 block:
47 - name: Demande la version de nextcloud à installer
48 ansible.builtin.pause:
49 prompt: "Quelle version de nextcloud doit être utilisée"
50 echo: true
51 register: nextcloud_version_prompt
52
53 - name: Definir nouvelle_version
54 ansible.builtin.set_fact:
55 nouvelle_version: "{{ nextcloud_version_prompt.user_input }}"
56
57 - name: Demande la version de nextcloud déjà installée
58 ansible.builtin.pause:
59 prompt: "Quelle version de nextcloud déjà installée"
60 echo: true
61 register: ancienne_version_prompt
62
63 - name: Definir ancienne_version
64 ansible.builtin.set_fact:
65 ancienne_version: "{{ ancienne_version_prompt.user_input }}"
66
67 - name: Inclure la verif de l'install nextcloud
68 ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml
69
70 - name: "[PostgreSQL] - {{ nextcloud_php_user }} role is created."
71 become_user: postgres
72 become: true
73 community.postgresql.postgresql_user:
74 name: "{{ nextcloud_php_user }}"
75 state: present
76 role_attr_flags: CREATEDB
77
78 - name: "[PostgreSQL] - {{ nextcloud_db_name }} database is created."
79 become_user: postgres
80 become: true
81 community.postgresql.postgresql_db:
82 name: "{{ nextcloud_db_name }}"
83 state: "{{ item }}"
84 owner: "{{ nextcloud_php_user }}"
85 loop:
86 - absent
87 - present
88
89 - name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
90 become_user: postgres
91 become: true
92 community.postgresql.postgresql_privs:
93 db: "{{ item.db }}"
94 privs: "{{ item.privs }}"
95 type: "{{ item.type |default(omit)}}"
96 objs: "{{ item.objs }}"
97 role: "{{ item.role }}"
98 grant_option: "{{ item.grant_option |default(omit) }}"
99 loop_control:
100 label: "{{ item.name }}"
101 loop:
102 - db: "{{ nextcloud_db_name }}"
103 privs: "ALL"
104 type: "schema"
105 objs: "public"
106 role: "{{ nextcloud_php_user }}"
107 grant_option: true
108 name: "GRANT ALL ON SCHEMA public TO php_{{ SIGLE }}_nuage WITH GRANT OPTION;"
109
110 - name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud
111 community.postgresql.postgresql_pg_hba:
112 dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf"
113 contype: local
114 users: "php_{{ SIGLE}}_{{SITE}}"
115 databases: "php_{{ SIGLE}}_{{SITE}}"
116 method: peer
117 keep_comments_at_rules: true
118 comment: "autoriser le user php_{{ SIGLE}}_{{SITE}} à se connecter à la bdd du meme nom"
119
120 - name: Boucle création des répertoires app, config et data nextcloud
121 ansible.builtin.file:
122 path: "{{ item.path }}"
123 state: "{{ item.state }}"
124 owner: "{{ item.owner }}"
125 group: "{{ item.group }}"
126 mode: "{{ item.mode }}"
127 loop_control:
128 label: "{{ item.path }}"
129 loop:
130 - path: "{{ nextcloud_webroot }}/apps"
131 state: directory
132 owner: "{{ nextcloud_php_user }}"
133 group: "{{ nextcloud_websrv_user }}"
134 mode: '2750'
135 - path: "{{ nextcloud_webroot }}/config"
136 state: directory
137 owner: "{{ nextcloud_php_user }}"
138 group: "{{ nextcloud_websrv_user }}"
139 mode: '2750'
140 - path: "{{ nextcloud_webroot }}/data"
141 state: directory
142 owner: "{{ nextcloud_php_user }}"
143 group: "{{ nextcloud_websrv_user }}"
144 mode: '2750'
145
146 - name: Create nextcloud root dir symbolic link
147 ansible.builtin.file:
148 src: "{{ nextcloud_symbolic_source }}"
149 dest: "{{ nextcloud_webroot }}/nextcloud"
150 owner: nextcloud
151 group: nextcloud
152 state: link
153 follow: false
154
155 - name: Create nextcloud common app dir symbolic link
156 ansible.builtin.file:
157 src: "{{ nextcloud_symbolic_common }}"
158 dest: "{{ nextcloud_webroot }}/common"
159 owner: nextcloud
160 group: nextcloud
161 state: link
162 follow: false
163
164 - name: créer les fichiers spécifiques nextcloud
165 ansible.builtin.template:
166 src: "templates/{{ item.src }}"
167 dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
168 owner: "{{ item.owner }}"
169 group: "{{ item.group}}"
170 mode: "{{ item.mode }}"
171 loop:
172 - src: "nextcloud_cron.j2"
173 dest: "cron"
174 owner: "{{ nextcloud_php_user }}"
175 group: "{{ nextcloud_websrv_user }}"
176 mode: '750'
177 - src: "nextcloud_console.j2"
178 dest: "console"
179 owner: "{{ nextcloud_websrv_user }}"
180 group: "{{ nextcloud_websrv_user }}"
181 mode: '750'
182 - src: "nextcloud_install_config.j2"
183 dest: "config/config.php"
184 owner: "{{ nextcloud_php_user }}"
185 group: "{{ nextcloud_websrv_user }}"
186 mode: '640'
187
