From d5853e678d394b32059811cd020ebb004e91ba66 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Sun, 28 Oct 2018 16:02:19 -0400
Subject: [PATCH 01/17] Update main.yml

---
 roles/elgg/tasks/main.yml | 59 +++++++++++++++++++++------------------
 1 file changed, 32 insertions(+), 27 deletions(-)

diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml
index 5d36b6ad2..4f64e0de9 100644
--- a/roles/elgg/tasks/main.yml
+++ b/roles/elgg/tasks/main.yml
@@ -1,10 +1,14 @@
 # Assume we only get here if elgg_install: True
-# Assume mysql is running
+# Assume MySQL is running
 
 - name: Download current version from our site
-  shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }}
-  args:
-    creates: "{{ downloads_dir }}/elgg-{{ elgg_version }}.zip"
+  #shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }}
+  #args:
+  #  creates: "{{ downloads_dir }}/elgg-{{ elgg_version }}.zip"
+  get_url:
+    url: "{{ iiab_download_url }}/elgg-{{ elgg_version }}.zip"
+    dest: "{{ downloads_dir }}"
+    timeout: "{{ download_timeout }}"
   when: internet_available
 
 - name: Determine if software is already expanded
@@ -12,12 +16,15 @@
     path: "/opt/elgg-{{ elgg_version }}/index.php"
   register: elgg
 
-# use unzip and shell until unarchive works again
-# unarchive: dest=/opt/
-#            src={{ downloads_dir }}/elgg-{{ elgg_version }}.zip
-
 - name: Expand it to our location unless already done
-  shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt"
+  #shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt"
+  unarchive:
+    #remote_src: yes
+    #src: "{{ iiab_download_url }}/elgg-{{ elgg_version }}.zip"
+    src: "{{ downloads_dir }}/elgg-{{ elgg_version }}.zip"
+    dest: /opt
+    owner: "{{ apache_user }}"
+    group: "{{ apache_user }}"
   when: elgg.stat.exists is defined and not elgg.stat.exists
 
 - name: Create a link to the versioned elgg-* folder
@@ -29,9 +36,7 @@
     state: link
     force: true
 
-# Use template to fix up settings in elgg-config/settings.php with our variables substituted.
-# Note this will overwrite any manual settings.
-- name: Substitute our parameters in /opt/elgg/elgg-config/settings.php
+- name: Install /opt/elgg/elgg-config/settings.php from template (WARNING: overwrites manual settings!)
   template:
     src: "settings.php.j2"
     dest: "/opt/{{ elgg_xx }}/elgg-config/settings.php"
@@ -69,7 +74,7 @@
     state: directory
     owner: "{{ apache_user }}"
 
-- name: Change ownership
+- name: Change ownership (likely not nec, unarchive & all do this above)
   file:
     path: "/opt/elgg-{{ elgg_version }}"
     owner: "{{ apache_user }}"
@@ -82,7 +87,7 @@
     name: "{{ dbname }}"
   register: create_elgg_database
 
-- name: Create a user to access the Elgg database - can be run more than once
+- name: Create user/password to access Elgg database - can be run more than once
   mysql_user:
     name: "{{ dbuser }}"
     host: "{{ item }}"
@@ -93,7 +98,7 @@
     - ::1
     - localhost
 
-- name: Create file to load database
+- name: Create /tmp/elggdb.sql from template, to load database
   template:
     src: "elggdb.sql.j2"
     dest: "/tmp/elggdb.sql"
@@ -102,42 +107,47 @@
 # tar up a mysqldump of freshly installed database and use it in the install to avoid the startup
 # form, which worries me a lot. (/var/lib/mysql/elggdb)
 
-- name: Load Elgg database dump
+- name: Load Elgg database from /tmp/elggdb.sql
   mysql_db:
     name: "{{ dbname }}"
     state: import
     target: /tmp/elggdb.sql
   when: create_elgg_database.changed
 
-- name: Remove database dump after load
+- name: Remove database dump /tmp/elggdb.sql
   file:
     name: /tmp/elggdb.sql
     state: absent
 
-- name: Install config file for Elgg in Apache
+- name: Install Apache's elgg.conf from template, for http://box/elgg
   template:
     src: elgg.conf
     dest: "/etc/{{ apache_config_dir }}/elgg.conf"
 
