From 5348daa74e410ab93c7871732a99cc23f5ebcf5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9mi=20-=20Le=20Filament?= <remi@le-filament.com> Date: Wed, 5 Jul 2023 15:15:21 +0200 Subject: [PATCH] [UPD] ansible-lint --- .ansible-lint | 7 +++ .yamllint | 39 ++++++++++++++++ handlers/main.yml | 6 +-- meta/main.yml | 30 ++++++------ tasks/main.yml | 116 +++++++++++++++++++++++----------------------- 5 files changed, 122 insertions(+), 76 deletions(-) create mode 100644 .ansible-lint create mode 100644 .yamllint diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..8d40d06 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,7 @@ +--- +warn_list: # or 'skip_list' to silence them completely + - git-latest # Git checkouts must contain explicit version + - ignore-errors # Use failed_when and specify error conditions instead of using ignore_errors + - no-changed-when # Commands should not change things if nothing needs doing + - no-handler # Tasks that run when changed should likely be handlers + - package-latest # Package installs should not use latest diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..fbebdb8 --- /dev/null +++ b/.yamllint @@ -0,0 +1,39 @@ +--- +# Based on ansible-lint config +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + colons: + max-spaces-after: -1 + level: error + commas: + max-spaces-after: -1 + level: error + # comments enable + comments: enable + comments-indentation: enable + document-start: enable + empty-lines: + max: 3 + level: error + hyphens: + level: error + indentation: + level: warning + indent-sequences: consistent + spaces: 4 + check-multi-line-strings: true + key-duplicates: enable + line-length: disable + new-line-at-end-of-file: enable + new-lines: + type: unix + # trailing-spaces enable + trailing-spaces: enable + truthy: enable diff --git a/handlers/main.yml b/handlers/main.yml index 0fef22d..a6632fb 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,8 +1,8 @@ --- -- name: start nextcloud docker - docker_compose: - project_src: /home/docker/nextcloud/ +- name: Start nextcloud docker + community.docker.docker_compose: + project_src: /home/docker/nextcloud/ async: 120 poll: 10 when: not ansible_check_mode diff --git a/meta/main.yml b/meta/main.yml index 4842e89..3033982 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,17 +1,17 @@ --- galaxy_info: - author: Rémi - description: Role for deploying NextCloud on Docker with Collabora Online and/or OnlyOffice - company: Le Filament (https://le-filament.com) - license: AGPL-3.0-or-later - min_ansible_version: 2.1 - platforms: - - name: Ubuntu - versions: - - bionic - - focal - galaxy_tags: - - nextcloud - - docker - - collabora - - onlyoffice + author: lefilament + description: Role for deploying NextCloud on Docker with Collabora Online and/or OnlyOffice + company: Le Filament (https://le-filament.com) + license: AGPL-3.0-or-later + min_ansible_version: "2.1" + platforms: + - name: Ubuntu + versions: + - bionic + - focal + galaxy_tags: + - nextcloud + - docker + - collabora + - onlyoffice diff --git a/tasks/main.yml b/tasks/main.yml index e760ebd..a2c1e48 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,113 +1,113 @@ --- - name: Create nextcloud Docker structure on server in /home/docker/nextcloud - file: - name: "/home/docker/nextcloud" - state: directory - owner: root - group: root - mode: '0755' + ansible.builtin.file: + name: "/home/docker/nextcloud" + state: directory + owner: root + group: root + mode: '0755' ## Install Nextcloud docker - name: Install nextcloud docker - template: - src: nextcloud.yaml.j2 - dest: /home/docker/nextcloud/docker-compose.yaml - owner: root - group: root - mode: '0400' + ansible.builtin.template: + src: nextcloud.yaml.j2 + dest: /home/docker/nextcloud/docker-compose.yaml + owner: root + group: root + mode: '0400' notify: - - start nextcloud docker + - Start nextcloud docker - name: Add extra PHP configuration - template: - src: nextcloud-extra.ini.j2 - dest: /home/docker/nextcloud/nextcloud-extra.ini - owner: root - group: root - mode: '0644' - -- name: add cron job for nextcloud cron.php - cron: - name: nextcloud cron.php - minute: "*/15" - job: /usr/bin/docker exec --user www-data nextcloud php cron.php + ansible.builtin.template: + src: nextcloud-extra.ini.j2 + dest: /home/docker/nextcloud/nextcloud-extra.ini + owner: root + group: root + mode: '0644' + +- name: Add cron job for nextcloud cron.php + ansible.builtin.cron: + name: nextcloud cron.php + minute: "*/15" + job: /usr/bin/docker exec --user www-data nextcloud php cron.php ## Install Nextcloud backup docker - name: Install nextcloud backup compose file - template: - src: backup.yaml.j2 - dest: /home/docker/backups/backup-nextcloud.yaml - owner: root - group: root - mode: '0400' + ansible.builtin.template: + src: backup.yaml.j2 + dest: /home/docker/backups/backup-nextcloud.yaml + owner: root + group: root + mode: '0400' when: inventory_hostname in groups['maintenance_contract'] - name: Copy docker file for mysql duplicity - copy: - src: Dockerfile-backup - dest: /home/docker/backups/Dockerfile-mysql - owner: root - group: root - mode: '0644' + ansible.builtin.copy: + src: Dockerfile-backup + dest: /home/docker/backups/Dockerfile-mysql + owner: root + group: root + mode: '0644' when: inventory_hostname in groups['maintenance_contract'] -- name: add cron job to run backup every week - cron: - name: backup nextcloud - minute: "00" - hour: "00" - weekday: "7" - job: /usr/bin/docker-compose -f /home/docker/backups/backup-nextcloud.yaml run --rm backup_nextcloud +- name: Add cron job to run backup every week + ansible.builtin.cron: + name: backup nextcloud + minute: "00" + hour: "00" + weekday: "7" + job: /usr/bin/docker-compose -f /home/docker/backups/backup-nextcloud.yaml run --rm backup_nextcloud when: inventory_hostname in groups['maintenance_contract'] # Flush handlers in order to start nextcloud if necessary - name: Flush handlers - meta: flush_handlers + ansible.builtin.meta: flush_handlers # Set correct variables in configuration files # TODO : replace by writing on nextcloud volume configuration file and restart nextcloud -- name: set trusted domain 1 - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" trusted_domains 1 --value="{{ cloud_url }}" +- name: Set trusted domain 1 + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" trusted_domains 1 --value="{{ cloud_url }}" -- name: set trusted domain 2 - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" trusted_domains 2 --value="nextcloud" +- name: Set trusted domain 2 + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" trusted_domains 2 --value="nextcloud" -- name: overwrite protocol - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" overwriteprotocol --value="https" +- name: Overwrite protocol + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" overwriteprotocol --value="https" # Collaborative edition tools configuration - name: Install OnlyOffice app - command: docker exec -u www-data nextcloud php occ --no-warnings "app:enable" onlyoffice + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "app:enable" onlyoffice when: cloud_onlyoffice tags: docker_cloudaborative - name: Set OnlyOffice URL - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" onlyoffice DocumentServerUrl --value="https://{{ cloud_onlyoffice_url }}" + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" onlyoffice DocumentServerUrl --value="https://{{ cloud_onlyoffice_url }}" when: cloud_onlyoffice tags: docker_cloudaborative - name: Set internal OnlyOffice URL - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" onlyoffice DocumentServerInternalUrl --value="http://onlyoffice/" + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" onlyoffice DocumentServerInternalUrl --value="http://onlyoffice/" when: cloud_onlyoffice tags: docker_cloudaborative - name: Set internal NextCloud URL - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" onlyoffice StorageUrl --value="http://nextcloud/" + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" onlyoffice StorageUrl --value="http://nextcloud/" when: cloud_onlyoffice tags: docker_cloudaborative - name: Set trusted domain to collabora for collaborative documents - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" trusted_domains 3 --value="{{ cloud_collabora_url }}" + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" trusted_domains 3 --value="{{ cloud_collabora_url }}" when: cloud_collabora tags: docker_cloudaborative - name: Install Collabora app - command: docker exec -u www-data nextcloud php occ --no-warnings "app:enable" richdocuments + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "app:enable" richdocuments when: cloud_collabora tags: docker_cloudaborative - name: Set Collabora URL - command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" richdocuments wopi_url --value="https://{{ cloud_collabora_url }}" + ansible.builtin.command: docker exec -u www-data nextcloud php occ --no-warnings "config:system:set" richdocuments wopi_url --value="https://{{ cloud_collabora_url }}" when: cloud_collabora tags: docker_cloudaborative -- GitLab