From 004b560004ab1ab857c21280a5ef83ad1769c213 Mon Sep 17 00:00:00 2001 From: fencl Date: Fri, 3 Oct 2025 15:30:32 +0200 Subject: [PATCH] Refactor portainer.yml and check_stack_nextcloud.yml: restore ansible_password, enhance sudo settings, and improve command formatting for clarity. --- host_vars/portainer.yml | 14 +++++++++++--- nextcloud/check_stack_nextcloud.yml | 15 ++++++++++++--- 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/host_vars/portainer.yml b/host_vars/portainer.yml index e131765..816ca30 100644 --- a/host_vars/portainer.yml +++ b/host_vars/portainer.yml @@ -1,6 +1,14 @@ ansible_user: howard -ansible_password: "x" - +ansible_password: "Papadopolus0" # TIP: Put this in Ansible Vault. ansible_connection: ssh ansible_port: 22 -ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -J root@192.168.69.2" \ No newline at end of file +ansible_ssh_common_args: >- + -o StrictHostKeyChecking=no + -o UserKnownHostsFile=/dev/null + -J root@192.168.69.2 + +# If howard is NOT in the 'docker' group, we need sudo: +ansible_become: true +ansible_become_method: sudo +# If sudo asks for a password, also set: +# ansible_become_password: "*******" # ideally via Vault \ No newline at end of file diff --git a/nextcloud/check_stack_nextcloud.yml b/nextcloud/check_stack_nextcloud.yml index c867448..e758409 100644 --- a/nextcloud/check_stack_nextcloud.yml +++ b/nextcloud/check_stack_nextcloud.yml @@ -2,8 +2,13 @@ - name: Nextcloud maintenance (cron, app updates, repair, status, health check) hosts: nextcloud_host gather_facts: false + become: true + become_user: root + become_method: sudo + vars: nextcloud_container: nextcloud + tasks: - name: Ensure docker CLI is available ansible.builtin.command: @@ -15,10 +20,14 @@ - name: Verify Nextcloud container is running ansible.builtin.command: - argv: ["docker", "ps", "--format", "{{.Names}}"] + argv: + - docker + - ps + - --format + - "{{ '{{' }}.Names{{ '}}' }}" changed_when: false register: docker_ps - # English: List running containers by name. + # English: We must escape Go template braces so Ansible doesn't render them. - name: Fail if '{{ nextcloud_container }}' is not running ansible.builtin.fail: @@ -100,4 +109,4 @@ - "repair stdout: {{ repair_run.stdout | default('') }}" - "repair stderr: {{ repair_run.stderr | default('') }}" - "occ status:\n{{ occ_status.stdout | default('') }}" - - "health stdout:\n{{ health.stdout | default('') }}" + - "health stdout:\n{{ health.stdout | default('') }}" \ No newline at end of file