From db108becbd473724de9ff4a9eb30848a063ead0a Mon Sep 17 00:00:00 2001 From: simonspa <1677436+simonspa@users.noreply.github.com> Date: Sat, 6 Jun 2020 17:20:48 +0200 Subject: [PATCH] Rework Update Handling (#37) Co-authored-by: Nikolaos Kakouros --- README.md | 78 ++++++++++++++++++++++-------- defaults/main.yml | 63 +++++++++++++----------- filter_plugins/opml.py | 5 +- handlers/main.yml | 36 ++++++++++---- tasks/apps/news.yml | 62 ++++++++++++++++-------- tasks/core/apps.yml | 67 +++++++++++++++----------- tasks/core/config.yml | 4 +- tasks/core/install.yml | 96 +++++++++---------------------------- tasks/core/integrity.yml | 10 ++-- tasks/core/upgrade.yml | 38 ++++++++++++++- tasks/users/group.yml | 6 +-- tasks/users/user.yml | 6 +-- tasks/users/user_config.yml | 8 ++-- 13 files changed, 274 insertions(+), 205 deletions(-) diff --git a/README.md b/README.md index 03c09fb..da15288 100644 --- a/README.md +++ b/README.md @@ -1,56 +1,96 @@ [![Build Status](https://travis-ci.com/nkakouros-original/ansible-role-nextcloud.svg?branch=master)](https://travis-ci.com/nkakouros-original/ansible-role-nextcloud) [![Galaxy](https://img.shields.io/badge/galaxy-nkakouros.nextcloud-blue.svg)](https://galaxy.ansible.com/nkakouros/nextcloud/) -Ansible Role: Nextcloud -========= +# Ansible Role: Nextcloud -Installs and upgrades Nextcloud and apps. **It only does that**, it does not install a web server, a db server, etc. +Installs and upgrades Nextcloud and apps. **It only does that**, it does not +install a web server, a db server, etc. -Features --------- +## Features This role allows you to: - install, update and configure Nextcloud core - install, update and configure Nextcloud apps available on the app store - create and update users and groups -Requirements ------------- +## Requirements Ansible >= 2.7 -While there are a bunch of other roles around to install Nextcloud, I did not found them useful as they try to do everything in one role, ie setup Apache, then MySQL, then install Nextcloud, etc. This might be useful for users who want to have a Nextcloud instance running as fast as possible. However, I find the approach too limiting as there are too many assumptions taking place. +While there are a bunch of other roles around to install Nextcloud, I did not +found them useful as they try to do everything in one role, ie setup Apache, +then MySQL, then install Nextcloud, etc. This might be useful for users who want +to have a Nextcloud instance running as fast as possible. However, I find the +approach too limiting as there are too many assumptions taking place. -This role does not care where you install Nextcloud. It only downloads, installs and configures Nextcloud itself. Its aim is to be used in a modular way alongside other roles. (Or at least it tries to make no assumptions. If you find any or cannot install nextcloud due to missing functionality, please open an issue or a PR. Currently it has been tested only on Ubuntu 16.04). +This role does not care where you install Nextcloud. It only downloads, installs +and configures Nextcloud itself. Its aim is to be used in a modular way +alongside other roles. (Or at least it tries to make no assumptions. If you find +any or cannot install nextcloud due to missing functionality, please open an +issue or a PR. Currently it has been tested only on Ubuntu 16.04). -See the [Example playbook](#example-playbook) on how a complete playbook that uses 3rd-party roles might look like. +See the [Example playbook](#example-playbook) on how a complete playbook that +uses 3rd-party roles might look like. -Versions ---- +The python `listparser` module should be installed if you want to import feeds +into the `News` app from an opml file. E.g.: -- _Supported Nextcloud versions_: Each