diff --git a/check_stack_nextcloud.yml b/check_stack_nextcloud.yml new file mode 100644 index 0000000..9bd48d1 --- /dev/null +++ b/check_stack_nextcloud.yml @@ -0,0 +1,29 @@ +--- +- name: Upload and run stack health checks + hosts: proxmox + become: true + + vars: + health_script_path: /data/compose/nextcloud/stack-health.sh + + tasks: + - name: Upload stack-health.sh + ansible.builtin.copy: + src: files/stack-health.sh + dest: "{{ health_script_path }}" + mode: '0755' + + - name: Run stack-health.sh + ansible.builtin.shell: "{{ health_script_path }}" + register: health + args: + executable: /bin/bash + + - name: Show health output + ansible.builtin.debug: + msg: "{{ health.stdout | default('no stdout') }}" + + - name: Fail if checks failed (rc != 0) + ansible.builtin.fail: + msg: "Health checks failed" + when: health.rc != 0 \ No newline at end of file diff --git a/collabora_update.yml b/collabora_update.yml new file mode 100644 index 0000000..5603377 --- /dev/null +++ b/collabora_update.yml @@ -0,0 +1,30 @@ +--- +- name: Update Collabora (pull + recreate in same compose project) + hosts: proxmox + become: true + + vars: + collabora_compose_path: /data/compose/nextcloud/collabora-only.yml + collabora_project_name: nextcloud-collabora # based on your labels + + tasks: + - name: Pull collabora/code:latest image + community.docker.docker_image: + name: collabora/code + tag: latest + source: pull + + # Compose file contains only service "collabora", so this acts on that service only + - name: Compose pull (ensure freshest image) + community.docker.docker_compose_v2: + project_name: "{{ collabora_project_name }}" + files: ["{{ collabora_compose_path }}"] + pull: always + state: present + + - name: Recreate collabora with new image + community.docker.docker_compose_v2: + project_name: "{{ collabora_project_name }}" + files: ["{{ collabora_compose_path }}"] + recreate: always + state: present \ No newline at end of file diff --git a/nextcloud_backup.yml b/nextcloud_backup.yml new file mode 100644 index 0000000..54e373c --- /dev/null +++ b/nextcloud_backup.yml @@ -0,0 +1,38 @@ +--- +- name: Nextcloud backup (config, custom_apps, DB) + hosts: proxmox + become: true + + vars: + nc_root: /data/compose/nextcloud + backup_dir: "{{ nc_root }}/backup-{{ ansible_date_time.date }}" + db_container: nextcloud-db + + tasks: + - name: Ensure backup directory exists + ansible.builtin.file: + path: "{{ backup_dir }}" + state: directory + mode: '0755' + + # Use archive module to create tar.gz directly on the remote host + - name: Archive config directory + ansible.builtin.archive: + path: "{{ nc_root }}/config" + dest: "{{ backup_dir }}/config.tgz" + format: gz + + - name: Archive custom_apps directory + ansible.builtin.archive: + path: "{{ nc_root }}/custom_apps" + dest: "{{ backup_dir }}/custom_apps.tgz" + format: gz + + # Dump DB directly to a file on the host (avoid shuttling dump through Ansible) + - name: Dump MariaDB from container to file + ansible.builtin.shell: | + set -euo pipefail + docker exec {{ db_container }} sh -c 'command -v mariadb-dump >/dev/null && mariadb-dump -u"$$MYSQL_USER" -p"$$MYSQL_PASSWORD" "$$MYSQL_DATABASE" || mysqldump -u"$$MYSQL_USER" -p"$$MYSQL_PASSWORD" "$$MYSQL_DATABASE"' \ + > "{{ backup_dir }}/db.sql" + args: + executable: /bin/bash \ No newline at end of file diff --git a/nextcloud_upgrade.yml b/nextcloud_upgrade.yml new file mode 100644 index 0000000..a7ef00a --- /dev/null +++ b/nextcloud_upgrade.yml @@ -0,0 +1,112 @@ +--- +- name: Upgrade Nextcloud to 31-apache (pull + recreate + occ) + hosts: proxmox + become: true + + vars: + nc_container: nextcloud + nc_image_tag: "31-apache" # change to 32-apache when you step to next major + # Ports/volumes/env exactly as you use: + nc_root: /data/compose/nextcloud + nc_http_port: "8080:80" + + tasks: + - name: Gather nextcloud container info + community.docker.docker_container_info: + name: "{{ nc_container }}" + register: nc_info + + - name: Derive compose project & network from existing container + ansible.builtin.set_fact: + nc_project: "{{ nc_info.container.Config.Labels['com.docker.compose.project'] | default('nextcloud') }}" + nc_networks: "{{ (nc_info.container.NetworkSettings.Networks | default({})).keys() | list }}" + nc_net_primary: "{{ (nc_info.container.NetworkSettings.Networks | default({})).keys() | list | first }}" + when: nc_info.exists + + - name: Enable maintenance mode + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ maintenance:mode --on + + - name: Render one-off compose for nextcloud (single-service) + ansible.builtin.copy: + dest: /tmp/nc.yml + mode: '0644' + content: | + name: {{ nc_project }} + services: + nextcloud: + image: nextcloud:{{ nc_image_tag }} + container_name: {{ nc_container }} + restart: unless-stopped + networks: [cloud] + ports: ["{{ nc_http_port }}"] + volumes: + - {{ nc_root }}/config:/var/www/html/config + - {{ nc_root }}/data:/var/www/html/data + - {{ nc_root }}/custom_apps:/var/www/html/custom_apps + environment: + TZ: Europe/Prague + MYSQL_DATABASE: nextcloud + MYSQL_USER: nextcloud + MYSQL_PASSWORD: dbpassword + MYSQL_HOST: nextclouddb + REDIS_HOST: redis + NEXTCLOUD_ADMIN_USER: root + NEXTCLOUD_ADMIN_PASSWORD: '1234SilneHeslo.-.' + networks: + cloud: + external: true + name: {{ nc_net_primary }} + + - name: Pull the new Nextcloud image + community.docker.docker_compose_v2: + project_name: "{{ nc_project }}" + files: ["/tmp/nc.yml"] + pull: always + state: present + + - name: Recreate Nextcloud with the new image + community.docker.docker_compose_v2: + project_name: "{{ nc_project }}" + files: ["/tmp/nc.yml"] + recreate: always + state: present + + - name: Run occ upgrade + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ upgrade + + - name: Recommended DB maintenance (safe to run) + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ db:add-missing-indices + ignore_errors: true + + - name: Convert filecache bigint (safe) + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ db:convert-filecache-bigint --no-interaction + ignore_errors: true + + - name: Disable maintenance mode + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ maintenance:mode --off + + - name: Show status + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ status + register: nc_status + + - name: Print status + ansible.builtin.debug: + msg: "{{ nc_status.stdout | default('no output') }}" \ No newline at end of file diff --git a/redis_update.yml b/redis_update.yml new file mode 100644 index 0000000..99cd802 --- /dev/null +++ b/redis_update.yml @@ -0,0 +1,75 @@ +--- +- name: Update Redis (pull + recreate, same stack) + hosts: proxmox + become: true + + vars: + nc_container: nextcloud + redis_container: redis + redis_image: "redis:7-alpine" + nc_root: /data/compose/nextcloud + + tasks: + - name: Gather nextcloud container info (to learn project + network) + community.docker.docker_container_info: + name: "{{ nc_container }}" + register: nc_info + + - name: Derive compose project & network + ansible.builtin.set_fact: + nc_project: "{{ nc_info.container.Config.Labels['com.docker.compose.project'] | default('nextcloud') }}" + nc_net_primary: "{{ (nc_info.container.NetworkSettings.Networks | default({})).keys() | list | first }}" + when: nc_info.exists + + - name: Enable maintenance mode (optional safety) + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ maintenance:mode --on + ignore_errors: true + + - name: Render one-off compose for Redis + ansible.builtin.copy: + dest: /tmp/redis.yml + mode: '0644' + content: | + name: {{ nc_project }} + services: + redis: + image: {{ redis_image }} + container_name: {{ redis_container }} + restart: unless-stopped + networks: [cloud] + volumes: + - {{ nc_root }}/redis:/data + networks: + cloud: + external: true + name: {{ nc_net_primary }} + + - name: Pull redis image + community.docker.docker_compose_v2: + project_name: "{{ nc_project }}" + files: ["/tmp/redis.yml"] + pull: always + state: present + + - name: Recreate redis + community.docker.docker_compose_v2: + project_name: "{{ nc_project }}" + files: ["/tmp/redis.yml"] + recreate: always + state: present + + - name: Disable maintenance mode (if we turned it on) + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php occ maintenance:mode --off + ignore_errors: true + + - name: Fire one cron tick (cleanup pending jobs) + community.docker.docker_container_exec: + container: "{{ nc_container }}" + user: "www-data" + command: php -f /var/www/html/cron.php \ No newline at end of file diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..d8b970d --- /dev/null +++ b/requirements.yml @@ -0,0 +1,4 @@ +--- +collections: + - name: community.docker + - name: ansible.posix \ No newline at end of file