Changed installation to Debian package

App store and web update are now disabled. Apps need to be installed with as
Debian packages as well.

tasks/base.yml

@@ -1,11 +1,21 @@
+- name: pin nextcloud version
+  template:
+    src: apt-preferences.j2
+    dest: /etc/apt/preferences.d/nextcloud
+    mode: '0644'
+
+- name: setup cccv repo key
+  apt_key:
+    url: "https://packages.cccv.de/docs/cccv-archive-key.gpg"
+
+- name: add cccv infrapackages-nextcloud repo
+  apt_repository:
+    repo: "deb https://packages.cccv.de/infrapackages-nextcloud/ {{ ansible_distribution_release|lower }} main"
+
 - name: install nextcloud
-  unarchive:
-    src: "https://download.nextcloud.com/server/releases/latest.tar.bz2"
-    remote_src: yes
-    dest: /var/www/
-    owner: www-data
-    group: www-data
-    creates: /var/www/nextcloud
+  apt:
+    pkg:
+    - nextcloud
 
 - name: create nextcloud datadir
   file:
@@ -24,13 +34,17 @@
     content: |
       apc.enable_cli = 1
 
+- name: check nextcloud install status
+  check_mode: no
+  shell: "nextcloud-occ status"
+  register: nextcloud_status_check
+  changed_when: false
+
 - name: setup nextcloud
-  become_user: www-data
-  become: true
+  when: "'installed: false' in nextcloud_status_check.stdout"
   command:
     argv:
-      - /usr/bin/php
-      - occ
+      - nextcloud-occ
       - maintenance:install
       - -n
       - --database
@@ -47,38 +61,25 @@
       - '{{ nextcloud.admin.pw }}'
       - --data-dir
       - '{{ nextcloud.datadir }}'
-  args:
-    chdir: /var/www/nextcloud
-    creates: /var/www/nextcloud/config/config.php
 
 - name: set nextcloud trusted domains
-  become_user: www-data
-  become: true
   command: # noqa no-changed-when
     argv:
-      - /usr/bin/php
-      - occ
+      - nextcloud-occ
       - config:system:set
       - trusted_domains
       - 1
       - --value
       - "{{ nextcloud.externalurl }}"
-  args:
-    chdir: /var/www/nextcloud
 
 - name: set other nextcloud config values
-  become_user: www-data
-  become: true
   command: # noqa no-changed-when
     argv:
-      - /usr/bin/php
-      - occ
+      - nextcloud-occ
       - config:system:set
       - "{{ item.key }}"
       - --value
       - "{{ item.value }}"
-  args:
-    chdir: /var/www/nextcloud
   with_items:
   - { key: "mail_from_address",    value: "{{ nextcloud.mail.from }}" }
   - { key: "mail_domain",          value: "{{ nextcloud.mail.domain }}" }
@@ -111,10 +112,3 @@
     state: link
   notify:
   - restart nginx
-
-- name: add cronjob for nextcloud
-  cron:
-    job: /usr/bin/php -f /var/www/nextcloud/cron.php
-    user: www-data
-    minute: "*/10"
-    name: nextcloud-cron

tasks/groupfolders.yml

@@ -1,14 +1,9 @@
 - name: manage group folders
-  become_user: www-data
-  become: true
-
   block:
     # Get list of existing group folders and set them as fact
     - name: get list of group folders
       check_mode: no
-      command: '/usr/bin/php occ groupfolders:list --output json'
-      args:
-        chdir: /var/www/nextcloud
+      command: 'nextcloud-occ groupfolders:list --output json'
       register: existing_group_folders
 
     - name: store existing group folders
@@ -17,9 +12,7 @@
 
     # Create group folders that did not exist yet
     - name: create non-existing folders
-      command: "/usr/bin/php occ groupfolders:create {{ item.name }}"
-      args:
-        chdir: /var/www/nextcloud
+      command: "nextcloud-occ groupfolders:create {{ item.name }}"
       with_items: "{{ nextcloud.groupfolders }}"
       when: group_folders | selectattr(search_key, 'equalto', search_val) | list | count == 0
       vars:
@@ -29,9 +22,7 @@
     # Get list of existing group folders AGAIN and set them as fact
     - name: get list of group folders again
       check_mode: no
-      command: '/usr/bin/php occ groupfolders:list --output json'
-      args:
-        chdir: /var/www/nextcloud
+      command: 'nextcloud-occ groupfolders:list --output json'
       register: existing_group_folders
 
     - name: store existing group folders
@@ -40,9 +31,7 @@
 
     # Set quota for folders where it does not match
     - name: set group folder quota
-      command: "/usr/bin/php occ groupfolders:quota {{ (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).id }} {{ item.quota }}"
-      args:
-        chdir: /var/www/nextcloud
+      command: "nextcloud-occ groupfolders:quota {{ (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).id }} {{ item.quota }}"
       with_items: "{{ nextcloud.groupfolders }}"
       when: (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).quota != item.quota
       vars:
@@ -51,16 +40,12 @@
 
     # We search for some random name so that the LDAP data cache gets updated
     - name: update LDAP cache
-      command: "/usr/bin/php occ ldap:search random_string_to_update_cache"
-      args:
-        chdir: /var/www/nextcloud
+      command: "nextcloud-occ ldap:search random_string_to_update_cache"
       changed_when: False
 
     # Set folder permissions if they are not correct yet
     - name: Set folder permissions
-      command: "/usr/bin/php occ groupfolders:group {{ (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).id }} {{ item.1 }} write share delete"
-      args:
-        chdir: /var/www/nextcloud
+      command: "nextcloud-occ groupfolders:group {{ (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).id }} {{ item.1 }} write share delete"
       # Only execute when the permissions of the group for that folder are not "31" (31 is write, share, delete)
       when: ((group_folders | selectattr(search_key, 'equalto', search_val) | list | first).groups[item.1] is undefined) or
             ((group_folders | selectattr(search_key, 'equalto', search_val) | list | first).groups[item.1] != 31)

tasks/main.yml

@@ -1,8 +1,6 @@
 - import_tasks: base.yml
 
 - name: configure ldap app
-  become: true
-  become_user: www-data
   nextcloud_ldap:
     config: "{{ nextcloud.ldap }}"
   when: