# vim: ft=yaml.ansible
---
- name: Create Nextcloud apache2 directory
  ansible.builtin.file:
    name: "{{ services.nextcloud.volume }}/apache2"
    owner: root
    mode: u=rwx,g=rx,o=rx
    state: directory

- name: Create Nextcloud app directory
  ansible.builtin.file:
    name: "{{ services.nextcloud.volume }}/app"
    owner: root
    group: '33'
    mode: u=rwx,g=rx,o=rx
    state: directory

- name: Create Nextcloud PostgreSQL directory
  ansible.builtin.file:
    name: "{{ services.nextcloud.volume }}/postgres"
    owner: '70'
    mode: u=rwx,go=
    state: directory

- name: Copy Apache2 config files
  ansible.builtin.copy:
    src: nextcloud/apache2/{{ file }}
    dest: "{{ services.nextcloud.volume }}/apache2/{{ file }}"
    owner: root
    mode: u=rw,g=r,o=r
  loop:
    - apache2.conf
    - remoteip.conf
  loop_control:
    loop_var: file

- name: Deploy Nextcloud with Docker Compose
  community.docker.docker_compose:
    project_name: nextcloud
    state: "{{ 'absent' if stop is defined and stop else 'present' }}"
    restarted: "{{ stop is undefined or not stop }}"
    pull: true
    definition:
      version: '3.8'

      services:
        postgres:
          image: postgres:{{ services.nextcloud.postgres_version }}
          restart: always
          environment:
            POSTGRES_DB: nextcloud
            POSTGRES_USER: nextcloud
            POSTGRES_PASSWORD: "{{ secrets.nextcloud.postgres_pw }}"
          volumes:
            - "{{ services.nextcloud.volume }}/postgres:/var/lib/postgresql/data:rw"

        redis:
          image: redis:{{ services.nextcloud.redis_version }}
          restart: always
          command: redis-server --requirepass {{ secrets.nextcloud.redis_pw }}
          tmpfs:
            - /var/lib/redis

        app:
          image: nextcloud:{{ services.nextcloud.version }}
          restart: always
          environment:
            POSTGRES_HOST: postgres
            POSTGRES_DB: nextcloud
            POSTGRES_USER: nextcloud
            POSTGRES_PASSWORD: "{{ secrets.nextcloud.postgres_pw }}"
            REDIS_HOST: redis
            REDIS_HOST_PASSWORD: "{{ secrets.nextcloud.redis_pw }}"
            MAIL_FROM_ADDRESS: noreply
            MAIL_DOMAIN: "{{ services.nextcloud.domain }}"
            SMTP_AUTHTYPE: PLAIN
            SMTP_HOST: postfix
            SMTP_PORT: 587
            TRUSTED_PROXIES: "{{ services.caddy.docker_ipv4 }}"
            OVERWRITEHOST: "{{ services.nextcloud.domain }}"
            OVERWRITEPROTOCOL: https
            OVERWRITECLIURL: https://{{ services.nextcloud.domain }}
            NEXTCLOUD_INIT_LOCK: 'true'
            PHP_MEMORY_LIMIT: 2G
            PHP_UPLOAD_LIMIT: 16G
          networks:
            default:
            postfix:
            services:
              aliases:
                - nextcloud
          volumes:
            - "{{ services.nextcloud.volume }}/app:/var/www/html:rw"
            - "{{ services.nextcloud.volume }}/apache2/apache2.conf:/etc/apache2/apache2.conf:ro"
            - "{{ services.nextcloud.volume }}/apache2/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro"
          depends_on:
            - postgres
            - redis

        cron:
          image: nextcloud:{{ services.nextcloud.version }}
          restart: always
          entrypoint: /cron.sh
          volumes:
            - "{{ services.nextcloud.volume }}/app:/var/www/html:rw"
          depends_on:
            - app

      networks:
        postfix:
          external: true
        services:
          external: true