-- name: Enable Elgg for debuntu (will already be enabled above for redhat)
+- name: Create symlink elgg.conf from sites-enabled to sites-available (debuntu, not nec for redhat)
   file:
     src: /etc/apache2/sites-available/elgg.conf
-    dest: /etc/apache2/sites-enabled/elgg.conf
+    path: /etc/apache2/sites-enabled/elgg.conf
     state: link
   when: elgg_enabled and is_debuntu
 
-- name: Disable Elgg - remove config file for Elgg in Apache (debuntu)
+- name: Remove symlink elgg.conf from sites-enabled (debuntu)
   file:
     path: /etc/apache2/sites-enabled/elgg.conf
     state: absent
   when: not elgg_enabled and is_debuntu
 
-- name: Disable Elgg - remove config file for Elgg in Apache (redhat)
+- name: Remove Apache's elgg.conf (redhat)
   file:
     dest: "/etc/{{ apache_config_dir }}/elgg.conf"
     state: absent
   when: not elgg_enabled and is_redhat
 
+- name: Restart Apache, to enable/disable http://box/elgg
+  service:
+    name: "{{ apache_service }}"
+    state: restarted
+
 - name: Add 'elgg' to list of services at {{ iiab_ini_file }}
   ini_file:
     dest: "{{ iiab_ini_file }}"
@@ -153,8 +163,3 @@
       value: /opt/elgg
     - option: enabled
       value: "{{ elgg_enabled }}"
-
-- name: Restart Apache, so it picks up the new aliases
-  service:
-    name: "{{ apache_service }}"
-    state: restarted

From edfdf0463520bc4afc5d7e7a7d4c252fd41ab617 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Sun, 28 Oct 2018 16:07:25 -0400
Subject: [PATCH 02/17] Update main.yml

---
 roles/elgg/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml
index 4f64e0de9..43138d4c8 100644
--- a/roles/elgg/tasks/main.yml
+++ b/roles/elgg/tasks/main.yml
@@ -36,7 +36,7 @@
     state: link
     force: true
 
-- name: Install /opt/elgg/elgg-config/settings.php from template (WARNING: overwrites manual settings!)
+- name: 'Install /opt/elgg/elgg-config/settings.php from template (WARNING: overwrites manual settings!)'
   template:
     src: "settings.php.j2"
     dest: "/opt/{{ elgg_xx }}/elgg-config/settings.php"

From 4a251ef0a339787aba03600cee01ebf52cd8eec4 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Sun, 28 Oct 2018 18:02:17 -0400
Subject: [PATCH 03/17] Update main.yml

---
 roles/elgg/tasks/main.yml | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml
index 43138d4c8..226709b02 100644
--- a/roles/elgg/tasks/main.yml
+++ b/roles/elgg/tasks/main.yml
@@ -1,7 +1,7 @@
 # Assume we only get here if elgg_install: True
 # Assume MySQL is running
 
-- name: Download current version from our site
+- name: Download {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip to {{ downloads_dir }}
   #shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }}
   #args:
   #  creates: "{{ downloads_dir }}/elgg-{{ elgg_version }}.zip"
@@ -11,12 +11,12 @@
     timeout: "{{ download_timeout }}"
   when: internet_available
 
-- name: Determine if software is already expanded
+- name: Check for existence of /opt/elgg-{{ elgg_version }}/index.php
   stat:
     path: "/opt/elgg-{{ elgg_version }}/index.php"
   register: elgg
 
-- name: Expand it to our location unless already done
+- name: Unpack (unarchive) to /opt, if above index.php doesn't exist
   #shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt"
   unarchive:
     #remote_src: yes
@@ -27,10 +27,10 @@
     group: "{{ apache_user }}"
   when: elgg.stat.exists is defined and not elgg.stat.exists
 
-- name: Create a link to the versioned elgg-* folder
+- name: Create softlink from /opt/elgg to /opt/elgg-{{ elgg_version }}
   file:
     src: "./elgg-{{ elgg_version }}"
-    dest: /opt/elgg
+    path: /opt/elgg
     owner: "{{ apache_user }}"
     group: "{{ apache_user }}"
     state: link
@@ -44,7 +44,7 @@
     group: "{{ apache_user }}"
 
 # The name of this file changed from 1.9 to 1.10.
-- name: Copy default .htaccess to the root directory of Elgg tree
+- name: Copy default .htaccess into /opt/{{ elgg_xx }}, root of Elgg tree
   copy:
     src: "/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist"
     dest: "/opt/{{ elgg_xx }}/.htaccess"
@@ -53,28 +53,22 @@
     group: "{{ apache_user }}"
 
