feat: Add nextcloud
This commit is contained in:
Lino Silva
@@ -243,3 +243,29 @@ paperless_pwd: !vault |
|
||||
61356263303563656235623866653065633063313038326432636161316339663030313439646537
|
||||
63333032353133373633353463613861643933353038323231646461386330623038343262343763
|
||||
663836323538623836346337303834313139
|
||||
|
||||
nextcloud_mysql_root_pwd: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31623863613966623834303961333332396238346332646438633665623463353938623336346631
|
||||
3835636631386263336130373130336662666635353461660a643635346430623438616234333964
|
||||
35653638313734373134663865653865393536376162356234326565353665613337376562623231
|
||||
6532333263313362660a306462626330346233393566363632613666616437343361303962353938
|
||||
64343430316661653532366233396262316236633936333162653263646635643466326265613066
|
||||
3062633330616537376462346235653433656635366135346265
|
||||
|
||||
nextcloud_mysql_pwd: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
37343730363831393233643034393838323430383339386238626334343462383061656236613530
|
||||
3430363331343139356538333333326337656163333931660a373964653034323466373038663561
|
||||
64363239663665623263326435383132393561616436376564353562666637396631316262653361
|
||||
6134653565623736310a303733396335303139643334363034356138393364373234353537623463
|
||||
62323938343430313132363037626231633435333330653665613637333734613231326434303532
|
||||
3461646466366339653532366639393035396638623035396338
|
||||
|
||||
nextcloud_admin_pwd: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
64633233343935636536353533663761353033376331666634633138363233323065323936303934
|
||||
3762643937346435636635306461663461373138636666380a363761616137373430666236306636
|
||||
38663933656231386532333032353731643936653534666530333664333835316561663335633238
|
||||
3531623266386432620a643861666538396437323234623162383437646663653036663836383233
|
||||
62636461303338313436343934656165363361396332343961396434356161363736
|
||||
@@ -0,0 +1,6 @@
|
||||
---
|
||||
|
||||
ansible_user: root
|
||||
ansible_host: 10.0.2.30
|
||||
ansible_ssh_pass: "{{ proxmox_api_password }}"
|
||||
vmid: 621
|
||||
@@ -15,6 +15,7 @@ mealie
|
||||
vaultwarden
|
||||
gitea
|
||||
paperless
|
||||
nextcloud
|
||||
|
||||
[baremetal]
|
||||
mipha
|
||||
|
||||
@@ -0,0 +1,23 @@
|
||||
---
|
||||
- hosts: localhost
|
||||
become: yes
|
||||
roles:
|
||||
- role: nextcloud/provision/delete
|
||||
- role: nextcloud/provision/create
|
||||
- role: nextcloud/provision/start
|
||||
vars:
|
||||
vmid: 621
|
||||
|
||||
- hosts: impa
|
||||
become: yes
|
||||
roles:
|
||||
- role: nextcloud/enable-ssh
|
||||
vars:
|
||||
vmid: 621
|
||||
|
||||
- hosts: nextcloud
|
||||
become: yes
|
||||
roles:
|
||||
- role: nextcloud/update
|
||||
- role: nextcloud/install-docker
|
||||
- role: nextcloud/install-app
|
||||
@@ -0,0 +1,12 @@
|
||||
---
|
||||
# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh)
|
||||
|
||||
- name: Pause for 10 seconds to wait for SSH server
|
||||
ansible.builtin.pause:
|
||||
seconds: 10
|
||||
|
||||
- name: Allow SSH into LXC
|
||||
ansible.builtin.command: lxc-attach -n 621 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config
|
||||
|
||||
- name: Restart SSH Service
|
||||
ansible.builtin.command: lxc-attach -n 621 service ssh restart
|
||||
@@ -0,0 +1,20 @@
|
||||
---
|
||||
- name: Create directory for docker-compose
|
||||
ansible.builtin.file:
|
||||
path: /root/docker/
|
||||
state: directory
|
||||
mode: "0755"
|
||||
|
||||
- name: Copy docker-compose file
|
||||
template:
|
||||
src: "docker-compose.yml"
|
||||
dest: /root/docker/docker-compose.yml
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Run docker-compose
|
||||
ansible.builtin.shell:
|
||||
args:
|
||||
cmd: docker compose up -d
|
||||
