♻: move nextcloud to app dir

roles/nextcloud/tasks/main.yml

@@ -6,5 +6,9 @@
 - name: Install nextcloud
   ansible.builtin.include_tasks: nextcloud.yml
 
+- name: Install nextcloud modules
+  ansible.builtin.include_tasks: nextcloud_modules.yml
+  loop: "{{ nextcloud_modules }}"
+
 - name: Check nextcloud version
   ansible.builtin.include_tasks: check.yml

roles/nextcloud/tasks/nextcloud.yml

@@ -1,9 +1,15 @@
 ---
 
-- name: Create application directory
+## Remove the previous app & install the new version
+- name: Remove Nextcloud previous version
+  ansible.builtin.file:
+    state: absent
+    dest: "{{ nextcloud_app_home }}"
+
+- name: Create app home
   ansible.builtin.file:
     state: directory
-    dest: "{{ nextcloud_home }}"
+    dest: "{{ nextcloud_app_home }}"
     owner: root
     group: www-data
     mode: "0o750"
@@ -12,47 +18,50 @@
   ansible.builtin.unarchive:
     remote_src: true
     src: "{{ nextcloud_url }}"
-    dest: "{{ nextcloud_home }}"
+    dest: "{{ nextcloud_app_home }}"
     owner: root
     group: www-data
     mode: "a-rwx,u+rwX,g+rX"
     extra_opts: ['--strip-components=1']
-    exclude:
-      - "data"
-      - "config/config.php"
-
-- name: Put config file
-  ansible.builtin.template:
-    src: "config.php.j2"
-    dest: "{{ nextcloud_home }}/config/config.php"
-    owner: www-data
-    group: www-data
-    mode: "0o640"
-
-- name: Set config dir permissions
-  ansible.builtin.file:
-    state: directory
-    dest: "{{ nextcloud_home }}/config"
-    owner: www-data
-    group: www-data
-    mode: "0o750"
 
 - name: Check writable dirs
   ansible.builtin.file:
     state: directory
-    dest: "{{ nextcloud_home }}/{{ item }}"
+    dest: "{{ nextcloud_app_home }}/{{ item }}"
     owner: root
     group: www-data
     mode: "g+w"
     recurse: true
-  loop:
+  loop: "{{ nextcloud_writable_app_dirs }}"
-    - "apps"
+
-    - "data"
+- name: Put config file
+  ansible.builtin.template:
+    src: "config.php.j2"
+    dest: "{{ nextcloud_app_home }}/config/config.php"
+    owner: www-data
+    group: www-data
+    mode: "0o640"
+
+# Nextcloud `data/` does not exist in the archive, so create it everytime
+- name: Create data home
+  ansible.builtin.file:
+    state: directory
+    path: "{{ nextcloud_data_home }}/data"
+    owner: www-data
+    group: www-data
+    mode: "0o750"
+
+- name: Link Nextcloud userdata dirs
+  ansible.builtin.file:
+    state: link
+    src: "{{ nextcloud_data_home }}/{{ item }}"
+    dest: "{{ nextcloud_app_home }}/{{ item }}"
+  loop: "{{ nextcloud_userdata_app_dirs }}"
 
 - name: Run occ upgrade
   become: true
   become_user: www-data
   ansible.builtin.command:
     cmd: "php occ upgrade"
-    chdir: "{{ nextcloud_home }}"
+    chdir: "{{ nextcloud_app_home }}"
   changed_when: false

roles/nextcloud/tasks/nextcloud_modules.yml

@@ -0,0 +1,10 @@
+---
+
+- name: "Install {{ item.name }} module"
+  become: true
+  become_user: www-data
+  ansible.builtin.command:
+    cmd: "php occ app:install {{ item.force | default(false) | ternary('--force', '') }} {{ item.name }}"
+    chdir: "{{ nextcloud_app_home }}"
+    creates: "{{ nextcloud_app_home }}/apps/{{ item.name }}"
+  changed_when: false

roles/nextcloud/vars/main.yml

@@ -5,4 +5,20 @@ nextcloud_url: "https://download.nextcloud.com/server/releases/nextcloud-{{ next
 
 nextcloud_access_url: "{{ web_hostname | selectattr('type', 'defined') | selectattr('type', '==', 'nextcloud') | map(attribute='host') | first }}"
 
-nextcloud_home: "/srv/http/{{ nextcloud_access_url }}"
+# Access path
+nextcloud_app_home: "/var/www/{{ nextcloud_access_url }}"
+nextcloud_data_home: "/srv/www-data/{{ nextcloud_access_url }}"
+
+# App dirs
+nextcloud_writable_app_dirs:
+  - apps
+  - config
+nextcloud_userdata_app_dirs:
+  - data
+
+# Supplementary modules
+nextcloud_modules:
+  - name: calendar
+  - name: tasks
+  - name: user_external
+    force: true

roles/nginx/templates/vhosts/o.libertus.eu.conf.j2

@@ -11,7 +11,7 @@ map $arg_v $asset_immutable {
 server {
 {% include './templates/header.conf.j2' %}
 	# Path to the root of your installation
-	root /srv/http/o.libertus.eu;
+	root /var/www/o.libertus.eu;
 	# Prevent nginx HTTP Server Detection
 	server_tokens off;