 #regexp='^#RewriteBase'
-- name: Modify .htaccess to have RewriteBase as our directory
+- name: Change .htaccess to include RewriteBase for http://box/elgg
   lineinfile:
     backup: no
-    dest: "/opt/{{ elgg_xx }}/.htaccess"
+    path: "/opt/{{ elgg_xx }}/.htaccess"
     state: present
     insertafter: '^#RewriteBase'
     line: "RewriteBase {{ elgg_url }}/"
 
-- name: Change permissions on engine directory so Apache can write
+- name: Set /opt/elgg/engine directory permissions to 0755 so Apache can write there
   file:
     path: /opt/elgg/engine/
     owner: "{{ apache_user }}"
     mode: 0755
     state: directory
 
-- name: Create an upload directory that Apache can write in or Elgg
-  file:
-    path: "{{ elgg_upload_path }}"
-    state: directory
-    owner: "{{ apache_user }}"
-
-- name: Change ownership (likely not nec, unarchive & all do this above)
+- name: Change /opt/elgg-{{ elgg_version }} ownership to {{ apache_user }}:{{ apache_user }} (likely not nec, as unarchive & all do this above)
   file:
     path: "/opt/elgg-{{ elgg_version }}"
     owner: "{{ apache_user }}"
@@ -82,7 +76,13 @@
     recurse: yes
     state: directory
 
-- name: Create a MySQL database for Elgg - can be run more than once
+- name: Create upload directory {{ elgg_upload_path }} that Apache (and Elgg) can write to
+  file:
+    path: "{{ elgg_upload_path }}"
+    state: directory
+    owner: "{{ apache_user }}"
+
+- name: Create Elgg's MySQL database {{ dbname }} - can be run more than once
   mysql_db:
     name: "{{ dbname }}"
   register: create_elgg_database
@@ -107,7 +107,7 @@
 # tar up a mysqldump of freshly installed database and use it in the install to avoid the startup
 # form, which worries me a lot. (/var/lib/mysql/elggdb)
 
-- name: Load Elgg database from /tmp/elggdb.sql
+- name: Populate Elgg's MySQL database {{ dbname }}, from /tmp/elggdb.sql
   mysql_db:
     name: "{{ dbname }}"
     state: import

From c24930854c1a73f7a0baab470d6b38e5d1f6c5b4 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Sun, 28 Oct 2018 18:06:01 -0400
Subject: [PATCH 04/17] Update main.yml

---
 roles/elgg/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml
index 226709b02..258c2d3ed 100644
--- a/roles/elgg/tasks/main.yml
+++ b/roles/elgg/tasks/main.yml
@@ -82,7 +82,7 @@
     state: directory
     owner: "{{ apache_user }}"
 
-- name: Create Elgg's MySQL database {{ dbname }} - can be run more than once
+- name: Create Elgg's MySQL database {{ dbname }}, to be populated below - can be run more than once
   mysql_db:
     name: "{{ dbname }}"
   register: create_elgg_database

From 9056069810e1d5ab08db9bdd9be52ed16a0be06b Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Sun, 28 Oct 2018 18:11:42 -0400
Subject: [PATCH 05/17] Update main.yml

---
 roles/elgg/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml
index 258c2d3ed..05d804b09 100644
--- a/roles/elgg/tasks/main.yml
+++ b/roles/elgg/tasks/main.yml
@@ -16,7 +16,7 @@
     path: "/opt/elgg-{{ elgg_version }}/index.php"
   register: elgg
 
-- name: Unpack (unarchive) to /opt, if above index.php doesn't exist
+- name: Unpack (unarchive) .zip to /opt, if above index.php doesn't exist
   #shell: "/usr/bin/unzip -o {{ downloads_dir }}/elgg-{{ elgg_version }}.zip -d /opt"
   unarchive:
     #remote_src: yes

From 314990cc94f99912b0e02949c8d69860b38a8f07 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 00:11:12 -0400
Subject: [PATCH 06/17] Update main.yml

---
 roles/sugarizer/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml
index f2e9a557d..e6e62c108 100644
--- a/roles/sugarizer/tasks/main.yml
+++ b/roles/sugarizer/tasks/main.yml
@@ -59,6 +59,8 @@
 
 - name: Set up Node.js 8.x apt sources (debuntu, but avoid ubuntu-18)
   shell: curl -sL https://deb.nodesource.com/setup_8.x | bash -
+  args:
+    warn: no
   when: internet_available and is_debuntu and not is_ubuntu_18
 