release of the role will support all officially supported Nextcloud versions, starting from version 14. That is, versions older than Nextcloud 14 will not be supported ever by this role (for instance Nextcloud 13, although it is supported officially as of this writing). Also, with each new major version of Nextcloud, the version that this role installs by default will be updated to match that latest major release. +``` +pip install listaprser +``` -- _Supported Ansible versions_: I am using an installation of Ansible that is daily checked out from their [development branch](https://github.com/ansible/ansible/tree/devel/). With each new Ansible stable version (currently 2.7), a new release of this role will be created that will be compatible with that new Ansible version. Work following such a release will take place with the in-development next version of Ansible and might use new Ansible features. -For this above reasons, role releases will have names such as `v14-2.7-1.0`, where: +## Versions + +- _Supported Nextcloud versions_: Each release of the role will support all + officially supported Nextcloud versions, starting from version 14. That is, + versions older than Nextcloud 14 will not be supported ever by this role (for + instance Nextcloud 13, although it is supported officially as of this + writing). Also, with each new major version of Nextcloud, the version that + this role installs by default will be updated to match that latest major + release. + +- _Supported Ansible versions_: I am using an installation of Ansible that is + daily checked out from their [development + branch](https://github.com/ansible/ansible/tree/devel/). With each new Ansible + stable version (currently 2.7), a new release of this role will be created + that will be compatible with that new Ansible version. Work following such + a release will take place with the in-development next version of Ansible and + might use new Ansible features. + +For this above reasons, role releases will have names such as `v14-2.7-1.0`, +where: - `14` is the version of Nextcloud that this role will install by default - `2.7` is the Ansible version that the release will be compatible with -- `1.0` is semantic versioning of the role itself (reset when either of the two components above gets updated) +- `1.0` is semantic versioning of the role itself (reset when either of the two + components above gets updated) -The above release will of course also be compatible with later Ansible versions that are compatible with Ansible 2.7. +The above release will of course also be compatible with later Ansible versions +that are compatible with Ansible 2.7. Role Variables -------------- -See [defaults/main.yml](https://github.com/nkakouros-original/ansible-role-nextcloud/blob/master/defaults/main.yml) for a full list of variables together with documentation on how to use them to configure this role. +See +[defaults/main.yml](https://github.com/nkakouros-original/ansible-role-nextcloud/blob/master/defaults/main.yml) +for a full list of variables together with documentation on how to use them to +configure this role. Example Playbook ---------------- -See [molecule/default/prepare.yml](molecule/default/prepare.yml) and [molecule/default/playbook.yml](molecule/default/playbook.yml) for a working example of how to use this role in conjuction with other roles to get a complete server environment that runs Nextcloud. +See [molecule/default/prepare.yml](molecule/default/prepare.yml) and +[molecule/default/playbook.yml](molecule/default/playbook.yml) for a working +example of how to use this role in conjuction with other roles to get a complete +server environment that runs Nextcloud. License ------- GPLv3 + +Author Information +------------------ + +Nikolaos Kakouros