nextcloud_root_dir & nextcloud_data_dir now work

roles/nextcloud/defaults/main.yml

@@ -10,9 +10,6 @@
 # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
 # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
 
-nextcloud_url: /nextcloud
-nextcloud_prefix: "{{ doc_root }}"    # /library/www/html (WAS /opt)
-nextcloud_data_dir: "{{ content_base }}/nextcloud/data"    # /library/nextcloud/data BUT NOT USED BY NEXTCLOUD AS OF 2020-02-15, so it defaults to /opt/nextcloud/data ??
 
 # 2020-01-07: If installing IIAB often, download.nextcloud.com may throttle
 # you to ~100 kbit/sec, delaying your IIAB install by an hour or more (#2112).
@@ -20,6 +17,25 @@ nextcloud_data_dir: "{{ content_base }}/nextcloud/data"    # /library/nextcloud/
 # nextcloud_dl_url: http://d.iiab.io/packages/latest.tar.bz2
 nextcloud_dl_url: https://download.nextcloud.com/server/releases/latest.tar.bz2
 
+nextcloud_url: /nextcloud
+
+nextcloud_base_dir: "{{ doc_base }}"    # /library/www
+#nextcloud_base_dir: "{{ doc_root }}"    # /library/www/html
+nextcloud_root_dir: "{{ nextcloud_base_dir }}/nextcloud"
+#
+# 2020-02-16 options...
+# /opt/nextcloud <-- Old Nextcloud recommendation
+# /var/www/nextcloud <-- Nextcloud recommendation
+# /library/nextcloud  <-- Old IIAB recommendation
+# /library/www/nextcloud  <-- IIAB RECOMMENDATION FOR NOW ?
+# /library/www/html/nextcloud <-- Bad idea?  Security & privacy consequences?
+#
+# IN ANY CASE, PLEASE VERIFY nextcloud/config/config.php AFTER INSTALLATION!
+#
+# Nextcloud's default for now--OR PUT PERSONAL DATA ON ANOTHER DRIVE/PARTITION:
+nextcloud_data_dir: "{{ nextcloud_root_dir }}/data"    # /library/www/nextcloud
+
+
 # We install on MySQL with these settings:
 nextcloud_dbname: nextcloud
 nextcloud_dbuser: nextcloud

roles/nextcloud/tasks/install.yml

@@ -88,33 +88,26 @@
   when: not is_raspbian
 
 
-- name: Create dir {{ nextcloud_prefix }}{{ nextcloud_url }}
+- name: Create dir {{ nextcloud_root_dir }}
   file:
     state: directory
-    path: "{{ nextcloud_prefix }}{{ nextcloud_url }}"    # /library/www/html + /nextcloud
+    path: "{{ nextcloud_root_dir }}"    # /library/www/nextcloud
 
-- name: Unarchive {{ nextcloud_dl_url }} to {{ nextcloud_prefix }}{{ nextcloud_url }} ({{ apache_user }}:{{ apache_user }})
+- name: Unarchive {{ nextcloud_dl_url }} to {{ nextcloud_root_dir }} ({{ apache_user }}:{{ apache_user }})
   unarchive:
     remote_src: yes
     src: "{{ nextcloud_dl_url }}"
-    dest: "{{ nextcloud_prefix }}{{ nextcloud_url }}"    # /library/www/html + /nextcloud
-    owner: "{{ apache_user }}"    # apache2 on debuntu
+    #dest: "{{ nextcloud_base_dir }}"    # /library/www
+    dest: "{{ nextcloud_root_dir }}"     # /library/www/nextcloud
+    owner: "{{ apache_user }}"           # apache2 on debuntu
     group: "{{ apache_user }}"
-    extra_opts: --strip-components=1
+    extra_opts: --strip-components=1     # Or use 'dest: /library/www' above
   when: internet_available
 
-# - name: "NOT USED FOR NOW: Create data dir {{ nextcloud_data_dir }}"
-#   file:
-#     state: directory
-#     path: "{{ nextcloud_data_dir }}"    # /library/nextcloud/data NOT USED BY NEXTCLOUD AS OF 2020-02-15 ...Nextcloud defaults to /opt/nextcloud/data OR /library/www/html/nextcloud/data ??
-#     owner: "{{ apache_user }}"
-#     group: "{{ apache_user }}"
-#     mode: '0750'
-
 - name: Provision Nextcloud's MySQL DB, run Nextcloud's install wizard, etc
   include_tasks: setup.yml
 
