Fix nextcloud role

docker/nextcloud/fpm/Dockerfile

@@ -41,4 +41,4 @@ RUN set -ex; \
 COPY www.conf /usr/local/etc/php-fpm.d/www.conf
 COPY php.ini /usr/local/etc/php/
 
-ENV NEXTCLOUD_UPDATE 1
+ENV NEXTCLOUD_UPDATE=1

main.yml

@@ -161,14 +161,26 @@
   tags: "nextcloud"
   roles:
     - role: "nextcloud"
-      postgres_password: !vault |
+      postgres_admin_password: !vault |
+        $ANSIBLE_VAULT;1.1;AES256
+        38616339366639383639343335323330653536663836633437313333313730663139326465616464
+        3436336632653837353566363634316430326130323635390a623061336266633862333235396336
+        39396435313337313035616131333438663663643735316135323132343864323565636538643136
+        6134393331616563640a333035383635643061373336393362373163356233646533393862626633
+        3766
+
+      nextcloud_pg_password: !vault |
         $ANSIBLE_VAULT;1.1;AES256
         64356636643033376438646161346566353062363264313832383865306237653263333864363562
         3337386262353433353430663434396639396561333338390a386136396638326434396261613866
         65343938373438343539326534643331613963316266623037353865643163306336376431323931
         3835306134343063360a313162343730323637663664343633383764376161623261336331333932
         3437
 
+      # HACK: Nextcloud docker image does not allow configuring redis virtual
+      # host. The db number must be 0.
+      nextcloud_redict_db: "0"
+
 - name: "Setup syncthing"
   hosts: "uranus"
   tags: "syncthing"

roles/nextcloud/README.md

@@ -6,16 +6,13 @@ Setup [nextcloud] service in docker
 
 ## Synopsis
 
-- Create postgres database with postgres role
-- Create redis cache with redis role
-- Build customized nextcloud docker images
-- Create nextcloud service in docker
+- Create postgres database and role for nextcloud
+- Create nextcloud web and cron service in docker
 - Expose the nextcloud web GUI with traefik
 
 ## Requirements
 
-- Should be distribution agnostic
-- Ansible >= 2.10 (Tested on 2.10)
+- Ansible >= 2.16
 - traefik role should be started somewhere else
 
 ## Role Variables
@@ -25,27 +22,47 @@ Setup [nextcloud] service in docker
 - Type: `string`
 - Required: Yes
 
-(Inherited from bootstrap role) Path prefix for all persistent data.
+Path prefix for all persistent data.
 
-### `postgres_password`
+### `postgres_admin_password`
 
 - Type: `string`
 - Required: Yes
 
-(Inherited from postgres role) Password for the postgres database
+Admin (role `postgres`) password for postgres cluster, for managing db and role for
+service.
+
+### `nextcloud_pg_password`
+
+- Type: `string`
+- Required: Yes
+
+Password for the postgres database, nextcloud_user
+
+### `nextcloud_redict_db`
+
+- Type: `string (with integer in it)`
+- Required: Yes
+
+Redict (redis fork) database (virtual host) number.
+
+> [NOTE!]  
+> This has to be `0`. Nextcloud docker image does not allow configuring redis virtual host
 
 ### `nextcloud_domain`
 
 - Type: `string`
-- Default: `git.holi0317.net`
+- Default: `nc.holi0317.net`
 
-Domain for hosting gitlab
+Domain for hosting nextcloud
 
 ## Dependencies
 
-- bootstrap role
-- postgres role
-- redis role
+Following roles should be applied somewhere else
+
+- traefik
+- postgres
+- redict
 