 - name: Install latest Node.js which includes /usr/bin/npm (debuntu, but avoid ubuntu-18)

From eb810ecc9b3ab3e04f7100eb75fc5a6ef7decdcb Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 00:28:17 -0400
Subject: [PATCH 07/17] Update main.yml

---
 roles/postgresql/tasks/main.yml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml
index a5b644420..ca6196cc3 100644
--- a/roles/postgresql/tasks/main.yml
+++ b/roles/postgresql/tasks/main.yml
@@ -48,15 +48,21 @@
   when: is_debuntu
 
 - name: Initialize the postgres db (debuntu)
-  command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab"
+  #command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab"
+  command: /usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab
   args:
     creates: /library/pgsql-iiab/pg_hba.conf
+  become: yes
+  become_user: postgres
   when: is_debuntu
 
 - name: Initialize the postgres db (OS's other than debuntu)
-  command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab"
+  #command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab"
+  command: /usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab
   args:
     creates: /library/pgsql-iiab/pg_hba.conf
+  become: yes
+  become_user: postgres
   when: not is_debuntu
 
 - name: Configure PostgreSQL

From a6a6e61cdc1081e7ec446f7e4a80439db1cdf3aa Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 00:28:34 -0400
Subject: [PATCH 08/17] Update nextcloud_enabled.yml

---
 roles/nextcloud/tasks/nextcloud_enabled.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml
index 780529d66..de12e89df 100644
--- a/roles/nextcloud/tasks/nextcloud_enabled.yml
+++ b/roles/nextcloud/tasks/nextcloud_enabled.yml
@@ -55,7 +55,7 @@
 
 - name: Allow access from all hosts and ips
   command: php '{{ nextcloud_prefix }}/nextcloud/occ' config:system:set trusted_domains 1 --value=*
-  become: true
+  become: yes
   become_user: "{{ apache_user }}"
   when: nextcloud_enabled and returned.stdout == "false"
 

From f03eb1300f5eddf9e6b1405e36049a09f295e24a Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 00:38:38 -0400
Subject: [PATCH 09/17] Update nextcloud_enabled.yml

---
 roles/nextcloud/tasks/nextcloud_enabled.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml
index de12e89df..ee7f0a53c 100644
--- a/roles/nextcloud/tasks/nextcloud_enabled.yml
+++ b/roles/nextcloud/tasks/nextcloud_enabled.yml
@@ -71,11 +71,13 @@
 # nextcloud wants to make users rather than just mysql users and not done
 - name: Create the default user
   shell: >
-    su -s /bin/sh {{ apache_user }} -c
-    'OC_PASS={{ nextcloud_user_password }};
+    #su -s /bin/sh {{ apache_user }} -c
+    OC_PASS={{ nextcloud_user_password }};
     php {{ nextcloud_prefix }}/nextcloud/occ user:add
     --password-from-env --display-name={{ nextcloud_user }}
-    --group="users" {{ nextcloud_user }}'
+    --group="users" {{ nextcloud_user }}
+  become: yes
+  become_user: "{{ apache_user }}"
   when: nextcloud_enabled and returned_count == "0"
 
 - name: Remove overwrite.cli.url line (Rewrite URL) from /opt/nextcloud/config/config.php

From 5ad953dbd0d300802adf53e59ce2154bea1cad25 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 01:56:27 -0400
Subject: [PATCH 10/17] Update nextcloud_enabled.yml

---
 roles/nextcloud/tasks/nextcloud_enabled.yml | 62 +++++++++++++--------
 1 file changed, 38 insertions(+), 24 deletions(-)

diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml
index ee7f0a53c..50badd564 100644
--- a/roles/nextcloud/tasks/nextcloud_enabled.yml
+++ b/roles/nextcloud/tasks/nextcloud_enabled.yml
@@ -13,20 +13,26 @@
     mode: 0644
   when: nextcloud_enabled
 
-- name: Create symlink from sites-available to sites-enabled for http://box/nextcloud (debuntu)
+- name: Create symlink nextcloud.conf from sites-enabled to sites-available for http://box/nextcloud (debuntu)
   file:
-    src: /etc/apache2/sites-available/nextcloud.conf
+    src: "/etc/{{ apache_config_dir }}/nextcloud.conf"
     path: /etc/apache2/sites-enabled/nextcloud.conf
     state: link
   when: nextcloud_enabled and is_debuntu
 
