72 lines
1.6 KiB
YAML
72 lines
1.6 KiB
YAML
- name: ensure nextcloud db cert fetch script is installed
|
|
copy:
|
|
src: fetch-cert.py
|
|
dest: /usr/local/libexec/nextcloud-fetch-cert.py
|
|
owner: root
|
|
group: root
|
|
mode: u=rwx,go=rx
|
|
notify:
|
|
- restart nextcloud-fetch-cert.timer
|
|
tags:
|
|
- copy-script
|
|
|
|
- name: ensure nextcloud db cert fetch token credential exists
|
|
copy:
|
|
dest: /etc/credstore/nextcloud.fetchcert.token
|
|
content: |+
|
|
{{ nextcloud_fetchcert_token }}
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=
|
|
diff: false
|
|
tags:
|
|
- credentials
|
|
|
|
- name: ensure kubernetes ca certificate is installed
|
|
copy:
|
|
src: kube-root-ca.crt
|
|
dest: /etc/pki/ca-trust/kube-root-ca.crt
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
tags:
|
|
- cacert
|
|
|
|
- name: ensure nextcloud cert fetch timer unit is installed
|
|
template:
|
|
src: nextcloud-fetch-cert.timer.j2
|
|
dest: /etc/systemd/system/nextcloud-fetch-cert.timer
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- reload systemd
|
|
- restart nextcloud-fetch-cert.timer
|
|
tags:
|
|
- systemd
|
|
- name: ensure nextcloud cert fetch service unit is installed
|
|
copy:
|
|
src: nextcloud-fetch-cert.service
|
|
dest: /etc/systemd/system/nextcloud-fetch-cert.service
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- reload systemd
|
|
- restart nextcloud-fetch-cert.timer
|
|
tags:
|
|
- systemd
|
|
|
|
- name: ensure nextcloud cert fetch timer is enabled
|
|
systemd:
|
|
name: nextcloud-fetch-cert.timer
|
|
enabled: true
|
|
tags:
|
|
- service
|
|
- name: ensure nextcloud cert fetch timer is started
|
|
systemd:
|
|
name: nextcloud-fetch-cert.timer
|
|
state: started
|
|
tags:
|
|
- service
|