diff --git a/defaults/main.yml b/defaults/main.yml index 293a11d..1831aa7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,6 +3,7 @@ nextcloud_enable: true # Set this to 'no' to completely disable the role +# Installation {{{ nextcloud_version: 17 # The major nextcloud version to install. You can use this to upgrade to a new # major version as well. Even if you set 'nextcloud_download_url' manually (see @@ -53,13 +54,8 @@ nextcloud_database: prefix: oc_ # Prefix for the nextcloud tables in the database. - -nextcloud_admin_user: admin -# The name of the admin user - -nextcloud_admin_pass: '' -# The password of the admin user. This variable should not be empty. - +# }}} +# Core configuration {{{ # TODO make this part of nextcloud_config_system nextcloud_enable_pretty_urls: true # Set to yes to enable urls of the form https://example.org/calendar replacing @@ -71,7 +67,37 @@ nextcloud_urls: # This is a list of urls where your nextcloud installation should be accessible. # You would normally need only one. If you specify more than one, the first one # will be as the "main" one, for pretty urls, etc. +# }}} +# Users {{{ +nextcloud_admin_user: admin +# The name of the admin user +nextcloud_admin_pass: '' +# The password of the admin user. This variable should not be empty. + +nextcloud_users: [] +# The ansible users to create, other than the admin. +# It is a list of hashes. Eg +# +# nextcloud_users: +# - name: alice +# pass: superstrongnot +# resetpassword: yes # reset the passsword every time the playbook is run +# display_name: Alice B. Charlie +# settings: +# - firstrunwizard: +# show: 0 +# - calendar: +# showWeekNr: 'yes' +# app_config: +# ... +# +# App and core configuration happens per user. To find out what config options +# are available, either make the changes manually and then the oc_preferences +# table in your nextcloud database or use the `occ config:list` command on your +# server to get a listing of the current configuration options. +# }}} +# Apps {{{ nextcloud_remove_unknown_apps: false # Setting to choose whether to remove or keep external apps which have not been # installed through this role, but manually or via the Nextcloud admin interface @@ -132,25 +158,4 @@ nextcloud_config: {} # | regex_replace('^/') # }} # ``` - -nextcloud_users: [] -# The ansible users to create, other than the admin. -# It is a list of hashes. Eg -# -# nextcloud_users: -# - name: alice -# pass: superstrongnot -# resetpassword: yes # reset the passsword every time the playbook is run -# display_name: Alice B. Charlie -# settings: -# - firstrunwizard: -# show: 0 -# - calendar: -# showWeekNr: 'yes' -# app_config: -# ... -# -# App and core configuration happens per user. To find out what config options -# are available, either make the changes manually and then the oc_preferences -# table in your nextcloud database or use the `occ config:list` command on your -# server to get a listing of the current configuration options. +# }}} diff --git a/filter_plugins/opml.py b/filter_plugins/opml.py index b7f2d07..07360a8 100644 --- a/filter_plugins/opml.py +++ b/filter_plugins/opml.py @@ -10,9 +10,8 @@ def read_opml(path): import listparser except Exception: raise errors.AnsibleFilterError( - 'the "opml" filter requires the \ - "listparser" python module, install with `pip install \ - listparser`' + 'the "opml" filter requires the "listparser" python module,' + + "install with `pip install listparser`" ) try: diff --git a/handlers/main.yml b/handlers/main.yml index 8b413d8..4fdb045 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -8,7 +8,7 @@ mode: g+w listen: nextcloud update htaccess - name: Update .htaccess file - command: ./occ maintenance:update:htaccess --no-interaction + command: php occ maintenance:update:htaccess --no-interaction args: chdir: "{{ nextcloud_installation_dir }}" listen: nextcloud update htaccess @@ -20,12 +20,28 @@ mode: g-w listen: nextcloud update htaccess -- name: Set permissions on downloaded apps - file: - path: "{{ nextcloud_installation_dir }}/apps/" - mode: u=rwX,g=rX,o=rX - owner: "{{ nextcloud_file_owner }}" - group: "{{ nextcloud_file_owner }}" - state: directory - recurse: true - listen: set app files permissions +- name: Set file permissions on Nextcloud files + block: + - name: Set Nextcloud file permissions + file: + path: "{{ nextcloud_installation_dir }}" + mode: u=rwX,g=rX,o-rwx + owner: "{{ nextcloud_file_owner }}" + group: "{{ nextcloud_file_owner }}" + recurse: true + listen: nextcloud set file permissions + - name: Set permissions on installation directory + file: + path: "{{ nextcloud_installation_dir }}" + owner: root + group: "{{ nextcloud_file_owner }}" + mode: 0o750 + state: directory + listen: nextcloud set file permissions + - name: Set permissions on htaccess file + file: + path: "{{ nextcloud_installation_dir }}/.htaccess" + owner: root + group: "{{ nextcloud_file_owner }}" + mode: 0o644 + listen: nextcloud set file permissions diff --git a/tasks/apps/news.yml b/tasks/apps/news.yml index 8954866..88ddf75 100644 --- a/tasks/apps/news.yml +++ b/tasks/apps/news.yml @@ -16,7 +16,6 @@ _nextcloud_news_users: >- {{ nextcloud_users - | selectattr('app_config', 'defined') | selectattr('app_config.news', 'defined') | list }} @@ -188,45 +187,66 @@ delegate_to: localhost # TODO: does not work, says method not allowed +# https://github.com/nextcloud/news/issues/711 # - name: Update feeds # uri: # method: PATCH # url: >- -# {{ -# nextcloud_urls[0] -# }}/apps/news/api/v1-2/feeds/{{ +# {{ _nextcloud_api_url_news }}/feeds/{{ # ( -# _nextcloud_existing_feeds.json.feeds -# | selectattr('url', 'equalto', item.url) +# _nextcloud_existing_feeds.results[ +# ( +# _nextcloud_news_users +# | map(attribute='name') +# | flatten +# ).index(item.0.name) +# ]['json']['feeds'] +# | selectattr('url', 'equalto', item.1.url) # | list # | last # )['id'] # }} # body_format: json # body: -# url: "{{ item.url }}" +# url: "{{ item.1.url }}" # folderId: >- # {{ # ( -# _nextcloud_existing_folders.json.folders -# | selectattr('name', 'equalto', 'kde') +# _nextcloud_existing_folders.results[ +# ( +# _nextcloud_news_users +# | map(attribute='name') +# | flatten +# ).index(item.0.name) +# ]['json']['folders'] +# | selectattr( +# 'name', +# 'equalto', +# item.1.folder +# | default([]) +# | first +# | default('') +# ) # | list -# | first +# | last +# | default('__undefined__') # )['id'] +# | default(omit) # }} # headers: -# Authorization: Basic {{ (item.name + ':' + item.pass) | b64encode }} +# Authorization: Basic {{ (item.0.name + ':' + item.0.pass) | b64encode }} # when: >- -# _nextcloud_existing_feeds.json.feeds -# | selectattr('url', 'equalto', item.url) +# _nextcloud_existing_feeds.results[ +# ( +# _nextcloud_news_users +# | map(attribute='name') +# | flatten +# ).index(item.0.name) +# ]['json']['feeds'] +# | selectattr('url', 'equalto', item.1.url) # | list -# | last -# | attr('folder') -# | default('__not_defined__') -# != -# item.folder -# | default('__not_defined__') +# | length > 0 # register: result -# # changed_when: result is success -# loop: "{{ nextcloud_users[0]['app_config']['news']['feeds'] }}" +# changed_when: result is success +# loop: "{{ _nextcloud_news_users | subelements('app_config.news.feeds') }}" # delegate_to: localhost diff --git a/tasks/core/apps.yml b/tasks/core/apps.yml index 63b983c..c8cfeb0 100644 --- a/tasks/core/apps.yml +++ b/tasks/core/apps.yml @@ -1,8 +1,7 @@ --- -# Read all apps shipped by Nextcloud itself -- name: Read shipped apps - command: ./occ app:list --shipped=true --no-warnings --output=json +- name: Read apps shipped with Nextcloud + command: php occ app:list --shipped=true --no-warnings --output=json args: chdir: "{{ nextcloud_installation_dir }}" become: true @@ -14,9 +13,8 @@ set_fact: nextcloud_shipped_apps: "{{ _result.stdout | from_json }}" -# Read all external apps which have been installed by in addition -- name: Read installed external apps - command: ./occ app:list --shipped=false --no-warnings --output=json +- name: Read external apps installed by the user + command: php occ app:list --shipped=false --no-warnings --output=json args: chdir: "{{ nextcloud_installation_dir }}" become: true @@ -28,12 +26,14 @@ set_fact: nextcloud_installed_apps: "{{ _result.stdout | from_json }}" -# Remove all apps from the list of external apps which are not in the -# configured list of apps, if nextcloud_remove_unknown_apps is set to true - name: Remove unknown external apps - command: php occ app:remove "{{ item }}" - with_items: "{{ (nextcloud_installed_apps.enabled | - combine(nextcloud_installed_apps.disabled)) }}" + command: php occ app:remove "{{ item.key }}" + loop: >- + {{ + nextcloud_installed_apps.enabled + | combine(nextcloud_installed_apps.disabled) + | dict2items + }} become: true become_user: "{{ nextcloud_file_owner }}" args: @@ -42,13 +42,12 @@ failed_when: result.stdout is not search('removed') or result is failed changed_when: result is not failed when: - - nextcloud_remove_unknown_apps - - not (nextcloud_apps | selectattr('name', 'search', item) | list) + - nextcloud_remove_unknown_apps | bool + - not (nextcloud_apps | selectattr('name', 'search', item.key) | list) -# Remove all apps which have their state set to "absent" -- name: Remove external apps +- name: Remove unwanted external apps command: php occ app:remove "{{ item.name }}" - with_items: "{{ nextcloud_apps }}" + loop: "{{ nextcloud_apps }}" become: true become_user: "{{ nextcloud_file_owner }}" args: @@ -67,7 +66,7 @@ # - have their state not set to "absent" - name: Install external apps command: php occ app:install "{{ item.name }}" - with_items: "{{ nextcloud_apps }}" + loop: "{{ nextcloud_apps }}" become: true become_user: "{{ nextcloud_file_owner }}" args: @@ -81,10 +80,11 @@ - item.name not in (nextcloud_installed_apps.enabled | combine(nextcloud_installed_apps.disabled)) - item.state | default('enabled') != 'absent' + notify: nextcloud set file permissions # Update list of available apps after installation and removal: - name: Re-read installed external apps - command: ./occ app:list --shipped=false --no-warnings --output=json + command: php occ app:list --shipped=false --no-warnings --output=json args: chdir: "{{ nextcloud_installation_dir }}" become: true @@ -98,9 +98,13 @@ # Check and update all external apps - name: Update external apps - command: php occ app:update "{{ item }}" - with_items: "{{ (nextcloud_installed_apps.enabled - | combine(nextcloud_installed_apps.disabled)) }}" + command: php occ app:update "{{ item.key }}" + loop: >- + {{ + nextcloud_installed_apps.enabled + | combine(nextcloud_installed_apps.disabled) + | dict2items + }} become: true become_user: "{{ nextcloud_file_owner }}" args: @@ -108,33 +112,38 @@ register: result failed_when: result.stdout is search('not installed') or result is failed changed_when: result.stdout is search('updated') and result is not failed + notify: nextcloud set file permissions # Enable all apps from the configured list which # - are not yet enabled and # - have their state set to "enabled" - name: Enable apps - command: ./occ app:enable "{{ item.name }}" + command: php occ app:enable "{{ item.name }}" args: chdir: "{{ nextcloud_installation_dir }}" become: true become_user: "{{ nextcloud_file_owner }}" - with_items: "{{ nextcloud_apps }}" + loop: "{{ nextcloud_apps }}" when: - (item.state | default('enabled')) == 'enabled' - - item.name not in (nextcloud_installed_apps.enabled - | combine(nextcloud_shipped_apps.enabled)) + - item.name not in ( + nextcloud_installed_apps.enabled + | combine(nextcloud_shipped_apps.enabled) + ) # Disable all apps from the configured list which # - are not yet disabled and # - have their state set to "disabled" - name: Disable apps - command: ./occ app:disable "{{ item.name }}" + command: php occ app:disable "{{ item.name }}" args: chdir: "{{ nextcloud_installation_dir }}" become: true become_user: "{{ nextcloud_file_owner }}" - with_items: "{{ nextcloud_apps }}" + loop: "{{ nextcloud_apps }}" when: - (item.state | default('enabled')) == 'disabled' - - item.name not in (nextcloud_installed_apps.disabled - | combine(nextcloud_shipped_apps.disabled)) + - item.name not in ( + nextcloud_installed_apps.disabled + | combine(nextcloud_shipped_apps.disabled) + ) diff --git a/tasks/core/config.yml b/tasks/core/config.yml index ba64940..da2d2b5 100644 --- a/tasks/core/config.yml +++ b/tasks/core/config.yml @@ -1,7 +1,7 @@ --- - name: Get global preferences - command: ./occ config:list --private --output=json + command: php occ config:list --private --output=json args: chdir: "{{ nextcloud_installation_dir }}" register: _result @@ -35,7 +35,7 @@ mode: 0o400 - name: Set up global preferences - command: ./occ config:import "{{ _result.path }}" + command: php occ config:import "{{ _result.path }}" args: chdir: "{{ nextcloud_installation_dir }}" become: true diff --git a/tasks/core/install.yml b/tasks/core/install.yml index 17befa0..96dcf64 100644 --- a/tasks/core/install.yml +++ b/tasks/core/install.yml @@ -1,39 +1,29 @@ --- +# These tasks install Nextcloud if it is not installed on the system already. +# They should run only once. + - name: Install unzip package: name: unzip state: present when: download_file_type == '.zip' -- name: Install imagemagick +- name: Install dependencies package: - name: imagemagick + name: "{{ package }}" + loop: "{{ packages }}" + loop_control: + loop_var: package + vars: + packages: + - imagemagick - name: Check if nextcloud is already installed stat: path: "{{ nextcloud_installation_dir }}/updater/updater.phar" register: _result -- name: Check if update is available - command: php updater/updater.phar - args: - chdir: "{{ nextcloud_installation_dir }}" - become: true - become_user: "{{ nextcloud_file_owner }}" - register: _result - changed_when: false - failed_when: - - _result is failed - # The updater will automatically try to install any updates if the shell is - # not interactive (as is the case with here). In that case, it means that - # Nextcloud has already been installed and an update was found. Assuming - # that Nextcloud was installed with this role, .htaccess will no be - # writtable. This will cause the updater to fail. But this is a failure we - # can expect. - - _result.stdout is not search('The following places can not be written to') - when: _result.stat.exists | bool - - name: Download nextcloud unarchive: src: "{{ nextcloud_download_url }}" @@ -42,11 +32,10 @@ owner: "{{ nextcloud_file_owner }}" group: "{{ nextcloud_file_owner }}" register: _result - when: >- - _result is skipped - or _result.stdout is not search("No update available") + when: not _result.stat.exists -- block: +- name: Install nextcloud + block: # When extracting the downloaded nextcloud archive, the files are placed # under a nextcloud folder. Here, we rename this folder if the user has # specified a different folder. @@ -69,7 +58,8 @@ - name: Install nextcloud command: >- - php occ maintenance:install --no-interaction + php occ maintenance:install + --no-interaction --database "{{ nextcloud_database.backend }}" --database-name "{{ nextcloud_database.name }}" --database-user "{{ nextcloud_database.user }}" @@ -85,53 +75,11 @@ creates: "{{ nextcloud_installation_dir }}/config/config.php" become: true become_user: "{{ nextcloud_file_owner }}" + notify: nextcloud set file permissions + + - name: Make occ executable + file: + path: "{{ nextcloud_installation_dir }}/occ" + mode: "u+x" - - name: Set file permissions on Nextcloud files - block: - - name: Find Nextcloud files - find: - path: "{{ nextcloud_installation_dir }}" - file_type: any - register: nextcloud_installation_files - - name: Set permissions on directories - file: - path: "{{ item.path }}" - owner: "{{ nextcloud_file_owner }}" - group: "{{ nextcloud_file_owner }}" - mode: 0o750 - state: directory - recurse: true - loop: >- - {{ - nextcloud_installation_files.files - | selectattr('isdir') - | list - }} - # For files, we are using `shell` as `file` with a loop would take ages - # to complete. - - name: Set ownership on files - command: >- - find "{{ nextcloud_installation_dir }}" - -type f - -exec chown {{ - nextcloud_file_owner }}:{{ nextcloud_file_owner }} {} \; - -exec chmod 0640 {} \; - changed_when: false - - name: Set permissions on installation directory - file: - path: "{{ nextcloud_installation_dir }}" - owner: root - group: "{{ nextcloud_file_owner }}" - mode: 0o750 - state: directory - - name: Make occ executable - file: - path: "{{ nextcloud_installation_dir }}/occ" - mode: "u+x" - - name: Set permissions on htaccess file - file: - path: "{{ nextcloud_installation_dir }}/.htaccess" - owner: root - group: "{{ nextcloud_file_owner }}" - mode: 0o644 when: _result is not skipped diff --git a/tasks/core/integrity.yml b/tasks/core/integrity.yml index 42cc74d..6f889fd 100644 --- a/tasks/core/integrity.yml +++ b/tasks/core/integrity.yml @@ -3,7 +3,7 @@ - name: Read extra files block: - name: Run integrity check for core - command: "./occ integrity:check-core --output=json" + command: "php occ integrity:check-core --output=json" args: chdir: "{{ nextcloud_installation_dir }}" register: nextcloud_integrity_core @@ -13,7 +13,7 @@ changed_when: false - name: Run integrity check for apps - command: "./occ integrity:check-app {{ item }} --output=json" + command: "php occ integrity:check-app {{ item }} --output=json" args: chdir: "{{ nextcloud_installation_dir }}" register: nextcloud_integrity_apps @@ -35,7 +35,7 @@ nextcloud_extra_files: >- [ {%- for result in nextcloud_integrity_apps.results -%} - {%- set appname=(result.cmd[3]) -%} + {%- set appname=result.item -%} {%- set files=(result.stdout_lines[-1] | from_json) -%} {%- if files is mapping and 'EXTRA_FILE' in files -%} "{{ [] @@ -70,7 +70,7 @@ warn: false - name: Re-run integrity check for core to update integrity results - command: "./occ integrity:check-core --output=json" + command: "php occ integrity:check-core --output=json" args: chdir: "{{ nextcloud_installation_dir }}" become: true @@ -79,7 +79,7 @@ changed_when: false - name: Re-run integrity check for apps to update integrity results - command: "./occ integrity:check-app {{ item }} --output=json" + command: "php occ integrity:check-app {{ item }} --output=json" args: chdir: "{{ nextcloud_installation_dir }}" loop: >- diff --git a/tasks/core/upgrade.yml b/tasks/core/upgrade.yml index 1989d67..3bd0887 100644 --- a/tasks/core/upgrade.yml +++ b/tasks/core/upgrade.yml @@ -1,7 +1,41 @@ --- +- name: Check if update is available + command: php occ update:check --no-interaction + args: + chdir: "{{ nextcloud_installation_dir }}" + become: true + become_user: "{{ nextcloud_file_owner }}" + register: _result + changed_when: _result.stdout | regex_search('^Nextcloud .