-- name: Remove nextcloud.conf if not nextcloud_enabled (redhat)
+- name: Remove symlink nextcloud.conf from /etc/apache2/sites-enabled if not nextcloud_enabled (debuntu)
+  file:
+    path: /etc/apache2/sites-enabled/nextcloud.conf
+    state: absent
+  when: not nextcloud_enabled and is_debuntu
+
+- name: Remove sites-available/nextcloud.conf if not nextcloud_enabled (redhat)
   file:
     path: "/etc/{{ apache_config_dir }}/nextcloud.conf"
     state: absent
   when: not nextcloud_enabled and is_redhat
 
-- name: Restart Apache, enabling http://box/nextcloud
+- name: Restart Apache, enabling/disabling http://box/nextcloud
   service:
     name: "{{ apache_service }}"
     state: restarted
@@ -59,26 +65,34 @@
   become_user: "{{ apache_user }}"
   when: nextcloud_enabled and returned.stdout == "false"
 
-- name: Determine if Nextcloud user exists already
-  shell: >
-    #sudo -u {{ apache_user }}
-    php '{{ nextcloud_prefix }}/nextcloud/occ' user:list |
-    grep {{ nextcloud_user }} | wc | cut -d' ' -f1
-  become: yes
-  become_user: "{{ apache_user }}"
-  register: returned_count
-
-# nextcloud wants to make users rather than just mysql users and not done
-- name: Create the default user
-  shell: >
-    #su -s /bin/sh {{ apache_user }} -c
-    OC_PASS={{ nextcloud_user_password }};
-    php {{ nextcloud_prefix }}/nextcloud/occ user:add
-    --password-from-env --display-name={{ nextcloud_user }}
-    --group="users" {{ nextcloud_user }}
-  become: yes
-  become_user: "{{ apache_user }}"
-  when: nextcloud_enabled and returned_count == "0"
+# Code below was NEVER RUNNING as of 2018-10-29, as "wc | cut -d' ' -f1" ALWAYS
+# returns null (rather than the intended returned_count !)  This fragment could
+# be replace with "wc -l" or "wc | awk '{print $1}'" if it truly needs fixing?
+#
+# Or perhaps default user/password nextcloud/nextcloudmysql (from variables
+# nextcloud_user/nextcloud_user_password) is just not needed in the end...
+# 
+#- name: Determine if Nextcloud user exists already
+#  shell: >
+#    #sudo -u {{ apache_user }}
+#    php '{{ nextcloud_prefix }}/nextcloud/occ' user:list |
+#    grep {{ nextcloud_user }} | wc | cut -d' ' -f1
+#    #grep {{ nextcloud_user }} | wc -l
+#  become: yes
+#  become_user: "{{ apache_user }}"
+#  register: returned_count
+#
+## nextcloud wants to make users rather than just mysql users and not done
+#- name: Create the default user
+#  shell: >
+#    #su -s /bin/sh {{ apache_user }} -c
+#    OC_PASS={{ nextcloud_user_password }};
+#    php {{ nextcloud_prefix }}/nextcloud/occ user:add
+#    --password-from-env --display-name={{ nextcloud_user }}
+#    --group="users" {{ nextcloud_user }}
+#  become: yes
+#  become_user: "{{ apache_user }}"
+#  when: nextcloud_enabled and returned_count == "0"
 
 - name: Remove overwrite.cli.url line (Rewrite URL) from /opt/nextcloud/config/config.php
   lineinfile:

From 17847d05d0d189c4831311a33d8287d16b61648a Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 03:18:58 -0400
Subject: [PATCH 11/17] Update main.yml

---
 roles/nextcloud/tasks/main.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 8195f3b8a..ce5d5085c 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -13,16 +13,16 @@
 #     msg: "nextcloud_force_install: {{ nextcloud_force_install }}"
 
 
-- name: Download latest Nextcloud software to /opt/iiab/download/{{ nextcloud_src_file }}
+- name: Download {{ nextcloud_dl_url }}/{{ nextcloud_orig_src_file }} to {{ downloads_dir }}/{{ nextcloud_src_file }}
   get_url:
     url: "{{ nextcloud_dl_url }}/{{ nextcloud_orig_src_file }}"
     dest: "{{ downloads_dir }}/{{ nextcloud_src_file }}"
-    force: yes
-    #validate_certs: False    # TEMPORARY ON/AFTER 2018-07-22 AS download.nextcloud.com CERT EXPIRED: https://github.com/iiab/iiab/issues/954
     timeout: "{{ download_timeout }}"
+    #force: yes
+    #validate_certs: False    # TEMPORARY ON/AFTER 2018-07-22 AS download.nextcloud.com CERT EXPIRED: https://github.com/iiab/iiab/issues/954
   when: internet_available and nextcloud_force_install
-  async: 1800
-  poll: 10
+  #async: 1800
+  #poll: 10
   tags:
     - download
 