chdir: /root/docker/
|
||||
@@ -0,0 +1,33 @@
|
||||
version: '3.1'
|
||||
|
||||
services:
|
||||
db:
|
||||
image: mariadb
|
||||
container_name: nextcloud-db
|
||||
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-read-only-compressed=OFF
|
||||
restart: always
|
||||
volumes:
|
||||
- /data/nextcloud/mysql_data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD={{ nextcloud_mysql_root_pwd }}
|
||||
- MYSQL_PASSWORD={{ nextcloud_mysql_pwd }}
|
||||
- MYSQL_DATABASE=nextcloud
|
||||
- MYSQL_USER=nextcloud
|
||||
- MYSQL_ALLOW_EMPTY_PASSWORD=true
|
||||
|
||||
app:
|
||||
image: nextcloud
|
||||
container_name: nextcloud
|
||||
volumes:
|
||||
- /zfs:/var/www/html
|
||||
environment:
|
||||
- NEXTCLOUD_HOSTNAME=cloud.lino.cooking
|
||||
- MYSQL_DATABASE=nextcloud
|
||||
- MYSQL_USER=nextcloud
|
||||
- MYSQL_PASSWORD={{ nextcloud_mysql_pwd }}
|
||||
- MYSQL_HOST=nextcloud-db:3306
|
||||
- NEXTCLOUD_ADMIN_USER=linosilva
|
||||
- NEXTCLOUD_ADMIN_PASSWORD={{ nextcloud_admin_pwd }}
|
||||
ports:
|
||||
- 8001:80
|
||||
restart: always
|
||||
@@ -0,0 +1,27 @@
|
||||
---
|
||||
- name: Get convenience script
|
||||
uri:
|
||||
url: "https://get.docker.com"
|
||||
method: GET
|
||||
dest: /tmp/get-docker.sh
|
||||
mode: a+x
|
||||
creates: /tmp/get-docker.sh
|
||||
|
||||
- name: Execute script
|
||||
ansible.builtin.shell: /tmp/get-docker.sh
|
||||
|
||||
- name: Ensure group "docker" exists
|
||||
ansible.builtin.group:
|
||||
name: docker
|
||||
state: present
|
||||
|
||||
- name: Add root user to docker group
|
||||
ansible.builtin.user:
|
||||
name: root
|
||||
groups: docker
|
||||
append: yes
|
||||
|
||||
- name: Enable docker on startup
|
||||
ansible.builtin.shell: |
|
||||
systemctl enable docker.service
|
||||
systemctl enable containerd.service
|
||||
@@ -0,0 +1,31 @@
|
||||
---
|
||||
- name: Create container
|
||||
community.general.proxmox:
|
||||
vmid: 621
|
||||
node: impa
|
||||
api_user: root@pam
|
||||
api_password: "{{ proxmox_api_password }}"
|
||||
api_host: 10.0.2.2
|
||||
password: "{{ lxc_password }}"
|
||||
hostname: nextcloud
|
||||
ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst"
|
||||
netif: "{'net0':'name=eth0,\
|
||||
gw=10.0.0.1,\
|
||||
ip=10.0.2.30/21,\
|
||||
hwaddr=cc:c6:cf:de:17:90,\
|
||||
bridge=vmbr0'}"
|
||||
cores: 2
|
||||
memory: 2048
|
||||
unprivileged: no
|
||||
swap: 0
|
||||
searchdomain: "home"
|
||||
onboot: 1
|
||||
features:
|
||||
- nesting=1
|
||||
- keyctl=1
|
||||
mounts: '{
|
||||
"mp0":"nvme:5,mp=/data,backup=1",
|
||||
"mp1":"/ganondorf/nextcloud,mp=/zfs",
|
||||
}'
|
||||
disk: nvme:10
|
||||
force: yes
|
||||
@@ -0,0 +1,26 @@
|
||||
---
|
||||
- name: Stop container
|
||||
community.general.proxmox:
|
||||
vmid: "{{ vmid }}"
|
||||
api_user: root@pam
|
||||
api_password: "{{ proxmox_api_password }}"
|
||||
api_host: 10.0.2.2
|
||||
state: stopped
|
||||
ignore_errors: true
|
||||
timeout: 90
|
||||
|
||||
- name: Remove containers
|
||||
community.general.proxmox:
|
||||
vmid: "{{ vmid }}"
|
||||
api_user: root@pam
|
||||
api_password: "{{ proxmox_api_password }}"
|
||||
api_host: 10.0.2.2
|
||||
state: absent
|
||||
ignore_errors: true
|
||||
timeout: 90
|
||||
|
||||
- name: Remove .ssh/known_hosts lines
|
||||
ansible.builtin.lineinfile:
|
||||
path: /Users/lino.silva/.ssh/known_hosts
|
||||
state: absent
|
||||
regexp: "^10.0.2.30"
|
||||
@@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Start deployments
|
||||
community.general.proxmox:
|
||||
vmid: "{{ vmid }}"
|
||||
api_user: root@pam
|
||||
api_password: "{{ proxmox_api_password }}"
|
||||
api_host: 10.0.2.2
|
||||
state: started
|
||||
@@ -0,0 +1,6 @@
|
||||
---
|
||||
- name: Update all packages to their latest version
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
upgrade: full
|
||||
Reference in New Issue
Block a user