Skip to content
Permalink
Browse files

Add 'owncloud' role

- this role installs and configures ownCloud (http://owncloud.org/);

- ownCloud by default uses nginx, php5 and mysql roles to configure the
  environment on local host, you can disable that and configure your own
  services;

- by default ownCloud automatically finishes installation with admin
  username 'admin-$USER' and 'password' password, or random if role
  'secret' is used, you can disable that behaviour using a variable;

- you can use either MySQL (default), PostgreSQL or SQLite as the
  database backend;
  • Loading branch information
drybjed committed Dec 30, 2013
1 parent 3da0d43 commit 8ad3cff8147d51d097299da8ed05a563c062e050
@@ -0,0 +1,9 @@
---

- name: OwnCloud support
hosts: ginas_owncloud
sudo: yes

roles:
- { role: owncloud }

@@ -0,0 +1,126 @@
---

# --- Basic options ---

# Should ownCloud role manage it's own dependencies (nginx, php5, postgresql, mysql)?
# If you want to setup them differently, you should change this to False
owncloud_dependencies: True

# Domain that will be configured for ownCloud instance
owncloud_domain: '{{ ansible_fqdn }}'


# --- ownCloud source and deployment ---

# User and group that will be used for ownCloud instance
owncloud_user: 'owncloud'
owncloud_group: 'owncloud'
owncloud_home: '/srv/users/{{ owncloud_user }}'

# Path where ownCloud data/ directory and files are stored
owncloud_data_path: '/srv/lib/{{ owncloud_user }}/{{ owncloud_domain }}/data'

# Where ownCloud instance will be deployed (web root)
owncloud_deploy_path: '/srv/www/{{ owncloud_user }}/sites/{{ owncloud_domain }}/public'

# What source should be used to get ownCloud files (upstream, githost, github, gitlab)
owncloud_source: 'upstream'

# Default settings for ownCloud sources other than "upstream"
# If you want to use that with github, you can create your ownCloud repository
# as '<your username>/owncloud' with branch 'master'
owncloud_deploy_user: 'git'
owncloud_deploy_server: 'github.com'
owncloud_deploy_repo: '{{ lookup("env","USER") }}/owncloud.git'
owncloud_deploy_branch: 'master'

# OAuth token for GitHub / GitLab access, used to setup SSH deploy key
owncloud_deploy_token: False

# Hash of different ownCloud sources
owncloud_source_map:

# Official ownCloud upstream repository on GitHub (basic installation)
upstream:
url: 'https://github.com/owncloud/core.git'
branch: 'stable6'

# A git repository configured on a host in the Ansible cluster, for example
# with 'githost' role
# Ansible will try and setup ssh public key of the 'owncloud' user as deploy
# key on the server with git repository, using authorized_key module
githost:
url: '{{ owncloud_deploy_user }}@{{ owncloud_deploy_server }}:{{ owncloud_deploy_repo }}'
branch: '{{ owncloud_deploy_branch }}'

# A git repository set up on GitHub, with deploy key configured through API
# using OAuth token
github:
url: 'git@github.com:{{ owncloud_deploy_repo }}'
branch: '{{ owncloud_deploy_branch }}'

# A git repository set up on a GitLab instance, with deploy key configured
# through API using OAuth token
gitlab:
url: '{{ owncloud_deploy_user }}@{{ owncloud_deploy_server }}:{{ owncloud_deploy_repo }}'
branch: '{{ owncloud_deploy_branch }}'


# --- ownCloud database ---

# ownCloud recommends MySQL database as the default. Set to False to use SQLite
owncloud_database: 'mysql'

owncloud_database_map:

# MySQL database on localhost (random password will be generated when using 'secret' role)
mysql:
dbtype: 'mysql'
dbname: '{{ owncloud_user }}'
dbuser: '{{ owncloud_user }}'
dbpass: '{{ owncloud_dbpass | default("password") }}'
dbhost: 'localhost'
dbtableprefix: ''

