ansible-role-nextcloud/tasks/groupfolders.yml

- name: manage group folders
  become_user: www-data
  become: true

  block:
    # Get list of existing group folders and set them as fact
    - name: get list of group folders
      check_mode: no
      command: '/usr/bin/php occ groupfolders:list --output json'
      args:
        chdir: /var/www/nextcloud
      register: existing_group_folders

    - set_fact:
        group_folders: "{{ existing_group_folders.stdout | from_json }}"

    # Create group folders that did not exist yet
    - name: create non-existing folders
      command: "/usr/bin/php occ groupfolders:create {{ item.name }}"
      args:
        chdir: /var/www/nextcloud
      with_items: "{{ nextcloud.groupfolders }}"
      when: group_folders | selectattr(search_key, 'equalto', search_val) | list | count == 0
      vars:
        search_key: "mount_point"
        search_val: "{{ item.name }}"

    # Get list of existing group folders AGAIN and set them as fact
    - name: get list of group folders again
      check_mode: no
      command: '/usr/bin/php occ groupfolders:list --output json'
      args:
        chdir: /var/www/nextcloud
      register: existing_group_folders

    - set_fact:
        group_folders: "{{ existing_group_folders.stdout | from_json }}"

    # Set quota for folders where it does not match
    - name: set group folder quota
      command: "/usr/bin/php occ groupfolders:quota {{ (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).id }} {{ item.quota }}"
      args:
        chdir: /var/www/nextcloud
      with_items: "{{ nextcloud.groupfolders }}"
      when: (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).quota != item.quota
      vars:
        search_key: "mount_point"
        search_val: "{{ item.name }}"

    # We search for some random name so that the LDAP data cache gets updated
    - name: update LDAP cache
      command: "/usr/bin/php occ ldap:search random_string_to_update_cache"
      args:
        chdir: /var/www/nextcloud
      changed_when: False

    # Set folder permissions if they are not correct yet
    - name: Set folder permissions
      command: "/usr/bin/php occ groupfolders:group {{ (group_folders | selectattr(search_key, 'equalto', search_val) | list | first).id }} {{ item.1 }} write share delete"
      args:
        chdir: /var/www/nextcloud
      # Only execute when the permissions of the group for that folder are not "31" (31 is write, share, delete)
      when: ((group_folders | selectattr(search_key, 'equalto', search_val) | list | first).groups[item.1] is undefined) or
            ((group_folders | selectattr(search_key, 'equalto', search_val) | list | first).groups[item.1] != 31)
      loop: "{{ nextcloud.groupfolders | subelements('groups') }}"
      vars:
        search_key: "mount_point"
        search_val: "{{ item.0.name }}"