add keydb, fix some minor issues

2023-02-07 20:48:16 +01:00 · 2023-02-07 20:48:16 +01:00 · 4aa19f74a2
commit 4aa19f74a2
parent 7ac004b5d8
13 changed files with 2180 additions and 11 deletions
--- a/galaxy.yml
+++ b/galaxy.yml
@ -33,6 +33,7 @@ license:
 tags:
  - nextcloud
  - php
  - keydb
 # Collections that this collection requires to be installed for it to be usable. The key of the dict is the
 # collection label 'namespace.name'. The value is a version range
--- a/playbooks/nextcloud_stack.yml
+++ b/playbooks/nextcloud_stack.yml
@ -0,0 +1,13 @@
 ---
 - hosts: all
  roles:
    - s3lph.nextcloud.keydb
    - s3lph.nextcloud.php
    - s3lph.webserver.apache2
    - s3lph.webserver.certbot
 - hosts: all
  roles:
    - s3lph.webserver.apache2
    - s3lph.nextcloud.nextcloud
--- a/roles/keydb/defaults/main.yml
+++ b/roles/keydb/defaults/main.yml
@ -0,0 +1,3 @@
 ---
 php_version: "8.1"
--- a/roles/keydb/handlers/main.yml
+++ b/roles/keydb/handlers/main.yml
@ -0,0 +1,16 @@
 ---
 - name: restart keydb
  ansible.builtin.service:
    name: keydb-server
    state: restarted
 - name: restart php-fpm
  ansible.builtin.service:
    name: "php{{ php_version }}-fpm.service"
    state: restarted
 - name: restart apache2
  ansible.builtin.service:
    name: apache2
    state: restarted
--- a/roles/keydb/tasks/config.yml
+++ b/roles/keydb/tasks/config.yml
@ -0,0 +1,20 @@
 ---
 - name: Render KeyDB configuration
  ansible.builtin.template:
    src: etc/keydb/keydb.conf.j2
    dest: /etc/keydb/keydb.conf
    owner: keydb
    group: keydb
    mode: 0640
  notify:
    - restart keydb
 - name: Add www-data to keydb group
  ansible.builtin.user:
    name: www-data
    groups: [keydb]
    append: true
  notify:
    - restart php-fpm
    - restart apache2
--- a/roles/keydb/tasks/install.yml
+++ b/roles/keydb/tasks/install.yml
@ -0,0 +1,24 @@
 ---
 - name: Add KeyDB repository key
  ansible.builtin.apt_key:
    url: https://download.keydb.dev/open-source-dist/keyring.gpg
    keyring: /etc/apt/trusted.gpg.d/download.keydb.dev.gpg
 - name: Add KeyDB repository
  ansible.builtin.apt_repository:
    filename: download.keydb.dev.list
    repo: "deb https://download.keydb.dev/open-source-dist {{ ansible_facts.distribution_release }} main"
 - name: Install KeyDB
  ansible.builtin.apt:
    name:
      - keydb
      - keydb-server
      - keydb-tools
 - name: Start and enable KeyDB
  ansible.builtin.service:
    name: keydb-server
    state: started
    enabled: true
--- a/roles/keydb/tasks/main.yml
+++ b/roles/keydb/tasks/main.yml
@ -0,0 +1,11 @@
 ---
 - ansible.builtin.import_tasks: install.yml
  tags:
    - "role::keydb"
    - "role::keydb:install"
 - ansible.builtin.import_tasks: config.yml
  tags:
    - "role::keydb"
    - "role::keydb:config"
--- a/roles/keydb/templates/etc/keydb/keydb.conf.j2
+++ b/roles/keydb/templates/etc/keydb/keydb.conf.j2
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@ -6,9 +6,10 @@ nextcloud_trusted_domains:
  - "cloud.example.org"
 nextcloud_cli_baseurl: "https://{{ nextcloud_trusted_domains[0] }}"
-nextcloud_redis_host: localhost
+nextcloud_redis_host: /run/keydb/keydb.sock
-nextcloud_redis_port: 6379
+nextcloud_redis_port: 0
 nextcloud_redis_dbindex: 0
 nextcloud_redis_timeout: 0.0
 nextcloud_db_engine: mysql
 nextcloud_db_host: localhost
--- a/roles/nextcloud/handlers/main.yml
+++ b/roles/nextcloud/handlers/main.yml
@ -0,0 +1,16 @@
 ---
 - name: restart php-fpm
  ansible.builtin.service:
    name: "php{{ php_version}}-fpm.service"
    state: restarted
 - name: restart apache2
  ansible.builtin.service:
    name: apache2
    state: restarted
 - name: restart redis
  ansible.builtin.service:
    name: redis-server
    state: restarted
--- a/roles/nextcloud/tasks/install.yml
+++ b/roles/nextcloud/tasks/install.yml
@ -14,11 +14,6 @@
  ansible.builtin.apt:
    name: apache2
 - name: Install redis-server if using localhost
  ansible.builtin.apt:
    name: redis-server
  when: "nextcloud_redis_host == 'localhost'"
 - name: Install Nextcloud package
  ansible.builtin.apt:
    name: "nextcloud-{{ nextcloud_major_version }}"
@ -53,7 +48,7 @@
      community.mysql.mysql_db:
        name: '{{ nextcloud_db_name }}'
        login_unix_socket: /run/mysqld/mysqld.sock
-        check_implicit_admin: yes
+        check_implicit_admin: true
    - name: Create nextcloud database user
      community.mysql.mysql_user:
@ -62,7 +57,7 @@
        password: "{{ nextcloud_db_pass }}"
        priv: "{{ nextcloud_db_name }}.*:ALL"  # grant all privileges (no grant)
        login_unix_socket: /run/mysqld/mysqld.sock
-        check_implicit_admin: yes
+        check_implicit_admin: true
 - name: Perform Nextcloud first-time setup
  become: true
@ -101,9 +96,11 @@
        host: "{{ nextcloud_redis_host }}"
        port: "{{ nextcloud_redis_port }}"
        dbindex: "{{ nextcloud_redis_dbindex }}"
        timeout: "{{ nextcloud_redis_timeout }}"
      memcache.local: '\OC\Memcache\Redis'
      memcache.distributed: '\OC\Memcache\Redis'
      memcache.locking: '\OC\Memcache\Redis'
      mysql.utf8mb4: true
 - name: Install Nextcloud app packages
  become: true
--- a/roles/php/defaults/main.yml
+++ b/roles/php/defaults/main.yml
@ -5,7 +5,7 @@ php_version: "8.1"
 php_ini:
  PHP:
    memory_limit: "512M"
-    upload_max_filesize: "1G"
+    upload_max_filesize: "2G"
  opcache:
    opcache.enable: "1"
    opcache.memory_consumption: "256"
--- a/roles/php/handlers/main.yml
+++ b/roles/php/handlers/main.yml
@ -2,7 +2,7 @@
 - name: restart php-fpm
  ansible.builtin.service:
-    name: "php{{ php_version}}-fpm.service"
+    name: "php{{ php_version }}-fpm.service"
    state: restarted
 - name: restart apache2