# PostgreSQL database on localhost, connection through Unix socket, no default password
postgresql:
dbtype: 'pgsql'
dbname: '{{ owncloud_user }}'
dbuser: '{{ owncloud_user }}'
dbpass: ''
dbhost: '/var/run/postgresql'
dbtableprefix: ''


# --- ownCloud admin login / password ---

# Default admin username, in the form 'admin-$USER'
# Set to False to disable automatic username and password
owncloud_admin_username: 'admin-{{ lookup("env","USER") }}'

# Default admin password, will be randomly generated if 'secret' role is enabled
owncloud_admin_password: 'password'

# Length of randomly generated admin password
owncloud_password_length: '20'

# Should Ansible automatically open ownCloud page to finish setup on it's own?
# Disabled if admin username is set to False
owncloud_autosetup: True


# --- ownCloud configuration ---

# Max upload size set in nginx and php5, with amount as M or G
owncloud_upload_size: '128M'

# Output buffering set in php5, with amount set in megabytes
owncloud_php5_output_buffering: '128'

# Max children processes to run in php5-fpm
owncloud_php5_max_children: '50'

# At what time cron should execute background jobs
owncloud_cron_minute: '*/15'


@@ -0,0 +1,29 @@
---

dependencies:

- role: mysql
when: owncloud_dependencies is defined and owncloud_dependencies and
owncloud_database is defined and owncloud_database == 'mysql'
tags: owncloud

- role: postgresql
when: owncloud_dependencies is defined and owncloud_dependencies and
owncloud_database is defined and owncloud_database == 'postgresql'
tags: owncloud

- role: php5
php5_pools:
- '{{ owncloud_php5_pool }}'
when: owncloud_dependencies is defined and owncloud_dependencies
tags: owncloud

- role: nginx
nginx_servers:
- '{{ owncloud_nginx_server }}'
nginx_upstreams:
- '{{ owncloud_nginx_upstream_php5 }}'
when: owncloud_dependencies is defined and owncloud_dependencies
tags: owncloud


@@ -0,0 +1,29 @@
---

- name: Install required packages for MySQL support
apt: pkg={{ item }} state=latest install_recommends=no
with_items: [ 'php5-mysql' ]
tags: [ 'owncloud', 'mysql' ]

- name: Get default MySQL password
set_fact:
owncloud_database_password: '{{ owncloud_database_map[owncloud_database].dbpass }}'
tags: [ 'owncloud', 'mysql' ]

- name: Lookup MySQL password if secrets/ directory is defined
set_fact:
owncloud_database_password: "{{ lookup('password', secret + '/credentials/' + ansible_fqdn + '/owncloud/mysql/' + owncloud_database_map[owncloud_database].dbuser + '/password length=' + mysql_password_length) }}"
when: secret is defined
tags: [ 'owncloud', 'mysql' ]

- name: Create ownCloud MySQL user
mysql_user: name={{ owncloud_database_map[owncloud_database].dbuser }}
password={{ owncloud_database_password }} state=present
host='localhost' priv='{{ owncloud_database_map[owncloud_database].dbname }}.*:ALL'
tags: [ 'owncloud', 'mysql' ]

- name: Create ownCloud database
mysql_db: name={{ owncloud_database_map[owncloud_database].dbname }} state=present
tags: [ 'owncloud', 'mysql' ]


@@ -0,0 +1,59 @@
---

- name: Setup cron service
cron: name='ownCloud Background Jobs' minute={{ owncloud_cron_minute }} user={{ owncloud_user }}
job='/usr/bin/php -f {{ owncloud_deploy_path }}/cron.php' cron_file='owncloud'
tags: owncloud

- name: Setup logrotate for owncloud
template: src=etc/logrotate.d/owncloud.j2 dest=/etc/logrotate.d/owncloud owner=root group=root mode=0644
tags: owncloud

