2023-03-17 10:34:15 +01:00
|
|
|
---
|
|
|
|
|
|
|
|
- when: nextcloud_container_labels_traefik_enabled | bool
|
|
|
|
name: Ensure trusted_proxies is correctly set when reverse-proxying via Traefik
|
|
|
|
block:
|
|
|
|
- name: Determine Nextcloud container network subnet
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: "{{ devture_systemd_docker_base_host_command_docker }} network inspect {{ nextcloud_container_labels_traefik_docker_network }} -f '{% raw %}{{ (index .IPAM.Config 0).Subnet }}{% endraw %}'"
|
|
|
|
register: nextcloud_reverse_proxy_container_network_subnet_result
|
|
|
|
changed_when: false
|
|
|
|
|
|
|
|
- name: Adjust Nextcloud configuration (set trusted_proxies)
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: |-
|
2023-03-17 12:51:45 +01:00
|
|
|
docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ --no-warnings config:system:set trusted_proxies 0 --type=string --value={{ nextcloud_reverse_proxy_container_network_subnet_result.stdout }}
|
2023-03-17 10:34:15 +01:00
|
|
|
|
|
|
|
- name: Adjust Nextcloud configuration (disable bruteforce protection)
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: |-
|
|
|
|
docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ --no-warnings config:system:set {{ item.key }} --type="{{ item.type }}" --value={{ item.value }}
|
|
|
|
with_items:
|
|
|
|
- key: auth.bruteforce.protection.enabled
|
|
|
|
value: "false"
|
|
|
|
type: boolean
|
|
|
|
|
|
|
|
- name: Adjust Nextcloud configuration (custom parameters)
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: |-
|
|
|
|
docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ --no-warnings config:system:set {{ item.key }} --type="{{ item.type }}" --value={{ item.value }}
|
|
|
|
with_items: "{{ nextcloud_config_parameters }}"
|
|
|
|
|
|
|
|
- name: Update database indices
|
|
|
|
ansible.builtin.command:
|
|
|
|
cmd: |-
|
|
|
|
docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ db:add-missing-indices
|