external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

create a non prifileged user

Browse source
This commit is contained in:
George Hunt 2017-06-19 06:56:54 -07:00 committed by georgejhunt
parent dfe245d280
commit 68243f1a74
3 changed files with 24 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/nextcloud/defaults/main.yml
View file

@ -12,6 +12,8 @@ nextcloud_dbname: nextcloud
nextcloud_dbhost: localhost nextcloud_dbhost: localhost
nextcloud_dbuser: nextcloud nextcloud_dbuser: nextcloud
nextcloud_dbpassword: nextcloudmysql nextcloud_dbpassword: nextcloudmysql
nextcloud_user: nextcloud
nextcloud_user_password: nextcloudmysql
nextcloud_admin_user: root nextcloud_admin_user: root
nextcloud_admin_password: "{{ mysql_root_password }}" nextcloud_admin_password: "{{ mysql_root_password }}"

9
roles/nextcloud/tasks/main.yml
View file

@ -90,15 +90,6 @@
mysql_db: name={{ nextcloud_dbname }} mysql_db: name={{ nextcloud_dbname }}
when: mysql_enabled and nextcloud_enabled when: mysql_enabled and nextcloud_enabled
- name: Create a user to access the nextcloud database
mysql_user: name={{ nextcloud_dbuser }} host={{ item }} password={{ nextcloud_dbpassword }} priv={{ nextcloud_dbname }}.*:ALL,GRANT
with_items:
- "{{ nextcloud_dbhost }}"
- 127.0.0.1
- ::1
- localhost
when: mysql_enabled and nextcloud_enabled
- name: Restart apache, so it picks up the new aliases - name: Restart apache, so it picks up the new aliases
service: name={{ apache_service }} state=restarted service: name={{ apache_service }} state=restarted
when: not nextcloud_enabled when: not nextcloud_enabled

28
roles/nextcloud/tasks/nextcloud_enabled.yml
View file

@ -1,5 +1,4 @@
# This should go in computed_network.yml, but here for now # This should go in computed_network.yml, but here for now
- name: Compute nextcloud listen ip addr for nextcloud.conf - name: Compute nextcloud listen ip addr for nextcloud.conf
set_fact: set_fact:
nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}" nextcloud_required_ip: "{{ ansible_default_ipv4.network }}/{{ ansible_default_ipv4.netmask }}"
@ -29,12 +28,12 @@
# the install wizard does not succeed if already installed # the install wizard does not succeed if already installed
- name: Determine if nextcloud is installed - name: Determine if nextcloud is installed
command: > shell: >
php {{ nextcloud_prefix }}/nextcloud/occ status | sudo -u {{ apache_user }} php
grep installed | wc | cut -f' ' -d1 '{{ nextcloud_prefix }}/nextcloud/occ' status |
grep installed | wc | cut -d' ' -f1
register: returned_count register: returned_count
- name: Run nextcloud initial install wizard - name: Run nextcloud initial install wizard
shell: > shell: >
cd {{ nextcloud_prefix }}/nextcloud; cd {{ nextcloud_prefix }}/nextcloud;
@ -47,6 +46,23 @@
--admin-pass "{{ mysql_root_password }}" --admin-pass "{{ mysql_root_password }}"
when: nextcloud_enabled and returned_count == "0" when: nextcloud_enabled and returned_count == "0"
- name: Determine if nextcloud user exists already
shell: >
sudo -u {{ apache_user }} php
'{{ nextcloud_prefix }}/nextcloud/occ' user:list |
grep {{ nextcloud_user }} | wc | cut -d' ' -f1
register: returned_count
# nextcloud wants to make users rather than just mysql users and not done
- name: create the default user
shell: >
su -s /bin/sh {{ apache_user }} -c
'OC_PASS={{ nextcloud_user_password }};
php {{ nextcloud_prefix }}/nextcloud/occ user:add
--password-from-env --display-name={{ nextcloud_user }}
--group="users" {{ nextcloud_user }}'
when: nextcloud_enabled and returned_count == "0"
- name: Remove Rewrite URL - name: Remove Rewrite URL
lineinfile: regexp='overwrite.cli.url' lineinfile: regexp='overwrite.cli.url'
state=absent state=absent