removed Podman post-installation handlers as containers will no longer be managed via Ansible

roles/bootstrap/handlers/nextcloud.yml

@@ -17,10 +17,6 @@
     # @TODO see if setting below is necessary given use of reverse proxy
     - name: Set trusted domains
       block:
-        - name: Set localhost as trusted domain
-          ansible.builtin.command:
-            cmd: "/snap/bin//snap/bin/nextcloud.occ config:system:set trusted_domains 0 --value='localhost'"
-        # @TODO see if setting below is necessary given use of reverse proxy
         - name: Set FQDN as trusted domain
           ansible.builtin.command:
             cmd: "/snap/bin//snap/bin/nextcloud.occ config:system:set trusted_domains 1 --value='cloud.{{ hostvars[inventory_hostname].fqdn }}'"
@@ -28,6 +24,7 @@
     - name: Set trusted reverse proxy addresses
       block:
         - name: Set trusted reverse proxy IPv4 address based on hostname
+          # @TODO create config.trusted_revproxy_ips data structure in bootstrap role's vars dir--may include loopback addresses
           when: config.trusted_revproxy_ips.ipv4 is None or len(config.trusted_revproxy_ips.ipv4) < 1
           ansible.builtin.command:
             argv:
@@ -65,4 +62,44 @@
           loop: "{{ config.trusted_revproxy_ips.ipv6 }}"
           loop_control:
             index_var: idx
+    # @TODO create task based on shell command `sudo /snap/bin/nextcloud.occ config:system:set default_phone_region --value="US"`
+    - name: Set default phone region
+      ansible.builtin.command:
+        argv:
+          - /snap/bin/nextcloud.occ
+          - "config:system:set"
+          - default_phone_region
+          - "--value={{ config.nextcloud.phone_region }}"
+    # @TODO create task based on shell command:
+    #   `sudo /snap/bin/nextcloud.occ config:system:set overwrite.cli.url --value="https://cloud.{{ fqdn }}"` for Caddy task
+    - name: Set overwrite CLI URL
+      ansible.builtin.command:
+        argv:
+          - /snap/bin/nextcloud.occ
+          - "config:system:set"
+          - overwrite.cli.url
+          - "--value=cloud.{{ hostvars[inventory_hostname].fqdn }}"
+    # @TODO create task based on shell command `sudo /snap/bin/nextcloud.occ config:system:set overwriteprotocol --value="https"` for Caddy task
+    - name: Overwrite protocol
+      ansible.builtin.command:
+        argv:
+          - /snap/bin/nextcloud.occ
+          - "config:system:set"
+          - overwriteprotocol
+          - --value="https"
     # @TODO create system-level bash alias for `/snap/bin/nextcloud.occ` command
+    - name: Get Nextcloud snap binaries
+      ansible.builtin.find:
+        paths:
+          - /snap/bin
+        patterns:
+          - nextcloud\..*
+        recurse: false
+        use_regex: true
+      register: nextcloud_snap_binaries
+    - name: Create symbolic links for Nextcloud snap binaries
+      ansible.builtin.file:
+        dest: "/usr/sbin/{{ item.path | basename }}"
+        src: "{{ item.path }}"
+        state: link
+      loop: "{{ nextcloud_snap_binaries.files }}"

roles/bootstrap/handlers/podman.yml

@@ -1,13 +0,0 @@
-# SPDX-License-Identifier: MIT-0
----
-# handlers file for bootstrap
-- name: Pull podman images
-  listen: rsync
-  block:
-    - name: Pull container images via podman
-      containers.podman.podman_image:
-        name: "{{ item.value['name'] }}"
-        tag: "{{ item.value['tag'] | default('latest') }}"
-        state: present
-      notify: "{{ item.key }}"
-      loop: "{{ lookup('ansible.builtin.dict', software.containers) }}"

roles/bootstrap/templates/systemd/user/aria2cd.service.j2

@@ -0,0 +1,13 @@
+[Unit]
+Description=aria2 Daemon
+After=network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/bin/aria2c --conf-path={{ ansible_facts['user_dir'] }}/.config/aria2/aria2.conf
+ExecReload=/usr/bin/kill -HUP $MAINPID
+RestartSec=1min
+Restart=on-failure
+
+[Install]
+WantedBy=default.target

roles/bootstrap/vars/main/software.yml

@@ -193,13 +193,14 @@ software:
     proftpd-mod-crypto:
       name:
         apt: proftpd-mod-crypto
-    # proftpd-mod-ldap:
+    # @TODO write configuration files and handler for below two package installations
-    #   name:
+    #    based on: 
-    #     apt: proftpd-mod-ldap
+    clamav:
-    # @TODO manually install the commented below on current active new VPS, then uncomment
+      name:
-    # proftpd-mod-clamav:
+        apt: clamav
-    #   name:
+    clamd:
-    #     apt: proftpd-mod-clamav
+      name:
+        apt: clamav-daemon
     proftpd:
       name:
         apt: proftpd
@@ -211,7 +212,7 @@ software:
         apt: rsync
     # rclone:
     #   name:
-    #     apt: rsync 
+    #     apt: rclone
     aria:
       name:
         apt: aria2 
@@ -235,10 +236,6 @@ software:
         - "nextcloud:ports.http=81"
         # @TODO see how to set these options: https://help.nextcloud.com/t/how-to-configure-nextcloud-snap/216036#p-649442-trusted-domains-configuration-8
         # @TODO see how to set these options: https://help.nextcloud.com/t/how-to-configure-nextcloud-snap/216036#p-649442-trusted-proxy-configuration-9
-  containers:
-    ariang:
-      name: https://docker.io/p3terx/ariang
-      tag: latest
   links:
     quartz:
       name: quartz
@@ -293,6 +290,7 @@ config:
         username: admin
         # @TODO change this password to ansible-vaulted actual choice password later
         password: password123 # @NOTE placeholder
+    phone_region: US
   aria:
     checksum: ~
     secret: ~