From 114a3f7b84a99feb5cd31253bf8ed21fc02be981 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 04:12:35 -0400
Subject: [PATCH 12/17] Update nextcloud_enabled.yml

---
 roles/nextcloud/tasks/nextcloud_enabled.yml | 27 ++++++++++++---------
 1 file changed, 16 insertions(+), 11 deletions(-)

diff --git a/roles/nextcloud/tasks/nextcloud_enabled.yml b/roles/nextcloud/tasks/nextcloud_enabled.yml
index 50badd564..daf63e576 100644
--- a/roles/nextcloud/tasks/nextcloud_enabled.yml
+++ b/roles/nextcloud/tasks/nextcloud_enabled.yml
@@ -40,8 +40,7 @@
 # the install wizard does not succeed if already installed
 - name: Determine if Nextcloud is installed
   shell: >
-    #sudo -u {{ apache_user }}
-    php '{{ nextcloud_prefix }}/nextcloud/occ' status |
+    php {{ nextcloud_prefix }}/nextcloud/occ status |
     gawk '/installed:/ { print $3 }'
   become: yes
   become_user: "{{ apache_user }}"
@@ -50,42 +49,48 @@
 - name: Run Nextcloud initial install wizard
   shell: >
     cd {{ nextcloud_prefix }}/nextcloud;
-    sudo -u {{ apache_user }} php occ maintenance:install
+    php occ maintenance:install
     --database "mysql"
     --database-name "{{ nextcloud_dbname }}"
     --database-user "{{ nextcloud_dbuser }}"
     --database-pass "{{ nextcloud_dbpassword }}"
     --admin-user "{{ nextcloud_admin_user }}"
     --admin-pass "{{ nextcloud_admin_password }}"
+  become: yes
+  become_user: "{{ apache_user }}"
   when: nextcloud_enabled and returned.stdout == "false"
 
 - name: Allow access from all hosts and ips
-  command: php '{{ nextcloud_prefix }}/nextcloud/occ' config:system:set trusted_domains 1 --value=*
+  command: php {{ nextcloud_prefix }}/nextcloud/occ config:system:set trusted_domains 1 --value=*
   become: yes
   become_user: "{{ apache_user }}"
   when: nextcloud_enabled and returned.stdout == "false"
 
 # Code below was NEVER RUNNING as of 2018-10-29, as "wc | cut -d' ' -f1" ALWAYS
-# returns null (rather than the intended returned_count !)  This fragment could
-# be replace with "wc -l" or "wc | awk '{print $1}'" if it truly needs fixing?
+# returns null (rather than the intended returned_count !)  This line could
+# be replaced by ALTERNATIVE 1 or ALTERNATIVE 2 below IF it truly needs fixing.
 #
 # Or perhaps default user/password nextcloud/nextcloudmysql (from variables
 # nextcloud_user/nextcloud_user_password) is just not needed in the end...
+#
+# NOTE: COMMENTS (FOLLOWING '#' SIGN) WITHIN A SHELL COMMAND CAUSE IT TO *FAIL*
 # 
 #- name: Determine if Nextcloud user exists already
 #  shell: >
-#    #sudo -u {{ apache_user }}
-#    php '{{ nextcloud_prefix }}/nextcloud/occ' user:list |
-#    grep {{ nextcloud_user }} | wc | cut -d' ' -f1
-#    #grep {{ nextcloud_user }} | wc -l
+#    php {{ nextcloud_prefix }}/nextcloud/occ user:list |
+#    grep {{ nextcloud_user }} | wc | cut -d' ' -f1        # USELESS
+#    #grep {{ nextcloud_user }} | wc -l                    # ALTERNATIVE 1
+#    #grep {{ nextcloud_user }} | wc | awk '{print $1}'    # ALTERNATIVE 2
 #  become: yes
 #  become_user: "{{ apache_user }}"
 #  register: returned_count
 #
+# debug:
+#   var: returned_count
+#
 ## nextcloud wants to make users rather than just mysql users and not done
 #- name: Create the default user
 #  shell: >
-#    #su -s /bin/sh {{ apache_user }} -c
 #    OC_PASS={{ nextcloud_user_password }};
 #    php {{ nextcloud_prefix }}/nextcloud/occ user:add
 #    --password-from-env --display-name={{ nextcloud_user }}

