From 0a072b4c901b146ff007f404b932f79b8c096a3c Mon Sep 17 00:00:00 2001 From: Alex Tavarez Date: Mon, 17 Nov 2025 09:39:49 -0500 Subject: [PATCH] Added handler for nextcloud, to configure it after it has been installed by snapd --- roles/bootstrap/handlers/nextcloud.yml | 64 ++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 roles/bootstrap/handlers/nextcloud.yml diff --git a/roles/bootstrap/handlers/nextcloud.yml b/roles/bootstrap/handlers/nextcloud.yml new file mode 100644 index 0000000..a5d7d41 --- /dev/null +++ b/roles/bootstrap/handlers/nextcloud.yml @@ -0,0 +1,64 @@ +# SPDX-License-Identifier: MIT-0 +--- +# handlers file for bootstrap +- name: Configure Nextcloud snap + become: true + listen: nextcloud + block: + - name: Enable monitoring of network hardware + ansible.builtin.command: + cmd: "snap connect nextcloud:network-observe" + - name: Enable access to removable media + ansible.builtin.command: + cmd: "snap connect nextcloud:removable-media" + # @TODO see if setting below is necessary given use of reverse proxy + # - name: Set trusted domains + # ansible.builtin.command: + # cmd: "nextcloud.occ config:system:set trusted_domains 0 --value='cloud.{{ hostvars[inventory_hostname].fqdn }}'" + # @TODO configure perhaps for trusted (reverse) proxy instead of above + - name: Set trusted reverse proxy IPv4 address + when: config.trusted_revproxy_ips.ipv4 is None or len(config.trusted_revproxy_ips.ipv4) < 1 + ansible.builtin.command: + argv: + - nextcloud.occ + - "config:system:set" + - trusted_proxies 0 + - "--value=$(hostname -I | awk -F ' ' '{ print $1 }')" + - name: Set trusted reverse proxy IPv4 address + when: config.trusted_revproxy_ips.ipv4 is not None and len(config.trusted_revproxy_ips.ipv4) > 0 + ansible.builtin.command: + argv: + - nextcloud.occ + - "config:system:set" + - "trusted_proxies {{ idx }}" + - "--value={{ item }}" + loop: "{{ config.trusted_revproxy_ips.ipv4 }}" + loop_control: + index_var: idx + - name: Set trusted reverse proxy IPv6 address + when: config.trusted_revproxy_ips.ipv6 is None or len(config.trusted_revproxy_ips.ipv6) < 1 + ansible.builtin.command: + argv: + - nextcloud.occ + - "config:system:set" + - trusted_proxies 0 + - "--value=$(hostname -I | awk -F ' ' '{ print $2 }')" + - name: Set trusted reverse proxy IPv6 address + when: config.trusted_revproxy_ips.ipv6 is not None and len(config.trusted_revproxy_ips.ipv6) > 0 + ansible.builtin.command: + argv: + - nextcloud.occ + - "config:system:set" + - "trusted_proxies {{ idx }}" + - "--value={{ item }}" + loop: "{{ config.trusted_revproxy_ips.ipv6 }}" + loop_control: + index_var: idx + - name: Enable LDAP integration app + ansible.builtin.command: + cmd: "nextcloud.occ app:enable user_ldap" + # @TODO see if can further configure LDAP in particular: https://docs.nextcloud.com/server/stable/admin_manual/occ_command.html#ldap-commands + - name: Enable contacts' birthday calendar app + ansible.builtin.command: + cmd: "nextcloud.occ dav:sync-birthday-calendar" + # @TODO create system-level bash alias for `nextcloud.occ` command