From 7d4e2075a137b2e094d64e674df3f67386247753 Mon Sep 17 00:00:00 2001 From: Mike Wilson Date: Mon, 20 Feb 2023 21:13:06 -0500 Subject: [PATCH] Added Nextcloud --- ansible/main.yml | 1 + ansible/roles/nextcloud/tasks/main.yml | 22 ++++++++ .../nextcloud/templates/docker-compose.yml | 55 +++++++++++++++++++ ansible/roles/traefik/templates/traefik.yml | 4 +- 4 files changed, 80 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/nextcloud/tasks/main.yml create mode 100644 ansible/roles/nextcloud/templates/docker-compose.yml diff --git a/ansible/main.yml b/ansible/main.yml index b0a1f1b..48bc62b 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -15,3 +15,4 @@ - qbittorrent - overseerr - ntfy + - nextcloud diff --git a/ansible/roles/nextcloud/tasks/main.yml b/ansible/roles/nextcloud/tasks/main.yml new file mode 100644 index 0000000..cb43e5c --- /dev/null +++ b/ansible/roles/nextcloud/tasks/main.yml @@ -0,0 +1,22 @@ +- name: Create install directory + file: + path: "{{ install_directory }}/{{ role_name }}" + state: directory + owner: "{{ docker_user }}" + mode: "{{ docker_compose_directory_mask }}" + become: true + +- name: Copy docker-compose file to destination + template: + src: docker-compose.yml + dest: "{{ install_directory }}/{{ role_name }}/docker-compose.yml" + owner: "{{ docker_user }}" + mode: "{{ docker_compose_file_mask }}" + validate: docker-compose -f %s config + become: true + +- name: Start docker container + community.docker.docker_compose: + project_src: "{{ install_directory }}/{{ role_name }}" + pull: true + remove_orphans: yes diff --git a/ansible/roles/nextcloud/templates/docker-compose.yml b/ansible/roles/nextcloud/templates/docker-compose.yml new file mode 100644 index 0000000..8eda9d3 --- /dev/null +++ b/ansible/roles/nextcloud/templates/docker-compose.yml @@ -0,0 +1,55 @@ +version: "{{ docker_compose_version }}" + +networks: + traefik: + external: true + db: + external: false + +services: + nextcloud: + container_name: nextcloud + image: lscr.io/linuxserver/nextcloud:latest + restart: unless-stopped + networks: + - traefik + - db + environment: + PUID: "{{ service_user.uid }}" + PGID: "{{ service_user.uid }}" + TZ: "{{ timezone }}" + volumes: + - "{{ data_dir }}/{{ role_name }}/config:/config" + - "{{ data_dir }}/{{ role_name }}/data:/data" + labels: + traefik.enable: true + traefik.http.routers.nextcloud.rule: "Host(`{{ role_name }}.{{ personal_domain }}`)" + traefik.http.routers.nextcloud.middlewares: lan-whitelist@file + traefik.http.services.nextcloud.loadbalancer.server.port: 443 + traefik.http.services.nextcloud.loadbalancer.server.scheme: https + + mariadb: + container_name: mariadb + image: lscr.io/linuxserver/mariadb:latest + restart: unless-stopped + networks: + - db + environment: + - PUID={{ service_user.uid }} + - PGID={{ service_user.uid }} + - TZ={{ timezone }} + - MYSQL_DATABASE={{ role_name }} + - MYSQL_USER={{ role_name }} + - MYSQL_PASSWORD={{ role_name }} + - MYSQL_ROOT_PASSWORD={{ role_name }} + volumes: + - "{{ data_dir }}/mariadb/{{ role_name }}:/config" + + + redis: + image: redis:7-alpine + restart: unless-stopped + networks: + - db + volumes: + - "{{ data_dir }}/redis/{{ role_name }}:/data" diff --git a/ansible/roles/traefik/templates/traefik.yml b/ansible/roles/traefik/templates/traefik.yml index 5c33d92..3faaacb 100644 --- a/ansible/roles/traefik/templates/traefik.yml +++ b/ansible/roles/traefik/templates/traefik.yml @@ -10,6 +10,8 @@ entryPoints: web-secure: address: :443 http: + middlewares: + - secure-headers@file tls: certResolver: letsencrypt domains: @@ -17,8 +19,6 @@ entryPoints: - sans: "*.{{ personal_domain }}" - main: "local.{{ personal_domain }}" - sans: "*.local.{{ personal_domain }}" - middlewares: - - secure-headers@file traefik: address: :8080