-- name: Install /etc/{{ apache_conf_dir }}/nextcloud.conf from template, for http://box/nextcloud
+- name: Install /etc/{{ apache_conf_dir }}/nextcloud.conf from template, for http://box{{ nextcloud_url }}    # http://box/nextcloud
   template:
     src: nextcloud.conf.j2
     dest: "/etc/{{ apache_conf_dir }}/nextcloud.conf"    # apache2/sites-available on debuntu

roles/nextcloud/tasks/main.yml

@@ -44,9 +44,15 @@
       value: Nextcloud
     - option: description
       value: '"Nextcloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."'
-    - option: nextcloud_prefix
-      value: "{{ nextcloud_prefix }}"
+    - option: nextcloud_dl_url
+      value: "{{ nextcloud_dl_url }}"
     - option: nextcloud_url
       value: "{{ nextcloud_url }}"
+    - option: nextcloud_base_dir
+      value: "{{ nextcloud_base_dir }}"
+    - option: nextcloud_root_dir
+      value: "{{ nextcloud_root_dir }}"
+    - option: nextcloud_data_dir
+      value: "{{ nextcloud_data_dir }}"
     - option: nextcloud_enabled
       value: "{{ nextcloud_enabled }}"

roles/nextcloud/tasks/setup.yml

@@ -14,26 +14,47 @@
     - localhost
 
 
-#- name: Install {{ nextcloud_prefix }}/nextcloud/config/autoconfig.php from template
+# https://docs.nextcloud.com/server/18/admin_manual/installation/command_line_installation.html
+- name: Create data dir {{ nextcloud_data_dir }}
+  file:
+    state: directory
+    path: "{{ nextcloud_data_dir }}"    # /library/nextcloud/data NOT USED BY NEXTCLOUD AS OF 2020-02-15 ...Nextcloud defaults to /opt/nextcloud/data OR /library/www/html/nextcloud/data ??
+    owner: "{{ apache_user }}"
+    group: "{{ apache_user }}"
+    # mode: '0750'
+
+# 1 of 3: Very Old Way... from OwnCloud days
+#- name: Install {{ nextcloud_root_dir }}/config/autoconfig.php from template
 #  template:
 #    src: autoconfig.php.j2
-#    dest: "{{ nextcloud_prefix }}/nextcloud/config/autoconfig.php"
+#    dest: "{{ nextcloud_root_dir }}/config/autoconfig.php"
 #    owner: "{{ apache_user }}"
 #    group: "{{ apache_user }}"
 #    mode: '0640'
 
+# 2 of 3: Another Possible Way... not quite ready for prime time
+# - name: Set 'datadirectory' to {{ nextcloud_data_dir }} in {{ nextcloud_root_dir }}/config/config.php
+#   lineinfile:
+#     path: "{{ nextcloud_root_dir }}/config/config.php"
+#     regexp: "^  'datadirectory' => "
+#     insertafter: '^\$CONFIG = array \('
+#     line: "  'datadirectory' => '{{ nextcloud_data_dir }}',"
 
-- name: Determine if Nextcloud is installed (causes install wizard to fail)
+# 2020-02-16: SHOULD THIS STANZA GO AWAY IN FUTURE, in favor of 'nextcloud_installed is undefined' test below?
+- name: Use php to determine if Nextcloud is installed (causes install wizard to fail)
   shell: >
-    php {{ nextcloud_prefix }}/nextcloud/occ status |
+    php {{ nextcloud_root_dir }}/occ status |
     gawk '/installed:/ { print $3 }'
   become: yes
   become_user: "{{ apache_user }}"
   register: returned
 
