diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index c37269910..d1e7323cd 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -68,7 +68,7 @@ template: src: nextcloud.conf.j2 dest: "/etc/{{ apache_conf_dir }}/nextcloud.conf" # apache2/sites-available on debuntu - when: apache_installed | bool + when: apache_install | bool # RECORD Nextcloud AS INSTALLED diff --git a/roles/nextcloud/templates/nextcloud.conf.j2 b/roles/nextcloud/templates/nextcloud.conf.j2 index dcba0ae0c..89858bdb8 100644 --- a/roles/nextcloud/templates/nextcloud.conf.j2 +++ b/roles/nextcloud/templates/nextcloud.conf.j2 @@ -16,17 +16,17 @@ Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud # 2019-09-04 commenting out towards future removal #Require host localhost -{% if nextcloud_allow_public_ips %} - # PERMIT ACCESS FROM ALL IPv4 ADDRESSES: +#{% if CONDITION %} {# where CONDITION was nextcloud_allow_public_ips #} +# # PERMIT ACCESS FROM ALL IPv4 ADDRESSES: Require all granted - # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY: - #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10 -{% else %} - # PERMIT ACCESS FROM ALL IPv4 ADDRESSES: - #Require all granted - # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY: - Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10 -{% endif %} +# # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY: +# #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10 +#{% else %} +# # PERMIT ACCESS FROM ALL IPv4 ADDRESSES: +# #Require all granted +# # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY: +# Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10 +#{% endif %} {# Reminder that {{ lan_ip }}/{{ lan_netmask }} is 172.18.96.1/255.255.224.0 #} # AVOID THIS LINE AS IT OVERLY RESTRICTS SCHOOLS W/ 192.168.1.x, 10.x.y.z: #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0 diff --git a/roles/www_back_end/tasks/main.yml b/roles/www_back_end/tasks/main.yml index 0129887d4..4b73f40f6 100644 --- a/roles/www_back_end/tasks/main.yml +++ b/roles/www_back_end/tasks/main.yml @@ -9,9 +9,14 @@ - include_tasks: php-stem.yml +- name: Install php-fpm (FastCGI Process Manager) if nextcloud_install or pbx_install + package: + name: php-fpm + when: nextcloud_install or pbx_install + # COMPARE apache_allow_sudo @ roles/www_front_end/tasks/main.yml -# For schools that use WordPress/Nextcloud/Moodle intensively. iiab/iiab#1147 +# For schools that use WordPress/Nextcloud/Moodle intensively. # WARNING: Enabling this might cause excess use of RAM/disk or other resources! - name: Enact high limits in /etc/php/{{ php_version }}/fpm/php.ini if using WordPress/Nextcloud/Moodle intensively lineinfile: