diff --git a/config/ansible/tasks/servers/server.yml b/config/ansible/tasks/servers/server.yml index 955f67d..1fdf2a4 100644 --- a/config/ansible/tasks/servers/server.yml +++ b/config/ansible/tasks/servers/server.yml @@ -29,5 +29,3 @@ enabled: false - name: jellyfin enabled: true - - name: nextcloud - enabled: true diff --git a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 index e211e9d..d8d38bf 100644 --- a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 +++ b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 @@ -18,17 +18,6 @@ jf.vleeuwen.me jf.mvl.sh { tls {{ caddy_email }} } -cloud.vleeuwen.me cloud.mvl.sh { - redir /.well-known/carddav /remote.php/dav/ 301 - redir /.well-known/caldav /remote.php/dav/ 301 - - reverse_proxy nextcloud:80 - header { - Strict-Transport-Security "max-age=15552000; includeSubDomains" - } - tls {{ caddy_email }} -} - collabora.mvl.sh { reverse_proxy collabora:9980 { header_up Host {host} diff --git a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 deleted file mode 100644 index 039149e..0000000 --- a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 +++ /dev/null @@ -1,76 +0,0 @@ -services: - db: - image: mariadb:11.4 - command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW - restart: unless-stopped - volumes: - - {{nextcloud_data_dir}}/nextcloud-db:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD={{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_ROOT_PASSWORD') }} - - MYSQL_PASSWORD={{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_PASSWORD') }} - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - networks: - - nextcloud - - nextcloud: - image: nextcloud - restart: unless-stopped - depends_on: - - db - links: - - db - volumes: - - {{nextcloud_data_dir}}/nextcloud-data:/var/www/html - environment: - # Database settings - - MYSQL_PASSWORD={{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_PASSWORD') }} - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - - MYSQL_HOST=db - - # Storage settings - - OBJECTSTORE_S3_BUCKET=nextcloud - - OBJECTSTORE_S3_KEY={{hetzner_access_key}} - - OBJECTSTORE_S3_SECRET={{hetzner_secret_key}} - - OBJECTSTORE_S3_HOST=mvl-sh.hel1.your-objectstorage.com - - OBJECTSTORE_S3_PORT=443 - - OBJECTSTORE_S3_SSL=true - - OBJECTSTORE_S3_USEPATH_STYLE=true - - OBJECTSTORE_S3_AUTOCREATE=true - - # SMTP settings - - SMTP_HOST=smtp.fastmail.com - - SMTP_PORT=465 - - MAIL_FROM_ADDRESS={{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MAIL_FROM_ADDRESS') }} - - MAIL_DOMAIN=mvl.sh - - SMTP_PASSWORD={{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='SMTP_PASSWORD') }} - - - NEXTCLOUD_ADMIN_USER={{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='username') }} - - NEXTCLOUD_ADMIN_PASSWORD={{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='password') }} - - TRUSTED_PROXIES=172.20.0.0/24 - networks: - - caddy_network - - nextcloud - - collabora: - image: collabora/code:latest - restart: always - environment: - - username={{collabora_user}} - - password={{collabora_pass}} - - domain=cloud\.mvl\.sh|cloud\.vleeuwen\.me - - dictionaries=en nl du fr - - extra_params=--o:ssl.enable=false --o:ssl.termination=true - ports: - - 9980:9980 - networks: - - caddy_network - - nextcloud - -networks: - nextcloud: - caddy_network: - external: true - name: caddy_default - diff --git a/config/ansible/tasks/servers/services/nextcloud/nextcloud.yml b/config/ansible/tasks/servers/services/nextcloud/nextcloud.yml deleted file mode 100644 index 559a82d..0000000 --- a/config/ansible/tasks/servers/services/nextcloud/nextcloud.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -- name: Deploy Nextcloud service - block: - - name: Set Nextcloud directories - ansible.builtin.set_fact: - nextcloud_service_dir: "{{ ansible_env.HOME }}/services/nextcloud" - nextcloud_data_dir: "/mnt/services/nextcloud" - collabora_user: "{{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='COLLABORA_USERNAME') }}" - collabora_pass: "{{ lookup('community.general.onepassword', 'x5jporz6fguqsm4dmwrb6juua4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='COLLABORA_PASSWORD') }}" - hetzner_access_key: "{{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_ACCESS_KEY_ID') }}" - hetzner_secret_key: "{{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_SECRET_ACCESS_KEY') }}" - - - name: Create Nextcloud directory - ansible.builtin.file: - path: "{{ nextcloud_service_dir }}" - state: directory - mode: "0755" - - - name: Deploy Nextcloud docker-compose.yml - ansible.builtin.template: - src: docker-compose.yml.j2 - dest: "{{ nextcloud_service_dir }}/docker-compose.yml" - mode: "0644" - register: nextcloud_compose - - - name: Stop Nextcloud service - ansible.builtin.command: docker compose -f "{{ nextcloud_service_dir }}/docker-compose.yml" down --remove-orphans - when: nextcloud_compose.changed - - - name: Start Nextcloud service - ansible.builtin.command: docker compose -f "{{ nextcloud_service_dir }}/docker-compose.yml" up -d - when: nextcloud_compose.changed