├── .github └── workflows │ └── ansible-galaxy.yml ├── .gitignore ├── .travis.yml ├── README.md ├── defaults └── main.yml ├── meta └── main.yml ├── tasks └── main.yml └── tests ├── inventory └── test.yml /.github/workflows/ansible-galaxy.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: 'Publish latest release to Ansible Galaxy' 3 | 4 | on: 5 | push: 6 | branches: 7 | - 'main' 8 | workflow_dispatch: {} 9 | 10 | jobs: 11 | build: 12 | name: 'Publish to Ansible Galaxy' 13 | runs-on: 'ubuntu-latest' 14 | steps: 15 | - name: 'checkout' 16 | uses: 'actions/checkout@v2' 17 | - name: 'galaxy' 18 | uses: 'robertdebock/galaxy-action@1.2.0' 19 | with: 20 | galaxy_api_key: '${{ secrets.galaxy_api_key }}' 21 | git_branch: 'main' 22 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | vars/main.yml 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | language: python 3 | python: "2.7" 4 | 5 | # Use the new container infrastructure 6 | sudo: false 7 | 8 | # Install ansible 9 | addons: 10 | apt: 11 | packages: 12 | - python-pip 13 | 14 | install: 15 | # Install ansible 16 | - pip install ansible 17 | 18 | # Check ansible version 19 | - ansible --version 20 | 21 | # Create ansible.cfg with correct roles_path 22 | - printf '[defaults]\nroles_path=../' >ansible.cfg 23 | 24 | script: 25 | # Basic role syntax check 26 | - ansible-playbook tests/test.yml -i tests/inventory --syntax-check 27 | 28 | notifications: 29 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [Archived] Deploy Nextcloud with MariaDB in a Podman Pod 2 | ======================================================== 3 | 4 | _Notice:_ This repository has been archived. Future work is going to happen in the Ansible Collection [tronde.nextcloud](https://codeberg.org/Tronde/nextcloud) at [codeberg.org](https://codeberg.org). 5 | 6 | With this ansible role you can deploy Nextcloud and MariaDB container in a podman-pod(1) to get a running Nextcloud instance ready to use from the local host. To reach this Nextcloud from a remote location you have two options: 7 | 8 | 1. Use a reverse proxy like NGINX to forward requests to your Nextcloud pod. 9 | 2. Listen on all interfaces for incoming traffic for the pod. 10 | 11 | I strongly recommend option 1. 12 | 13 | This role was tested on Fedora 35 and Debian 11 (Bullseye) so far. Please let me know if you run it with other Distributions and version, so I can add them to _meta/main.yml_. Any feedback is welcome. 14 | 15 | Requirements 16 | ------------ 17 | 18 | * Collection containers.podman 19 | 20 | To install this collection use: `ansible-galaxy collection install containers.podman` 21 | 22 | Role Variables 23 | -------------- 24 | 25 | All variables needed to deploy a pod containing containers for Nextcloud and 26 | MariaDB are defined in _defaults/main.yml_ and set to example values. You 27 | have to change these values or set them in _vars/main.yml_ to fit your needs. 28 | Please keep your passwords as a secret. Use ansible-vault(1) to protect them. 29 | 30 | ### Variables in defaults/main.yml 31 | 32 | ``` 33 | # Podman volumes for Nextcloud 34 | NC_HTML: nc_html 35 | NC_APPS: nc_apps 36 | NC_CONFIG: nc_config 37 | NC_DATA: nc_data 38 | 39 | # Podman volume for MariaDB 40 | MYSQL_DATA: mysql_data 41 | 42 | # MySQL/MariaDB vars 43 | MYSQL_DATABASE: nextcloud 44 | MYSQL_USER: nextcloud 45 | MYSQL_PASSWORD: ToPSeCrEt2021! 46 | MYSQL_ROOT_PASSWORD: ToPSeCrEt2021! 47 | MYSQL_HOST: 127.0.0.1 48 | 49 | # Vars for MariaDB container 50 | MARIADB_SYSTEMD_PATH: ~/.config/systemd/user/ 51 | MARIADB_CONMON_PIDFILE: /tmp/mariadb_conmon.pid 52 | MARIADB_IMAGE: docker.io/library/mariadb:10.5.7 53 | MARIADB_NAME: nc_mariadb 54 | 55 | # Nextcloud vars 56 | NEXTCLOUD_ADMIN_USER: nc_admin 57 | NEXTCLOUD_ADMIN_PASSWORD: VSnfD2021! 