status-im
/
infra-role-nextcloud
mirror of https://github.com/status-im/infra-role-nextcloud.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Ansible role for NextCloud
5 Commits 1 Branch 0 Tags 47 KiB
Jinja 100%
Go to file
Jakub Sokołowski ce14915060
allow new installations by adjusting config 
Also create CAN_INSTALL file to allow migrations to run.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
 		2022-06-24 13:33:08 +02:00
defaults allow new installations by adjusting config 2022-06-24 13:33:08 +02:00
meta meta: add role dependencies 2022-06-22 09:58:42 +02:00
tasks allow new installations by adjusting config 2022-06-24 13:33:08 +02:00
templates allow new installations by adjusting config 2022-06-24 13:33:08 +02:00
ENCRYPTION.md move files from infra-office repo 2022-06-22 09:58:14 +02:00
README.md move files from infra-office repo 2022-06-22 09:58:14 +02:00

README.md

Description

This role deploys an instance of NextCloud which is an Open Source self-hosted productivity platform.

Configuration

The bare minimum would include:

nextcloud_domain: 'cloud.example.org'
nextcloud_admin_username: 'admin'
nextcloud_admin_password: 'super-secret-password'
nextcloud_docs_secret_key: 'super-secret-key'
nextcloud_password_salt: 'super-secret-password-salt'
nextcloud_secret: 'super-secret-encryption-key'

There's also optional SMTP configuration:

nextcloud_smtp_enabled: true
nextcloud_smtp_port: 587
nextcloud_smtp_host: 'smtp.example.org'
nextcloud_smtp_user: 'smtp-login-user'
nextcloud_smtp_pass: 'super-secret-password'
nextcloud_smtp_method: 'tls'
nextcloud_smtp_domain: 'example.org'
nextcloud_smtp_from: 'nextcloud'

Management

The setup is created using Docker Compose and can be managed as such:

admin@node-01.do-ams3.nextcloud.misc:/docker/nextcloud % docker-compose ps
     Name                    Command                  State               Ports         
----------------------------------------------------------------------------------------
nextcloud-app     /entrypoint.sh apache2-for ...   Up (healthy)   0.0.0.0:9000->80/tcp  
nextcloud-cache   redis-server --requirepass ...   Up (healthy)   0.0.0.0:6379->6379/tcp
nextcloud-db      docker-entrypoint.sh postgres    Up (healthy)   0.0.0.0:5432->5432/tcp
nextcloud-docs    /bin/sh -c bash start-coll ...   Up (healthy)   0.0.0.0:9980->9980/tcp

Backups

There's two folders that need to be backed up:

  • /docker/nextcloud/app/data - Files created and uploaded by NextCloud users.
  • /docker/nextcloud/db/backup - NextCloud PostgreSQL database dump

The data folder contains especially important files_encryption folders without which decryption of user data is impossible.

The database dumps are done with a systemd timer and then backed up with Restic, as are the data folders:

admin@node-01.do-ams3.nextcloud.misc:~ % sudo systemctl list-timers -a '*-nextcloud-*.timer'
NEXT                        LEFT     LAST PASSED UNIT                        ACTIVATES                    
Fri 2021-08-06 00:00:00 UTC 11h left n/a  n/a    backup-nextcloud-data.timer backup-nextcloud-data.service
Fri 2021-08-06 00:00:00 UTC 11h left n/a  n/a    backup-nextcloud-db.timer   backup-nextcloud-db.service  
Fri 2021-08-06 00:00:00 UTC 11h left n/a  n/a    dump-nextcloud-db.timer     dump-nextcloud-db.service    

3 timers listed.

Details

For more information on enryption see ENCRYPTION.md.