external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

Merge pull request #287 from iiab/master

Browse source 
sync from iiab/iiab
This commit is contained in:
A Holt 2019-09-04 14:20:12 -04:00 committed by GitHub
commit 1ae861c5dc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

14
roles/nextcloud/README.md Normal file
View file

@ -0,0 +1,14 @@
# Nextcloud
This Ansible playbook was derived from an earlier ownCloud playbook thanks to [Josh Dennis](https://github.com/floydianslips) in 2016/2017.
Login to Nextcloud at http://box/nextcloud, http://box.lan/nextcloud, http://172.18.96.1/nextcloud (or similar) using:
Username: Admin
Password: changeme
Going forward, should Internet-in-a-Box consider integrating optimizations (or more!) from these below?
- https://github.com/nextcloud/nextcloudpi
- https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
- https://ownyourbits.com/nextcloudpi/

1
roles/nextcloud/defaults/main.yml
View file

@ -29,4 +29,5 @@ nextcloud_user_password: nextcloudmysql
nextcloud_admin_user: 'Admin' nextcloud_admin_user: 'Admin'
nextcloud_admin_password: 'changeme' nextcloud_admin_password: 'changeme'
# 2019-09-04: UNUSED (due to changes in roles/nextcloud/templates/nextcloud.conf.j2)
nextcloud_required_ip: 10.0.0.0/8 192.168.0.0/16 nextcloud_required_ip: 10.0.0.0/8 192.168.0.0/16

2
roles/nextcloud/tasks/enable_or_disable.yml
View file

@ -1,4 +1,5 @@
# This should go in computed_network.yml, but here for now # This should go in computed_network.yml, but here for now
# 2019-09-04: THE NEXT 4 LINES ARE UNUSED (due to changes in roles/nextcloud/templates/nextcloud.conf.j2)
- name: Compute Nextcloud listen ip addr for nextcloud.conf - name: Compute Nextcloud listen ip addr for nextcloud.conf
set_fact: set_fact:
nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}" nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
@ -99,6 +100,7 @@
# become_user: "{{ apache_user }}" # become_user: "{{ apache_user }}"
# when: nextcloud_enabled and returned_count == "0" # when: nextcloud_enabled and returned_count == "0"
# 2019-09-04: THE NEXT 5 LINES ARE INEFFECTIVE AND LIKELY USELESS
- name: Remove overwrite.cli.url line (Rewrite URL) from /opt/nextcloud/config/config.php - name: Remove overwrite.cli.url line (Rewrite URL) from /opt/nextcloud/config/config.php
lineinfile: lineinfile:
regexp: "overwrite.cli.url" regexp: "overwrite.cli.url"

8
roles/nextcloud/templates/nextcloud.conf.j2
View file

@ -6,8 +6,14 @@ Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud
<IfModule mod_authz_core.c> <IfModule mod_authz_core.c>
# Apache 2.4 # Apache 2.4
# http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html
Require host localhost Require host localhost
Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0 # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
Require all granted
# WANT BASIC SECURITY BASED ON IPv4 ADDRESSES? THEN USE THIS LINE INSTEAD:
#Require ip 127.0.0.1 172.18.96.1/255.255.224.0 192.168 10
# AVOID THIS LINE WHICH CAUSES PROBLEMS IN SCHOOLS WITH 192.168.1.x etc:
#Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0
</IfModule> </IfModule>
<IfModule !mod_authz_core.c> <IfModule !mod_authz_core.c>
# Apache 2.2 # Apache 2.2