- name: Lookup admin password if secrets/ directory is defined
set_fact:
owncloud_admin_password: "{{ lookup('password', secret + '/credentials/' + ansible_fqdn + '/owncloud/admin/' + owncloud_admin_username + '/password length=' + owncloud_password_length) }}"
when: secret is defined and owncloud_admin_username is defined and owncloud_admin_username
tags: owncloud

- name: Check if ownCloud is configured
stat: path={{ owncloud_deploy_path }}/config/config.php
register: owncloud_config_file
tags: owncloud

- name: Install ownCloud autoconfig file
template: src=srv/www/sites/config/autoconfig.php.j2 dest={{ owncloud_deploy_path }}/config/autoconfig.php
owner={{ owncloud_user }} group={{ owncloud_group }} mode=0660
when: owncloud_config_file is defined and owncloud_config_file.stat.exists == False
tags: owncloud

- name: Install ownCloud default config file
template: src=srv/www/sites/config/config.default.php.j2 dest={{ owncloud_deploy_path }}/config/config.php
owner={{ owncloud_user }} group={{ owncloud_group }} mode=0640
when: owncloud_config_file is defined and owncloud_config_file.stat.exists == False
tags: owncloud

- name: Use cron for background jobs (lib/private/...)
lineinfile: dest={{ owncloud_deploy_path }}/lib/private/backgroundjob.php state=present regexp="return OC_Appconfig::getValue" line=" return OC_Appconfig::getValue( 'core', 'backgroundjobs_mode', 'cron' );"
when: owncloud_config_file is defined and owncloud_config_file.stat.exists == False
tags: owncloud

- name: Use cron for background jobs (settings/admin.php)
lineinfile: dest={{ owncloud_deploy_path }}/settings/admin.php state=present regexp="'backgroundjobs_mode', OC_Appconfig::getValue" line="$tmpl->assign('backgroundjobs_mode', OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'cron'));"
when: owncloud_config_file is defined and owncloud_config_file.stat.exists == False
tags: owncloud

- name: Flush handlers if automatic setup is requested
meta: flush_handlers
when: owncloud_config_file is defined and owncloud_config_file.stat.exists == False and
owncloud_admin_username is defined and owncloud_admin_username and
owncloud_autosetup is defined and owncloud_autosetup
tags: owncloud

- name: Automatically finish setup if allowed
uri: url=https://{{ owncloud_domain }}/index.php
when: owncloud_config_file is defined and owncloud_config_file.stat.exists == False and
owncloud_admin_username is defined and owncloud_admin_username and
owncloud_autosetup is defined and owncloud_autosetup
tags: owncloud


@@ -0,0 +1,23 @@
---

- name: Install required packages for PostgreSQL support
apt: pkg={{ item }} state=latest install_recommends=no
with_items: [ 'php5-pgsql' ]
tags: [ 'owncloud', 'postgresql' ]

- name: Get default PostgreSQL password
set_fact:
owncloud_database_password: '{{ owncloud_database_map[owncloud_database].dbpass }}'
tags: [ 'owncloud', 'postgresql' ]

- name: Create ownCloud PostgreSQL role
postgresql_user: name={{ owncloud_database_map[owncloud_database].dbuser }} state=present
sudo_user: 'postgres'
tags: [ 'owncloud', 'postgresql' ]

- name: Create ownCloud database
postgresql_db: name={{ owncloud_database_map[owncloud_database].dbname }} state=present owner={{ owncloud_database_map[owncloud_database].dbuser }}
sudo_user: 'postgres'
tags: [ 'owncloud', 'postgresql' ]


@@ -0,0 +1,29 @@
---

- name: Clone ownCloud source from deploy server
git: repo={{ owncloud_source_map[owncloud_source].url }} dest={{ owncloud_home }}/{{ owncloud_deploy_repo }}
bare=yes version={{ owncloud_source_map[owncloud_source].branch }} update=yes
sudo_user: '{{ owncloud_user }}'
register: owncloud_repo_updated
tags: owncloud