-- name: Run Nextcloud initial install wizard (if absolutely nec, manually drop MySQL db '{{ nextcloud_dbname }}')
+# 3 of 3: New Way In 2020... use --data-dir "{{ nextcloud_data_dir }}"
+# https://docs.nextcloud.com/server/18/admin_manual/installation/command_line_installation.html
+# https://docs.nextcloud.com/server/18/admin_manual/configuration_server/occ_command.html#command-line-installation-label
+- name: Run Nextcloud initial install wizard, seeding data dir {{ nextcloud_data_dir }} (IF THIS FAILS, CONSIDER MANUALLY DROPPING MySQL db '{{ nextcloud_dbname }}' THEN RERUN THIS)
   shell: >
-    cd {{ nextcloud_prefix }}/nextcloud;
+    cd {{ nextcloud_root_dir }};
     php occ maintenance:install
     --database "mysql"
     --database-name "{{ nextcloud_dbname }}"
@@ -41,8 +62,10 @@
     --database-pass "{{ nextcloud_dbpassword }}"
     --admin-user "{{ nextcloud_admin_user }}"
     --admin-pass "{{ nextcloud_admin_password }}"
+    --data-dir "{{ nextcloud_data_dir }}"
   become: yes
   become_user: "{{ apache_user }}"
+  #when: nextcloud_installed is undefined
   when: returned.stdout == "false"    # and nextcloud_enabled
 
 
@@ -55,6 +78,6 @@
     line: 'clear_env = no'
 
 - name: 'Allow Nextcloud access from all hosts and IP addresses (SEE ALSO: /etc/apache2/sites-available/nextcloud.conf)'
-  command: php {{ nextcloud_prefix }}/nextcloud/occ config:system:set trusted_domains 1 --value=*
+  command: php {{ nextcloud_root_dir }}/occ config:system:set trusted_domains 1 --value=*
   become: yes
   become_user: "{{ apache_user }}"

roles/nextcloud/templates/nextcloud-nginx.conf.j2

@@ -1,4 +1,9 @@
-location ^~ /nextcloud {
+# 2020-02-16: Customized from template...thanks to @m_anish:
+#
+# https://docs.nextcloud.com/server/18/admin_manual/installation/nginx.html#nextcloud-in-a-subdir-of-nginx
+# https://docs.nextcloud.com/server/18/admin_manual/installation/nginx.html#nextcloud-in-the-webroot-of-nginx
+
+location ^~ {{ nextcloud_url }} {
 
     ## Add headers to serve security related headers
     ## Before enabling Strict-Transport-Security headers please read into this
@@ -25,7 +30,8 @@ location ^~ /nextcloud {
     #fastcgi_hide_header X-Powered-By;
 
     # Path to the root of your installation
-    root {{ doc_root }}/;    # /library/www/html
+    #root {{ nextcloud_root_dir }};    # /library/www/nextcloud IN FUTURE ??
+    root {{ nextcloud_base_dir }};    # /library/www == {{ doc_base }} FOR NOW
 
     location = /nextcloud/robots.txt {
         allow all;
@@ -65,7 +71,7 @@ location ^~ /nextcloud {
     # This module is currently not supported.
     #pagespeed off;
 
-    location /nextcloud/ {
+    location /nextcloud {
         rewrite ^ /nextcloud/index.php;
     }
 
@@ -117,7 +123,7 @@ location ^~ /nextcloud {
         #
         # THESE 1 + 6 ALSO APPEAR ~100 LINES ABOVE
         #
-        add_header Referrer-Policy "no-referrer" always;
+        #add_header Referrer-Policy "no-referrer" always;
         add_header X-Content-Type-Options "nosniff" always;
         add_header X-Download-Options "noopen" always;
         add_header X-Frame-Options "SAMEORIGIN" always;

roles/nextcloud/templates/nextcloud.conf.j2

@@ -1,8 +1,10 @@
 # Ansible template that becomes /etc/apache2/sites-available/nextcloud.conf
 
-Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud
+Alias {{ nextcloud_url }} {{ nextcloud_root_dir }}
+# Alias {{ nextcloud_url }} [[ nextcloud_prefix ]]/nextcloud
 
-<Directory {{ nextcloud_prefix }}/nextcloud/>
+<Directory {{ nextcloud_root_dir }}/>
+# <Directory [[ nextcloud_prefix ]]/nextcloud/>
     # 2019-09-04 commenting out towards future removal
     #Options -Indexes