From 924107abbe7167a6335853fc0a1624efe40eaa97 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Mon, 2 Sep 2024 20:29:51 -0500
Subject: [PATCH] nextcloud: Support remote database server

The _nextcloud_ role originally handled setting up the PostgreSQL
database and assumed that it was running on the same server as Nextcloud
itself.  I have factored out those tasks into their own role,
_nextcloud-db_, which can be applied to a separate host.

I have also introduced some new variables (`nextcloud_db_host`,
`nextcloud_db_name`, `nextcloud_db_user`, and `nextcloud_db_password`),
which can be used to specify how to connect to the database, if it is
hosted remotely.  Since these variables are used by both the _nextcloud_
and _nextcloud-db_ roles, they are actually defined in a separate role,
_nextcloud-base_, upon which both depend.
---
 nextcloud.yml                           |  9 ++++++++-
 roles/nextcloud-base/defaults/main.yml  |  4 ++++
 roles/nextcloud-base/tasks/main.yml     |  0
 roles/nextcloud-db/meta/main.yml        |  2 ++
 roles/nextcloud-db/tasks/main.yml       | 19 +++++++++++++++++++
 roles/nextcloud/meta/main.yml           |  1 +
 roles/nextcloud/tasks/main.yml          | 15 ---------------
 roles/nextcloud/templates/config.php.j2 | 10 +++++-----
 8 files changed, 39 insertions(+), 21 deletions(-)
 create mode 100644 roles/nextcloud-base/defaults/main.yml
 create mode 100644 roles/nextcloud-base/tasks/main.yml
 create mode 100644 roles/nextcloud-db/meta/main.yml
 create mode 100644 roles/nextcloud-db/tasks/main.yml

diff --git a/nextcloud.yml b/nextcloud.yml
index e9737b1..c3a6017 100644
--- a/nextcloud.yml
+++ b/nextcloud.yml
@@ -1,7 +1,14 @@
+- hosts: nextcloud-db
+  vars_files:
+  - vault/nextcloud
+  roles:
+  - role: nextcloud-db
+    tags:
+    - nextcloud-db
+
 - hosts: nextcloud
   vars_files:
   - vault/nextcloud
   roles:
-  - postgresql-server
   - apache
   - nextcloud
diff --git a/roles/nextcloud-base/defaults/main.yml b/roles/nextcloud-base/defaults/main.yml
new file mode 100644
index 0000000..0669852
--- /dev/null
+++ b/roles/nextcloud-base/defaults/main.yml
@@ -0,0 +1,4 @@
+nextcloud_db_name: nextcloud
+nextcloud_db_host: localhost
+nextcloud_db_port: ''
+nextcloud_db_user: nextcloud
diff --git a/roles/nextcloud-base/tasks/main.yml b/roles/nextcloud-base/tasks/main.yml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/nextcloud-db/meta/main.yml b/roles/nextcloud-db/meta/main.yml
new file mode 100644
index 0000000..d6fc3f9
--- /dev/null
+++ b/roles/nextcloud-db/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+- nextcloud-base
diff --git a/roles/nextcloud-db/tasks/main.yml b/roles/nextcloud-db/tasks/main.yml
new file mode 100644
index 0000000..5ed6083
--- /dev/null
+++ b/roles/nextcloud-db/tasks/main.yml
@@ -0,0 +1,19 @@
+- name: ensure nextcloud database user exists
+  become: true
+  become_user: postgres
+  postgresql_user:
+    name: '{{ nextcloud_db_user }}'
+    password: '{{ nextcloud_db_password|d(omit) }}'
+    state: present
+  tags:
+  - postgresql-user
+
+- name: ensure nextcloud database exists
+  become: true
+  become_user: postgres
+  postgresql_db:
+    name: nextcloud
+    owner: nextcloud
+    state: present
+  tags:
+  - postgresql-db
diff --git a/roles/nextcloud/meta/main.yml b/roles/nextcloud/meta/main.yml
index ff8645c..5804638 100644
--- a/roles/nextcloud/meta/main.yml
+++ b/roles/nextcloud/meta/main.yml
@@ -1,4 +1,5 @@
 dependencies:
+- nextcloud-base
 - role: redis
   tags:
   - redis
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 213da0b..9bbb04e 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -27,21 +27,6 @@
   tags:
   - always
 
-- name: ensure nextcloud database user exists
-  become: true
-  become_user: postgres
-  postgresql_user:
-    name: nextcloud
-    password: '{{ nextcloud_db_password }}'
-    state: present
-- name: ensure nextcloud database exists
-  become: true
-  become_user: postgres
-  postgresql_db:
-    name: nextcloud
-    owner: nextcloud
-    state: present
-
 - name: ensure nextcloud is configured
   template:
     src: config.php.j2
diff --git a/roles/nextcloud/templates/config.php.j2 b/roles/nextcloud/templates/config.php.j2
index f3c3a68..094002f 100644
--- a/roles/nextcloud/templates/config.php.j2
+++ b/roles/nextcloud/templates/config.php.j2
@@ -37,12 +37,12 @@ $CONFIG = array (
   'dbtype' => 'pgsql',
   'version' => '{{ nc_version }}',
   'overwrite.cli.url' => 'https://{{ nextcloud_server_name }}',
-  'dbname' => 'nextcloud',
-  'dbhost' => 'localhost',
-  'dbport' => '',
+  'dbname' => '{{ nextcloud_db_name }}',
+  'dbhost' => '{{ nextcloud_db_host }}',
+  'dbport' => '{{ nextcloud_db_port }}',
   'dbtableprefix' => 'oc_',
-  'dbuser' => 'nextcloud',
-  'dbpassword' => '{{ nextcloud_db_password }}',
+  'dbuser' => '{{ nextcloud_db_user }}',
+  'dbpassword' => '{{ nextcloud_db_password|d("") }}',
   'installed' => true,
   'ldapIgnoreNamingRules' => false,
   'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',