diff --git a/docs/services/README.md b/docs/services/README.md index c71eb0b..1406eda 100644 --- a/docs/services/README.md +++ b/docs/services/README.md @@ -5,6 +5,7 @@ | [Docker](https://www.docker.com/) | Open-source software for deploying containerized applications | [Link](docker.md) | | [Gitea](https://gitea.io/) | A painless self-hosted Git service. | [Link](gitea.md) | | [Miniflux](https://miniflux.app/) | Minimalist and opinionated feed reader. | [Link](miniflux.md) | +| [Nextcloud](https://nextcloud.com/) | The most popular self-hosted collaboration solution for tens of millions of users at thousands of organizations across the globe. | [Link](nextcloud.md) | | [PostgreSQL](https://www.postgresql.org) | A powerful, open source object-relational database system | [Link](postgres.md) | | [Radicale](https://miniflux.app/) | A Free and Open-Source CalDAV and CardDAV Server (solution for hosting contacts and calendars) | [Link](radicale.md) | | [Traefik](https://doc.traefik.io/traefik/) | A container-aware reverse-proxy server | [Link](traefik.md) | @@ -17,7 +18,6 @@ | Name | Description | | ------------------------------ | ------------------------------------- | -| [Nextcloud](https://nextcloud.com/), by absorbing [nextcloud-docker-ansible-deploy](https://github.com/spantaleev/nextcloud-docker-ansible-deploy) | Groupware server (Files, Contacts, Calendaring, etc.) | | [PeerTube](https://joinpeertube.org/), by absorbing [peertube-docker-ansible-deploy](https://github.com/spantaleev/peertube-docker-ansible-deploy) | A video-platform server | | [Garage](https://garagehq.deuxfleurs.fr/), by absorbing [garage-docker-ansible-deploy](https://github.com/moan0s/garage-docker-ansible-deploy) | Open-source distributed object storage service tailored for self-hosting | | [Prometheus](https://prometheus.io/)| Monitoring system and time series database | diff --git a/docs/services/nextcloud.md b/docs/services/nextcloud.md new file mode 100644 index 0000000..c7203bd --- /dev/null +++ b/docs/services/nextcloud.md @@ -0,0 +1,50 @@ +# Nextcloud + +[Nextcloud](https://nextcloud.com/) is the most popular self-hosted collaboration solution for tens of millions of users at thousands of organizations across the globe. + + +## Dependencies + +This service requires the following other services: + +- a [Postgres](postgres.md) database +- a [Traefik](traefik.md) reverse-proxy server + + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# nextcloud # +# # +######################################################################## + +nextcloud_enabled: true + +nextcloud_hostname: mash.example.com +nextcloud_path_prefix: /nextcloud + +######################################################################## +# # +# /nextcloud # +# # +######################################################################## +``` + +In the example configuration above, we configure the service to be hosted at `https://mash.example.com/nextcloud`. + +You can remove the `nextcloud_path_prefix` variable definition, to make it default to `/`, so that the service is served at `https://mash.example.com/`. + + +## Usage + +After [installation](../installing.md), you should follow Nextcloud's setup wizard at the URL you've chosen. + +You can choose any username/password for your account. + +In **Storage & database**, you should choose PostgreSQL (changing the default **SQLite** choice), with the credentials you see after running `just print-nextcloud-db-credentials` + +Once you've fully installed Nextcloud, you'd better adjust its default configuration (URL paths, trusted reverse-proxies, etc.) by running: `just run-tags adjust-nextcloud-config` diff --git a/group_vars/mash_servers b/group_vars/mash_servers index e6b6215..638b198 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -20,6 +20,10 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': (gitea_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gitea', 'gitea-server']}]) + + ([{'name': (nextcloud_identifier + '-server.service'), 'priority': 1000, 'groups': ['mash', 'nextcloud', 'nextcloud-server']}] if nextcloud_enabled else []) + + + ([{'name': (nextcloud_identifier + '-cron.timer'), 'priority': 2500, 'groups': ['mash', 'nextcloud', 'nextcloud-cron']}] if nextcloud_enabled else []) + + ([{'name': (miniflux_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'miniflux']}] if miniflux_enabled else []) + ([{'name': (radicale_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'radicale']}] if radicale_enabled else []) @@ -79,6 +83,12 @@ devture_postgres_managed_databases_auto: | 'password': miniflux_database_password, }] if miniflux_enabled else []) + + ([{ + 'name': nextcloud_database_name, + 'username': nextcloud_database_username, + 'password': nextcloud_database_password, + }] if nextcloud_enabled else []) + + ([{ 'name': vaultwarden_database_name, 'username': vaultwarden_database_username, @@ -265,7 +275,7 @@ gitea_config_database_password: "{{ '%s' | format(mash_playbook_generic_secret_k ######################################################################## # # -# etke/miniflux # +# miniflux # # # ######################################################################## @@ -302,7 +312,7 @@ miniflux_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) ######################################################################## # # -# /etke/miniflux # +# miniflux # # # ######################################################################## @@ -310,7 +320,54 @@ miniflux_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) ######################################################################## # # -# etke/radicale # +# nextcloud # +# # +######################################################################## + +nextcloud_enabled: false + +nextcloud_identifier: "{{ mash_playbook_service_identifier_prefix }}nextcloud" + +nextcloud_base_path: "{{ mash_playbook_base_path }}/nextcloud" + +nextcloud_uid: "{{ mash_playbook_uid }}" +nextcloud_gid: "{{ mash_playbook_gid }}" + +nextcloud_systemd_required_systemd_services_list: | + {{ + (['docker.service']) + + + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and nextcloud_database_hostname == devture_postgres_identifier else []) + }} + +nextcloud_container_additional_networks: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + + + ([devture_postgres_container_network] if devture_postgres_enabled and nextcloud_database_hostname == devture_postgres_identifier and nextcloud_container_network != devture_postgres_container_network else []) + }} + +nextcloud_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}" +nextcloud_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +nextcloud_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +nextcloud_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +nextcloud_database_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}" +nextcloud_database_port: "{{ '5432' if devture_postgres_enabled else '' }}" +nextcloud_database_username: "nextcloud" +nextcloud_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.nextcloud', rounds=655555) | to_uuid }}" + +######################################################################## +# # +# /nextcloud # +# # +######################################################################## + + + +######################################################################## +# # +# radicale # # # ######################################################################## @@ -335,7 +392,7 @@ radicale_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certReso ######################################################################## # # -# /etke/radicale # +# radicale # # # ######################################################################## diff --git a/requirements.yml b/requirements.yml index f0aed67..5f17eaf 100644 --- a/requirements.yml +++ b/requirements.yml @@ -55,3 +55,7 @@ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gitea.git name: gitea version: v1.18.5-1 + +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-nextcloud.git + name: nextcloud + version: v25.0.4-0 diff --git a/setup.yml b/setup.yml index 85595f9..b27ad3d 100644 --- a/setup.yml +++ b/setup.yml @@ -48,6 +48,8 @@ - role: galaxy/miniflux + - role: galaxy/nextcloud + - role: galaxy/radicale - role: galaxy/vaultwarden