From 3b99ff697d1083fe6634642fd36ddd9cc4c66a06 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 05:00:07 -0400
Subject: [PATCH 13/17] Update main.yml

---
 roles/nextcloud/tasks/main.yml | 51 +++++++++++++++++-----------------
 1 file changed, 26 insertions(+), 25 deletions(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index ce5d5085c..a22dfb41a 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -1,17 +1,18 @@
-- name: See if Nextcloud version page exists
+- name: Check for existence of /opt/nextcloud/version.php
   stat:
     path: "{{ nextcloud_prefix }}/nextcloud/version.php"
-#   path: "{{ nextcloud_prefix }}/nextcloud/index.php"
   register: nextcloud_page
 
-- name: FORCE INSTALL OR REINSTALL OR UPGRADE IF /opt/nextcloud/version.php DOESN'T EXIST
+- name: FORCE INSTALL OR REINSTALL OR UPGRADE IF {{ nextcloud_prefix }}/nextcloud/version.php DOESN'T EXIST
   set_fact:
     nextcloud_force_install: True
   when: not nextcloud_page.stat.exists
 
 # - debug:
-#     msg: "nextcloud_force_install: {{ nextcloud_force_install }}"
+#     var: nextcloud_force_install
 
+# - debug:
+#     msg: "nextcloud_force_install: {{ nextcloud_force_install }}"
 
 - name: Download {{ nextcloud_dl_url }}/{{ nextcloud_orig_src_file }} to {{ downloads_dir }}/{{ nextcloud_src_file }}
   get_url:
@@ -89,13 +90,13 @@
     #creates: "{{ nextcloud_prefix }}/nextcloud/version.php"
   when: nextcloud_force_install
 
-- name: In CentOS, the following config dir is symlink to /etc/nextcloud
+- name: Create dir /etc/nextcloud (centos) for a subsequent config dir that's symlinked to /etc/nextcloud ?
   file:
     path: /etc/nextcloud
     state: directory
   when: is_centos
 
-- name: Add autoconfig file (CentOS)
+- name: Install {{ nextcloud_prefix }}/nextcloud/config/autoconfig.php from template (centos)
   template:
     src: autoconfig.php.j2
     dest: "{{ nextcloud_prefix }}/nextcloud/config/autoconfig.php"
@@ -104,7 +105,7 @@
     mode: 0640
   when: is_centos
 
-- name: Make Apache owner
+- name: chown -R {{ apache_user }}:{{ apache_user }} {{ nextcloud_prefix }}/nextcloud
   file:
     path: "{{ nextcloud_prefix }}/nextcloud"
     owner: "{{ apache_user }}"
@@ -112,22 +113,20 @@
     recurse: yes
     state: directory
 
-- name: Create data directory library
+- name: Create data directory {{ nextcloud_data_dir }}    # /opt/nextcloud/data
   file:
-    path: "{{ item }}"
+    path: "{{ nextcloud_data_dir }}"
     owner: "{{ apache_user }}"
     group: "{{ apache_user }}"
     mode: 0750
     state: directory
-  with_items:
-    - "{{ nextcloud_data_dir }}"
 
-- name: Create MySQL database {{ nextcloud_dbname }} for Nextcloud
+- name: Create MySQL database {{ nextcloud_dbname }}
   mysql_db:
     name: "{{ nextcloud_dbname }}"
   when: mysql_enabled and nextcloud_enabled
 
-- name: Create username/password for Nextcloud database
+- name: Add username/password to the MySQL database (associated with trusted IP's like localhost)
   mysql_user:
     name: "{{ nextcloud_dbuser }}"
     host: "{{ item }}"
@@ -140,17 +139,15 @@
     - localhost
   when: mysql_enabled and nextcloud_enabled
 
+# Appears unnec as nextcloud_enabled.yml (just below) does the same
+#- name: Restart Apache
+#  service:
+#    name: "{{ apache_service }}"
+#    state: restarted
+## when: nextcloud_enabled     # taken care of by nextcloud_enabled.yml below
+#  when: not nextcloud_enabled
 