* is available') + failed_when: _result is failed + +- name: Make files writable by php user + file: + path: "{{ nextcloud_installation_dir }}" + mode: u=rwX,g=rX,o=rX + owner: "{{ nextcloud_file_owner }}" + group: "{{ nextcloud_file_owner }}" + recurse: true + when: _result.stdout | regex_search('^Nextcloud .* is available') + # Make sure to correctly set file permissions after the installation + notify: nextcloud set file permissions + +- name: Update Nextcloud installation + command: php updater/updater.phar --no-interaction + args: + chdir: "{{ nextcloud_installation_dir }}" + become: true + become_user: "{{ nextcloud_file_owner }}" + register: _result + failed_when: + - _result is failed + - _result.stdout is not search('Update successful') + # We only check for an upgrade of Nextcloud itself, not of the apps + when: _result.stdout | regex_search('^Nextcloud .* is available') + - name: Check if upgrade is needed - command: ./occ status + command: php occ status args: chdir: "{{ nextcloud_installation_dir }}" register: nextcloud_status @@ -10,7 +44,7 @@ become_user: "{{ nextcloud_file_owner }}" - name: Upgrade Nextcloud installation - command: ./occ upgrade + command: php occ upgrade args: chdir: "{{ nextcloud_installation_dir }}" become: true diff --git a/tasks/users/group.yml b/tasks/users/group.yml index 4864829..a517580 100644 --- a/tasks/users/group.yml +++ b/tasks/users/group.yml @@ -1,7 +1,7 @@ --- - name: Create user groups - command: ./occ group:add "{{ item }}" + command: php occ group:add "{{ item }}" args: chdir: "{{ nextcloud_installation_dir }}" loop: >- @@ -20,7 +20,7 @@ become_user: "{{ nextcloud_file_owner }}" - name: Get user info - command: ./occ user:info "{{ item.name }}" --output=json + command: php occ user:info "{{ item.name }}" --output=json args: chdir: "{{ nextcloud_installation_dir }}" register: _nextcloud_user_info @@ -30,7 +30,7 @@ become_user: "{{ nextcloud_file_owner }}" - name: Add users to groups - command: ./occ group:adduser "{{ item.1 }}" "{{ item.0.name }}" + command: php occ group:adduser "{{ item.1 }}" "{{ item.0.name }}" args: chdir: "{{ nextcloud_installation_dir }}" loop: "{{ nextcloud_users | subelements('groups') }}" diff --git a/tasks/users/user.yml b/tasks/users/user.yml index 7159606..ad24b04 100644 --- a/tasks/users/user.yml +++ b/tasks/users/user.yml @@ -1,7 +1,7 @@ --- - name: Get user list - command: ./occ user:list --output=json + command: php occ user:list --output=json args: chdir: "{{ nextcloud_installation_dir }}" register: nextcloud_online_users @@ -24,7 +24,7 @@ - name: Create users command: >- - ./occ user:add + php occ user:add "{{ item.name }}" --display-name "{{ item.display_name }}" --password-from-env @@ -38,7 +38,7 @@ become_user: "{{ nextcloud_file_owner }}" - name: Update user password - command: ./occ user:resetpassword "{{ item.name }}" --password-from-env + command: php occ user:resetpassword "{{ item.name }}" --password-from-env args: chdir: "{{ nextcloud_installation_dir }}" when: diff --git a/tasks/users/user_config.yml b/tasks/users/user_config.yml index cab3b95..988c759 100644 --- a/tasks/users/user_config.yml +++ b/tasks/users/user_config.yml @@ -51,7 +51,7 @@ ] - name: Read existing config values - command: "./occ user:setting {{ item.user }} {{ item.app }} {{ item.key }}" + command: "php occ user:setting {{ item.user }} {{ item.app }} {{ item.key }}" args: chdir: "{{ nextcloud_installation_dir }}" become: true @@ -63,7 +63,7 @@ - name: Enable user settings command: >- - ./occ user:setting + php occ user:setting {{ item.0.user }} {{ item.0.app }} {{ item.0.key }} @@ -73,6 +73,4 @@ become: true become_user: "{{ nextcloud_file_owner }}" when: item.0.value != item.1.stdout - with_together: - - "{{ user_settings }}" - - "{{ user_config_values.results }}" + loop: "{{ user_settings | zip(user_config_values.results) | list }}"