188 # - name: Lancement du script d'installation nextcloud # noqa : command-instead-of-module
189 # become_user: "{{ nextcloud_php_user }}"
190 # become: true
191 # ansible.builtin.command: >
192 # ./console maintenance:install
193 # --database='pgsql'
194 # --database-name="php_{{ SIGLE }}_{{ SITE }}"
195 # --database-user="php_{{ SIGLE }}_{{ SITE }}/data/"
196 # --database-host="/var/run/postgresql/"
197 # --admin-user='admin'
198 # --admin-pass='ckoideja'
199 # --data-dir="/home/sites/data/$TLD/{{ DOMAIN }}/{{ SITE }}/data/"
200 # args:
201 # chdir: "{{ nextcloud_webroot }}"
202 # register: install_result
203
204 # - name: créer les fichiers spécifiques nextcloud
205 # ansible.builtin.template:
206 # src: "templates/{{ item.src }}"
207 # dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
208 # owner: "{{ item.owner }}"
209 # group: "{{ item.group}}"
210 # mode: "{{ item.mode }}"
211 # loop:
212 # - src: "nextcloud_sigle_config.j2"
213 # dest: "config/{{ SIGLE }}.config.php"
214 # owner: "{{ nextcloud_php_user }}"
215 # group: "{{ nextcloud_websrv_user }}"
216 # mode: '640'
217
218 # - name: Creation d'un lien symbolique vers le configuration nextcloud commun
219 # ansible.builtin.file:
220 # src: "../../../../nextcloud/common/common.config.php"
221 # dest: "config/common.config.php"
222 # owner: nextcloud
223 # group: nextcloud
224 # state: link
225 # follow: false
226
227 # - name: Create sigle nextcloud config
228 # become_user: "{{ nextcloud_php_user }}"
229 # become: true
230 # ansible.builtin.template:
231 # src: templates/sigle.config.php.j2
232 # dest: "{{ nextcloud_webroot }}/config/sigle.config.php"
233 # owner: "{{ nextcloud_php_user }}"
234 # group: "{{ nextcloud_websrv_user }}"
235 # mode: '640' # or u=rwx,g=r,o=
236
237 # - name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
238 # become_user: postgres
239 # become: true
240 # community.postgresql.postgresql_privs:
241 # db: "{{ item.db }}"
242 # privs: "{{ item.privs }}"
243 # type: "{{ item.type |default(omit)}}"
244 # objs: "{{ item.objs }}"
245 # role: "{{ item.role }}"
246 # grant_option: "{{ item.grant_option |default(omit) }}"
247 # loop_control:
248 # label: "{{ item.name }}"
249 # loop:
250 # - db: "{{ nextcloud_db_name }}"
251 # privs: "USAGE,CREATE"
252 # type: "schema"
253 # objs: "public"
254 # role: "{{ nextcloud_php_user }}"
255 # name: "GRANT USAGE,CREATE ON SCHEMA public TO php_{{ SIGLE }}_nuage;"
256 # - db: "{{ nextcloud_db_name }}"
257 # privs: "SELECT"
258 # type: "table"
259 # objs: "pg_namespace"
260 # role: "{{ nextcloud_php_user }}"
261 # name: "GRANT SELECT ON TABLE pg_namespace TO php_{{ SIGLE }}_nuage;"
262 # - db: "{{ nextcloud_db_name }}"
263 # privs: "SELECT"
264 # type: "table"
265 # objs: "pg_collation"
266 # role: "{{ nextcloud_php_user }}"
267 # name: "GRANT SELECT ON TABLE pg_collation TO php_{{ SIGLE }}_nuage;"
268 # - db: "{{ nextcloud_db_name }}"
269 # privs: "SELECT"
270 # type: "table"
271 # objs: "pg_index"
272 # role: "{{ nextcloud_php_user }}"
273 # name: "GRANT SELECT ON TABLE pg_index TO php_{{ SIGLE }}_nuage;"
274 # - db: "{{ nextcloud_db_name }}"
275 # privs: "SELECT"
276 # type: "table"
277 # objs: "pg_attrdef"
278 # role: "{{ nextcloud_php_user }}"
279 # name: "GRANT SELECT ON TABLE pg_attrdef TO php_{{ SIGLE }}_nuage;"
280 # - db: "{{ nextcloud_db_name }}"
281 # privs: "SELECT"
282 # type: "table"
283 # objs: "pg_description"
284 # role: "{{ nextcloud_php_user }}"
285 # name: "GRANT SELECT ON TABLE pg_description TO php_{{ SIGLE }}_nuage;"
286 # - db: "{{ nextcloud_db_name }}"
287 # privs: "SELECT"
288 # type: "table"
289 # objs: "pg_settings"
290 # role: "{{ nextcloud_php_user }}"
291 # name: "GRANT SELECT ON TABLE pg_settings TO php_{{ SIGLE }}_nuage;"
292 # - db: "{{ nextcloud_db_name }}"
293 # privs: "SELECT"
294 # objs: "pg_database"
295 # role: "{{ nextcloud_php_user }}"
296 # name: "GRANT SELECT ON pg_database TO php_{{ SIGLE }}_nuage;"
297
298 # - name: Creation d'un fichier cron pour /etc/cron.d
299 # ansible.builtin.cron:
300 # name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan "
301 # minute: "5"
302 # user: "php_{{ SIGLE}}_{{SITE}}"
303 # job: "{{ nextcloud_source }}/cron"
304
305 # - name: Recharger plusieurs services
306 # ansible.builtin.service:
307 # name: "{{ item }}"
308 # state: reloaded
309 # loop:
310 # - "postgresql"
311 # - "php{{ php_version }}-fpm"
312 # - "nginx"
dépôt ansible des machines LHC