update README and make coturn/talk optional

2 months ago · 26ac923d7b
5 changed files with 31 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -1,7 +1,8 @@
 # Ansible Nextcloud Collection

 Ansible Nextcloud Collection - that brings up your nextcloud usage to the next level 🚀  
-No ssh required.
+  * No ssh required for module usage
+  * Install role requires ssh

 ## Features

@ -14,7 +15,7 @@ No ssh required.
 * 🔑 passwords
    * `lookup` plugin for [passwords app](https://apps.nextcloud.com/apps/passwords)
    * `password` module - create, update and delete [passwords](https://apps.nextcloud.com/apps/passwords)
-* `markuman.nextcloud` installation role - securely setup Nextcloud.
+* `markuman.nextcloud.nextcloud` installation role - securely setup Nextcloud.

 ## install

@ -34,3 +35,8 @@ No ssh required.
 | https://gitlab.com/markuman/markuman.nextcloud | push mirror, merge-requests and Issues |
 | https://github.com/markuman/markuman.nextcloud | push mirror, pull-requests and Issues |

+
+| Collection Version | Supported OS | Nextcloud Version | Collection EOL |
+| --- | --- | --- | --- |
+| 9 | Ubuntu 20.04 | 23 | 2022.12 |
+| 10 | Ubuntu 22.04 | >= 24 | TBA |
--- a/roles/nextcloud/defaults/main.yml
+++ b/roles/nextcloud/defaults/main.yml
@ -4,6 +4,9 @@ caddy_version: 2.5.0
 nextcloud_db_name: nextcloud
 nextcloud_db_user: nextcloud

+# nextcloud
+install_talk: yes
+
 # php-fpm
 php_fpm:
  max_children: 120
--- a/roles/nextcloud/tasks/01-packages.yml
+++ b/roles/nextcloud/tasks/01-packages.yml
@ -56,16 +56,13 @@
    - ufw allow out 22 comment "outgoing ssh"
    - ufw allow 80 comment "incomming http for caddy"
    - ufw allow 443 comment "incomming https for caddy"
-    - ufw allow 3478/udp comment "incomming for coturn"
-    - ufw allow 3478 comment "incomming for coturn"
    - ufw allow out 80 comment "outgoing http"
    - ufw allow out 443 comment "outgoing https"
    - ufw allow out 53/udp comment "outgoing for dns"
    - ufw allow out 123/udp comment "outgoing for ntp"
    - ufw allow out 993 comment "outgoing imap ssl"
    - ufw allow out 465 comment "outgoing smtp ssl"
-    - ufw allow out 3478/udp comment "outgoing coturn"
-    - ufw allow out 3478 comment "outgoing coturn"
+

 - name: ufw enable
  community.general.ufw:
--- a/roles/nextcloud/tasks/07-coturn.yml
+++ b/roles/nextcloud/tasks/07-coturn.yml
@ -1,3 +1,10 @@
+- name: install spreed (talk)
+  args:
+    chdir: /var/www/nextcloud/
+  command: "sudo -u www-data php occ app:{{ item }}"
+  with_items:
+    - install spreed
+
 - name: install coturn
  apt:
    update_cache: yes
@ -5,6 +12,14 @@
    name:
      - coturn

+- name: ufw rules for coturn
+  command: "{{ item }}"
+  with_items:
+    - ufw allow 3478/udp comment "incomming for coturn"
+    - ufw allow 3478 comment "incomming for coturn"
+    - ufw allow out 3478/udp comment "outgoing coturn"
+    - ufw allow out 3478 comment "outgoing coturn"
+
 - name: random coturn secret
  set_fact:
    coturn_secret: "{{ lookup('community.general.random_string', length=32, override_special=hex_chars) }}"
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@ -4,4 +4,7 @@
 - include_tasks: 04-php.yml
 - include_tasks: 05-caddy.yml
 - include_tasks: 06-nextcloud.yml
- include_tasks: 07-coturn.yml
+
+- name: install and setup nc talk (spreed) and coturn
+  when: install_talk
+  include_tasks: 07-coturn.yml