 ## Example Playbook
 
@@ -54,7 +71,9 @@ Domain for hosting gitlab
   roles:
     - role: "nextcloud"
       vars:
-        postgres_password: "hunter2"
+        postgres_admin_password: "hunter2"
+        nextcloud_pg_password: "hunter2"
+        redict_db: "0"
 ```
 
 ## License

roles/nextcloud/defaults/main.yml

@@ -1,6 +1,17 @@
 # vim: ft=yaml.ansible
 ---
 # defaults file for nextcloud
-nextcloud_asset_path: "{{ (service_base_path, 'asset') | path_join }}"
-nextcloud_data_path: "{{ (service_base_path, 'data') | path_join }}"
+nextcloud_base_path: "{{ (storage_root, 'nextcloud') | path_join }}"
+nextcloud_asset_path: "{{ (nextcloud_base_path, 'asset') | path_join }}"
+nextcloud_data_path: "{{ (nextcloud_base_path, 'data') | path_join }}"
+
+nextcloud_fpm_image: "registry.gitlab.com/holi0317/homeserver-compose/nextcloud/fpm"
+nextcloud_web_image: "registry.gitlab.com/holi0317/homeserver-compose/nextcloud/web"
+
+nextcloud_pg_password: ""
+postgres_admin_password: ""
+
+nextcloud_network: "nextcloud"
 nextcloud_domain: "nc.holi0317.net"
+
+nextcloud_redict_db: "0"

roles/nextcloud/meta/main.yml

@@ -2,20 +2,8 @@
 ---
 galaxy_info:
   license: "MIT"
-  min_ansible_version: "2.10"
+  min_ansible_version: "2.16"
   platforms:
-    - name: "ArchLinux"
+    - name: "Fedora"
       versions:
-        - "any"
-
-dependencies:
-  - role: "bootstrap"
-    vars:
-      service_name: "nextcloud"
-  - role: "postgres"
-    vars:
-      service_name: "nextcloud"
-      postgres_user: "nextcloud"
-  - role: "redis"
-    vars:
-      service_name: "nextcloud"
+        - "39"

roles/nextcloud/tasks/main.yml

@@ -4,21 +4,49 @@
 - name: "Create directories for nextcloud"
   become: true
   loop:
+    - "{{ nextcloud_base_path }}"
     - "{{ nextcloud_data_path }}"
     - "{{ nextcloud_asset_path }}"
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     owner: "82"
     group: "82"
     mode: "700"
     state: "directory"
 
-- name: "create fpm container"
+- name: "Create postgres user for nextcloud"
+  community.postgresql.postgresql_user:
+    name: "nextcloud"
+    password: "{{ nextcloud_pg_password }}"
+    login_host: "127.0.0.1"
+    login_user: "postgres"
+    login_password: "{{ postgres_admin_password }}"
+    db: "nextcloud"
+    role_attr_flags: "NOINHERIT"
+
+- name: "Create postgres database for nextcloud"
+  community.postgresql.postgresql_db:
+    name: "nextcloud"
+    owner: "nextcloud"
+    encoding: "UTF8"
+    login_host: "127.0.0.1"
+    login_user: "postgres"
+    login_password: "{{ postgres_admin_password }}"
+
+- name: "Create docker network for nextcloud"
+  become: true
+  community.docker.docker_network:
+    name: "{{ nextcloud_network }}"
+    driver: "bridge"
+    scope: "local"
+    state: "present"
+
+- name: "Create fpm container"
   become: true
   docker_container: &fpm
     state: "started"
-    name: "{{ service_name }}_fpm"
-    image: "registry.gitlab.com/holi0317/homeserver-compose/nextcloud/fpm"
+    name: "nextcloud_fpm"
+    image: "{{ nextcloud_fpm_image }}"
     pull: true
     comparisons:
       image: "strict"
@@ -39,19 +67,23 @@
     tty: false
 
     restart_policy: "always"
-    network_mode: "{{ service_network }}"
+    network_mode: "{{ nextcloud_network }}"
     networks:
-      - name: "authentik"
-      - name: "{{ service_network }}"
+      - name: "{{ nextcloud_network }}"
         aliases:
           - "nextcloud-fpm"
+      - name: "authentik"
+      - name: "postgres"
+      - name: "redict"
     env:
       POSTGRES_DB: "nextcloud"
       POSTGRES_USER: "nextcloud"
-      POSTGRES_PASSWORD: "{{ postgres_password }}"
+      POSTGRES_PASSWORD: "{{ nextcloud_pg_password }}"
       POSTGRES_HOST: "postgres:5432"
       NEXTCLOUD_DATA_DIR: "/var/data"
-      REDIS_HOST: "redis"
+      REDIS_HOST: "redict"
+      # FIXME: Respect nextcloud_redict_db variable
+      REDIS_HOST_PORT: "6379"
       TRUSTED_PROXIES: "0.0.0.0/0"
     mounts:
       - source: "{{ nextcloud_data_path }}"
@@ -65,17 +97,20 @@
   become: true
   docker_container:
     <<: *fpm
-    name: "{{ service_name }}_cron"
+    name: "nextcloud_cron"
     entrypoint: "/cron.sh"
     user: "root:root"
     networks:
+      - name: "{{ nextcloud_network }}"
+      - name: "postgres"
+      - name: "redict"
 
 - name: "Create web (nginx) container"
   become: true
   docker_container:
     state: "started"
-    name: "{{ service_name }}_web"
-    image: "registry.gitlab.com/holi0317/homeserver-compose/nextcloud/web"
+    name: "nextcloud_web"
+    image: "{{ nextcloud_web_image }}"
     pull: true
     comparisons:
       image: "strict"
@@ -96,9 +131,9 @@
     tty: false
 
     restart_policy: "always"
-    network_mode: "{{ service_network }}"
+    network_mode: "{{ nextcloud_network }}"
     networks:
-      - name: "{{ service_network }}"
+      - name: "{{ nextcloud_network }}"
       - name: "traefik"
     mounts:
       - source: "{{ nextcloud_asset_path }}"