58 | 59 | # SMTP vars 60 | SMTP_HOST: smtp.example.com 61 | SMTP_SECURE: tls # ssl to use SSL, or tls zu use STARTTLS 62 | SMTP_PORT: 587 # (25, 465 for SSL, 587 for STARTTLS) 63 | SMTP_AUTHTYPE: LOGIN 64 | SMTP_NAME: bob@example.com 65 | SMTP_PASSWORD: MailSecret1! 66 | MAIL_FROM_ADDRESS: no-reply@example.com 67 | 68 | # Vars for podman-pod(1) 69 | POD_NAME: nc_pod 70 | POD_INFRA_NAME: nc_pod_infra 71 | POD_PORT: 80 72 | POD_INFRA_CONMON_PIDFILE: /tmp/nc_pod_infra.pid 73 | POD_SYSTEMD_PATH: ~/.config/systemd/user/ 74 | 75 | # Vars for Nextcloud container 76 | NC_CONMON_PIDFILE: /tmp/nc_conmon.pid 77 | NC_SYSTEMD_PATH: ~/.config/systemd/user/ 78 | NC_IMAGE: docker.io/library/nextcloud:22.2-apache 79 | NC_NAME: nextcloud 80 | ``` 81 | 82 | With this default configuration podman will choose a random host port that is not in use to connect it with the port of the pod. 83 | 84 | Example Playbook 85 | ---------------- 86 | 87 | 88 | - hosts: servers 89 | remote_user: root 90 | roles: 91 | - ansible_role_deploy_nextcloud_with_mariadb_pod 92 | 93 | License 94 | ------- 95 | 96 | GPL version 2 or later 97 | 98 | This role comes as it is, without any warranty. Use it at your own risk. 99 | 100 | Author Information 101 | ------------------ 102 | 103 | Author: Joerg Kastning 104 | URL: https://www.my-it-brain.de/wordpress/zu-meiner-person/ 105 | E-Mail: joerg(dot)kastning(aet)gmail(dot)com 106 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for ansible_role_deploy_nextcloud_with_mariadb_pod 3 | # Podman volumes for Nextcloud 4 | NC_HTML: nc_html 5 | NC_APPS: nc_apps 6 | NC_CONFIG: nc_config 7 | NC_DATA: nc_data 8 | 9 | # Podman volume for MariaDB 10 | MYSQL_DATA: mysql_data 11 | 12 | # MySQL/MariaDB vars 13 | MYSQL_DATABASE: nc_db 14 | MYSQL_USER: nextcloud 15 | MYSQL_PASSWORD: ToPSeCrEt2021! 16 | MYSQL_ROOT_PASSWORD: ToPSeCrEt2021! 17 | MYSQL_HOST: 127.0.0.1 18 | 19 | # Vars for MariaDB container 20 | MARIADB_CONMON_PIDFILE: /tmp/mariadb_conmon.pid 21 | MARIADB_IMAGE: docker.io/library/mariadb:10.11.2 22 | MARIADB_NAME: nc_mariadb 23 | 24 | # Nextcloud vars 25 | NEXTCLOUD_ADMIN_USER: nc_admin 26 | NEXTCLOUD_ADMIN_PASSWORD: VSnfD2021! 27 | NEXTCLOUD_OVERWRITEPROTOCOL: "" 28 | NEXTCLOUD_OVERWRITECLIURL: "" 29 | NEXTCLOUD_TRUSTED_DOMAINS: "" 30 | 31 | # SMTP vars 32 | SMTP_HOST: "smtp.example.com" 33 | SMTP_SECURE: "tls" # ssl to use SSL, or tls zu use STARTTLS 34 | SMTP_PORT: "587" # (25, 465 for SSL, 587 for STARTTLS) 35 | SMTP_AUTHTYPE: "LOGIN" 36 | SMTP_NAME: "bob@example.com" 37 | SMTP_PASSWORD: "MailSecret1!" 38 | MAIL_FROM_ADDRESS: "no-reply" 39 | MAIL_DOMAIN: "example.com" 40 | 41 | # Vars for podman-pod(1) 42 | POD_NAME: nc_pod 43 | POD_PORT: 127.0.0.1:40671:80 44 | POD_INFRA_CONMON_PIDFILE: /tmp/nc_pod_infra.pid 45 | 46 | # Vars for Nextcloud container 47 | NC_CONMON_PIDFILE: /tmp/nc_conmon.pid 48 | NC_IMAGE: docker.io/library/nextcloud:25-apache 49 | NC_NAME: nextcloud 50 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: Joerg Kastning 3 | description: Deploy Nextcloud and MariaDB containers as podman-pod(1) 4 | role_name: deploy_nextcloud_with_mariadb_pod 5 | 6 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 7 | # - BSD-3-Clause (default) 8 | # - MIT 9 | # - GPL-2.0-or-later 10 | # - GPL-3.0-only 11 | # - Apache-2.0 12 | # - CC-BY-4.0 13 | license: GPL-2.0-or-later 14 | 15 | min_ansible_version: 2.11 16 | 17 | # 18 | # Provide a list of supported platforms, and for each platform a list of versions. 