-- name: Restart Apache, to enable/disable http://box/nextcloud
-  service:
-    name: "{{ apache_service }}"
-    state: restarted
-# when: nextcloud_enabled     # taken care of by nextcloud_enabled.yml below
-  when: not nextcloud_enabled
-
-# Enable nextcloud by copying template to httpd config
-
-# following enables and disables
+# Enables or disable Nextcloud!
 - include_tasks: nextcloud_enabled.yml
 
 - name: Add 'nextcloud' to list of services at {{ iiab_ini_file }}
@@ -166,7 +163,11 @@
       value: '"NextCloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."'
     - option: path
       value: "{{ nextcloud_prefix }}/nextcloud"
-    - option: source
+    - option: nextcloud_force_install
+      value: "{{ nextcloud_force_install }}"
+    - option: nextcloud_orig_src_file
+      value: "{{ nextcloud_orig_src_file }}"
+    - option: nextcloud_src_file
       value: "{{ nextcloud_src_file }}"
-    - option: enabled
+    - option: nextcloud_enabled
       value: "{{ nextcloud_enabled }}"

From 65e1d144be9628dce2d50856740cc12037d4acf8 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 05:21:15 -0400
Subject: [PATCH 14/17] Update main.yml

---
 roles/nextcloud/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index a22dfb41a..9b5bdc34e 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -121,7 +121,7 @@
     mode: 0750
     state: directory
 
-- name: Create MySQL database {{ nextcloud_dbname }}
+- name: 'Create MySQL database with name: {{ nextcloud_dbname }}'
   mysql_db:
     name: "{{ nextcloud_dbname }}"
   when: mysql_enabled and nextcloud_enabled

From eada34a12fd16645a439ca9885b2f227191611a2 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 05:46:53 -0400
Subject: [PATCH 15/17] Update main.yml

---
 roles/nextcloud/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml
index 4ec76e221..ad908e23e 100644
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@@ -7,7 +7,7 @@ nextcloud_force_install: False
 nextcloud_url: /nextcloud
 nextcloud_prefix: /opt
 nextcloud_data_dir: "{{ content_base }}/nextcloud/data"
-nextcloud_dl_url: https://download.nextcloud.com/server/releases/
+nextcloud_dl_url: https://download.nextcloud.com/server/releases
 nextcloud_orig_src_file: latest-14.tar.bz2
 nextcloud_src_file: nextcloud_{{ nextcloud_orig_src_file }}
 

From f893f5f201030318973a61689e40ac746c93f8ca Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 06:01:15 -0400
Subject: [PATCH 16/17] Update main.yml

---
 roles/httpd/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml
index caf9a8255..deb8b26be 100644
--- a/roles/httpd/tasks/main.yml
+++ b/roles/httpd/tasks/main.yml
@@ -215,7 +215,7 @@
   tags:
     - base
 
-- name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation (will be run at the end of Stage 4 = roles/4-server-options/tasks/main.yml)
+- name: Install /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation.  (This script will run at the end of Stage 4 = roles/4-server-options/tasks/main.yml)
   template:
     src: refresh-wiki-docs.sh
     dest: /usr/bin/iiab-refresh-wiki-docs

From e8320aebcaaed80890202b9557a3b29b0e9c6ec3 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 06:01:49 -0400
Subject: [PATCH 17/17] Update main.yml

---
 roles/4-server-options/tasks/main.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml
index 5b70af543..fab02336e 100644
--- a/roles/4-server-options/tasks/main.yml
+++ b/roles/4-server-options/tasks/main.yml
@@ -23,6 +23,9 @@
   when: squid_install
   tags: base, squid, network, domain
 
+# NETWORK moved to the very end, after Stage 9 (9-LOCAL-ADDONS)
+# It can also be run manually using: cd /opt/iiab/iiab; ./iiab-network
+#
 #- name: NETWORK
 #  include_role:
 #    name: network
@@ -72,7 +75,7 @@
     src: roles/1-prep/templates/iiab_env.py.j2
     dest: /etc/iiab/iiab_env.py
 
-- name: Run /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation (script was installed at the beginning of Stage 3 = roles/3-base-server/tasks/main.yml, which runs the HTTPD playbook = roles/httpd/tasks/main.yml)
+- name: Run /usr/bin/iiab-refresh-wiki-docs (scraper script) to create http://box/info offline documentation.  (This script was installed at the beginning of Stage 3 = roles/3-base-server/tasks/main.yml, which ran Apache playbook = roles/httpd/tasks/main.yml)
   command: /usr/bin/iiab-refresh-wiki-docs
   when: not nodocs