rik/surf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
surf/install_whiteboard.yml
jmdekker2 d19faae59d Create install_whiteboard.yml
2025-05-29 22:21:23 +02:00

234 lines
6.6 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
- name: Voeg lokale host toe aan nextcloud groep
hosts: localhost
gather_facts: yes
tasks:
- name: Haal IP-adres op van huidige server
debug:
var: ansible_default_ipv4.address
- name: Voeg IP-adres toe aan 'nextcloud' groep
add_host:
name: "{{ ansible_default_ipv4.address }}"
groups: nextcloud
ansible_user: "{{ ansible_user }}"
- name: Setup Whiteboard server with Docker Compose v2, HTTPS/WSS, WebSocket fix, and healthcheck
hosts: whiteboard
become: true
vars:
ansible_python_interpreter: /usr/bin/python3
tasks:
- name: Update and upgrade apt packages
apt:
update_cache: yes
upgrade: dist
- name: Install required packages
apt:
name:
- apt-transport-https
- ca-certificates
- curl
- software-properties-common
- jq
- netcat
state: present
- name: Add NodeSource Node.js 20.x repository
shell: curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
args:
executable: /bin/bash
- name: Install Node.js and npm (from NodeSource)
apt:
name:
- nodejs
state: present
- name: Add Docker GPG key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add Docker repository
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable
state: present
- name: Install Docker and Docker Compose v2
apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: present
- name: Ensure Docker Compose v2 plugin is present
command: docker compose version
register: docker_compose_version
failed_when: docker_compose_version.rc != 0
- name: Clone Whiteboard repository (force overwrite)
git:
repo: https://github.com/nextcloud/whiteboard.git
dest: /opt/whiteboard
version: main
force: yes
- name: Install npm packages (including dotenv)
command: npm install
args:
chdir: /opt/whiteboard
- name: Create updated .env file for Whiteboard (matching Docker expectations)
copy:
dest: /opt/whiteboard/.env
content: |
NEXTCLOUD_URL={{ nc_url }}
NEXTCLOUD_USER={{ nc_user }}
NEXTCLOUD_PASSWORD={{ nc_password }}
JWT_SECRET_KEY={{ jwt_secret }}
FORCE_HTTPS=true
TRUST_PROXY=true
PORT=3002
- name: Update docker-compose.yml to use env_file
copy:
dest: /opt/whiteboard/docker-compose.yml
content: |
version: '3.7'
services:
nextcloud-whiteboard-server:
build:
context: .
dockerfile: Dockerfile
ports:
- 3002:3002
env_file:
- .env
- name: Run Docker Compose up
command: docker compose up -d
args:
chdir: /opt/whiteboard
- name: Install Nginx and Certbot
apt:
name:
- nginx
- certbot
- python3-certbot-nginx
state: present
- name: Ensure nginx.conf has map for connection_upgrade
blockinfile:
path: /etc/nginx/nginx.conf
block: |
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
insertafter: '^http {'
marker: "# {mark} ANSIBLE MANAGED CONNECTION UPGRADE MAP"
- name: Temporary Nginx HTTP config for certificate request
copy:
dest: /etc/nginx/sites-available/whiteboard
content: |
server {
listen 80;
server_name {{ domain }};
location / {
proxy_pass http://localhost:3002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port 80;
}
}
- name: Enable Nginx site and disable default
file:
src: /etc/nginx/sites-available/whiteboard
dest: /etc/nginx/sites-enabled/whiteboard
state: link
force: true
- name: Remove default Nginx site
file:
path: /etc/nginx/sites-enabled/default
state: absent
- name: Test Nginx configuration
command: nginx -t
- name: Reload Nginx
systemd:
name: nginx
state: reloaded
- name: Obtain Lets Encrypt certificate
command: >
certbot --nginx -d {{ domain }} --non-interactive --agree-tos -m {{ email }}
- name: Replace Nginx config with SSL, WebSocket fix, and healthcheck support
copy:
dest: /etc/nginx/sites-available/whiteboard
content: |
server {
listen 80;
server_name {{ domain }};
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name {{ domain }};
ssl_certificate /etc/letsencrypt/live/{{ domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem;
location / {
proxy_pass http://localhost:3002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port 443;
proxy_read_timeout 86400;
}
}
- name: Test final Nginx configuration
command: nginx -t
- name: Reload Nginx with final SSL config
systemd:
name: nginx
state: reloaded
- name: Restart Docker Compose services
command: docker compose restart
args:
chdir: /opt/whiteboard
- name: Check if backend port 3002 is open
command: nc -zv localhost 3002
register: portcheck_result
failed_when: portcheck_result.rc != 0
- name: Show port 3002 check result
debug:
var: portcheck_result
Reference in New Issue View Git Blame Copy Permalink