19 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 20 | # To view available platforms and versions (or releases), visit: 21 | # https://galaxy.ansible.com/api/v1/platforms/ 22 | # 23 | # platforms: 24 | # - name: Fedora 25 | # versions: 26 | # - all 27 | # - 25 28 | # - name: SomePlatform 29 | # versions: 30 | # - all 31 | # - 1.0 32 | # - 7 33 | # - 99.99 34 | platforms: 35 | - name: Debian 36 | versions: 37 | - bullseye 38 | - name: Fedora 39 | versions: 40 | - 35 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for ansible_role_deploy_nextcloud_with_mariadb_pod 3 | - name: Main folder, needed for updating 4 | containers.podman.podman_volume: 5 | state: present 6 | name: "{{ NC_HTML }}" 7 | recreate: no 8 | debug: no 9 | 10 | - name: Volume for installed/modified apps 11 | containers.podman.podman_volume: 12 | state: present 13 | name: "{{ NC_APPS }}" 14 | recreate: no 15 | debug: no 16 | 17 | - name: Volume for local configuration 18 | containers.podman.podman_volume: 19 | state: present 20 | name: "{{ NC_CONFIG }}" 21 | recreate: no 22 | debug: no 23 | 24 | - name: Volume for the actual data of Nextcloud 25 | containers.podman.podman_volume: 26 | state: present 27 | name: "{{ NC_DATA }}" 28 | recreate: no 29 | debug: no 30 | 31 | - name: Volume for the MySQL data files 32 | containers.podman.podman_volume: 33 | state: present 34 | name: "{{ MYSQL_DATA }}" 35 | recreate: no 36 | debug: no 37 | 38 | - name: Pull latest Nextcloud image with tag production-apache 39 | containers.podman.podman_image: 40 | name: docker.io/library/nextcloud 41 | tag: production-apache 42 | state: present 43 | 44 | - name: Create the podman-pod(1) 45 | containers.podman.podman_pod: 46 | debug: no 47 | infra: yes 48 | infra_conmon_pidfile: "{{ POD_INFRA_CONMON_PIDFILE }}" 49 | publish: "{{ POD_PORT }}" 50 | name: "{{ POD_NAME }}" 51 | state: started 52 | recreate: yes 53 | 54 | - name: Create MariaDB container 55 | containers.podman.podman_container: 56 | debug: yes 57 | conmon_pidfile: "{{ MARIADB_CONMON_PIDFILE }}" 58 | image: "{{ MARIADB_IMAGE }}" 59 | image_strict: yes 60 | pod: "{{ POD_NAME }}" 61 | recreate: yes 62 | state: started 63 | name: "{{ MARIADB_NAME }}" 64 | env: 65 | MYSQL_USER: "{{ MYSQL_USER }}" 66 | MYSQL_PASSWORD: "{{ MYSQL_PASSWORD }}" 67 | MYSQL_ROOT_PASSWORD: "{{ MYSQL_ROOT_PASSWORD }}" 68 | MYSQL_DATABASE: "{{ MYSQL_DATABASE }}" 69 | volume: "{{ MYSQL_DATA }}:/var/lib/mysql:Z" 70 | 71 | - name: Wait for DB to initilize 72 | wait_for: 73 | timeout: 20 74 | 75 | - name: Create Nextcloud container 76 | containers.podman.podman_container: 77 | debug: no 78 | conmon_pidfile: "{{ NC_CONMON_PIDFILE }}" 79 | image: "{{ NC_IMAGE }}" 80 | image_strict: yes 81 | pod: "{{ POD_NAME }}" 82 | recreate: yes 83 | state: started 84 | name: "{{ NC_NAME }}" 85 | env: 86 | MYSQL_DATABASE: "{{ MYSQL_DATABASE }}" 87 | MYSQL_USER: "{{ MYSQL_USER }}" 88 | MYSQL_PASSWORD: "{{ MYSQL_PASSWORD }}" 89 | MYSQL_HOST: "{{ MYSQL_HOST }}" 90 | NEXTCLOUD_ADMIN_USER: "{{ NEXTCLOUD_ADMIN_USER }}" 91 | NEXTCLOUD_ADMIN_PASSWORD: "{{ NEXTCLOUD_ADMIN_PASSWORD }}" 92 | NEXTCLOUD_TRUSTED_DOMAINS: "{{ NEXTCLOUD_TRUSTED_DOMAINS }}" 93 | SMTP_HOST: "{{ SMTP_HOST }}" 94 | SMTP_SECURE: "{{ SMTP_SECURE }}" 95 | SMTP_PORT: "{{ SMTP_PORT }}" 96 | SMTP_AUTHTYPE: "{{ SMTP_AUTHTYPE }}" 97 | SMTP_NAME: "{{ SMTP_NAME }}" 98 | SMTP_PASSWORD: "{{ SMTP_PASSWORD }}" 99 | MAIL_FROM_ADDRESS: "{{ MAIL_FROM_ADDRESS }}" 100 | MAIL_DOMAIN: "{{ MAIL_DOMAIN }}" 101 | OVERWRITEPROTOCOL: "{{ NEXTCLOUD_OVERWRITEPROTOCOL }}" 102 | OVERWRITECLIURL: "{{ NEXTCLOUD_OVERWRITECLIURL }}" 103 | volume: 104 | - "{{ NC_HTML }}:/var/www/html:Z" 105 | - "{{ NC_APPS }}:/var/www/html/custom_apps:Z" 106 | - "{{ NC_CONFIG }}:/var/www/html/config:Z" 107 | - "{{ NC_DATA }}:/var/www/html/data:Z" 108 | -------------------------------------------------------------------------------- /tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | connection: local 5 | roles: 6 | - ansible_role_deploy_nextcloud_with_mariadb_pod 7 | --------------------------------------------------------------------------------