- name: Checkout ownCloud to deployment path
shell: GIT_WORK_TREE={{ owncloud_deploy_path }} git checkout --force {{ owncloud_source_map[owncloud_source].branch }}
chdir={{ owncloud_home }}/{{ owncloud_deploy_repo }}
sudo_user: '{{ owncloud_user }}'
when: owncloud_repo_updated is defined and owncloud_repo_updated.changed
tags: owncloud

- name: Point git work tree to separate .git directory
lineinfile: "dest={{ owncloud_deploy_path }}/.git create=yes state=present regexp='^gitdir:' line='gitdir: {{ owncloud_home }}/{{ owncloud_deploy_repo }}'"
sudo_user: '{{ owncloud_user }}'
when: owncloud_repo_updated is defined and owncloud_repo_updated.changed
tags: owncloud

- name: Checkout ownCloud submodules to deployment path
shell: GIT_WORK_TREE={{ owncloud_deploy_path }} git submodule update --init --recursive --force chdir={{ owncloud_deploy_path }}
sudo_user: '{{ owncloud_user }}'
when: owncloud_repo_updated is defined and owncloud_repo_updated.changed
tags: owncloud


@@ -0,0 +1,15 @@
---

- include: setup_environment.yml
- include: setup_deploy_key.yml
- include: deploy_owncloud.yml

- include: configure_mysql.yml
when: owncloud_database is defined and owncloud_database == 'mysql'

- include: configure_postgresql.yml
when: owncloud_database is defined and owncloud_database == 'postgresql'

- include: configure_owncloud.yml


@@ -0,0 +1,54 @@
---

- name: Slurp deploy key
slurp: src={{ owncloud_home }}/.ssh/id_rsa.pub
register: owncloud_deploy_key
when: owncloud_deploy_key is undefined
tags: owncloud

- name: Create hash variable with deploy key
set_fact:
owncloud_deploy_data:
title: '{{ owncloud_user }}@{{ ansible_hostname }} deployed by Ansible'
key: '{{ owncloud_deploy_key.content | b64decode | trim }}'
when: owncloud_deploy_key is defined
tags: owncloud

- name: Setup deploy key on ownCloud source server (githost)
authorized_key: user={{ owncloud_deploy_user }} key='{{ owncloud_deploy_data.key }}'
key_options='no-X11-forwarding,no-agent-forwarding,no-port-forwarding' state=present
delegate_to: '{{ owncloud_deploy_server }}'
when: owncloud_deploy_key is defined and
owncloud_source is defined and
owncloud_source == 'githost'
tags: owncloud

- name: Setup deploy key on ownCloud source server (github)
command: "curl --silent --header 'Authorization: token {{ owncloud_deploy_token }}' --data '{{ owncloud_deploy_data | to_nice_json }}' https://api.github.com/repos/{{ owncloud_deploy_repo | replace('.git','') }}/keys"
changed_when: False
when: owncloud_deploy_key is defined and
owncloud_source is defined and
owncloud_source == 'github'
tags: owncloud

- name: Find id of ownCloud source project (gitlab)
uri: >
url=https://{{ owncloud_deploy_server }}/api/v3/projects/{{ owncloud_deploy_repo | replace('.git','') | replace('/','%2F') }}
HEADER_PRIVATE-TOKEN={{ owncloud_deploy_token }}
register: owncloud_gitlab
when: owncloud_deploy_key is defined and
owncloud_source is defined and
owncloud_source == 'gitlab'
tags: owncloud

- name: Setup deploy key on ownCloud source server (gitlab)
uri: >
url=https://{{ owncloud_deploy_server }}/api/v3/projects/{{ owncloud_gitlab.json.id }}/keys
HEADER_PRIVATE-TOKEN={{ owncloud_deploy_token }} HEADER_Content-Type="application/json"
status_code=201 method=POST body='{{ owncloud_deploy_data | to_nice_json }}'
when: owncloud_deploy_key is defined and
owncloud_source is defined and
owncloud_source == 'gitlab'
tags: owncloud


0 comments on commit 8ad3cff

Please sign in to comment.
You can’t perform that action at this time.