From 6bbaf624f219dbd1960f3eecdf4d3f6502367f6b Mon Sep 17 00:00:00 2001
From: mwiegand <mwiegand@seibert-media.net>
Date: Sun, 20 Jun 2021 15:09:33 +0200
Subject: [PATCH] wip

---
 bundles/gocryptfs/items.py    |  1 +
 bundles/nextcloud/items.py    | 78 ++++++++++++++++++++++++++++++++++-
 bundles/nextcloud/metadata.py | 25 +++++++++++
 3 files changed, 103 insertions(+), 1 deletion(-)

diff --git a/bundles/gocryptfs/items.py b/bundles/gocryptfs/items.py
index 2e2e199..43967b9 100644
--- a/bundles/gocryptfs/items.py
+++ b/bundles/gocryptfs/items.py
@@ -33,6 +33,7 @@ for path, options in node.metadata.get('gocryptfs/paths').items():
     directories[options['mountpoint']] = {
         'owner': None,
         'group': None,
+        'mode': None,
         'preceded_by': [
             f'svc_systemd:gocryptfs-{options["id"]}:stop',
         ],
diff --git a/bundles/nextcloud/items.py b/bundles/nextcloud/items.py
index 5ef3b0b..6b9f32a 100644
--- a/bundles/nextcloud/items.py
+++ b/bundles/nextcloud/items.py
@@ -1,5 +1,10 @@
 assert node.has_bundle('php')
 
+from shlex import quote
+
+def occ(command, *args, **kwargs):
+    return f"""sudo -u www-data php /opt/nextcloud/occ {command} {' '.join(args)} {' '.join(f'--{name.replace("_", "-")}' + (f'={value}' if value else '') for name, value in kwargs.items())}"""
+
 version = node.metadata.get('nextcloud/version')
 
 downloads[f'/tmp/nextcloud-{version}.tar.bz2'] = {
@@ -9,6 +14,14 @@ downloads[f'/tmp/nextcloud-{version}.tar.bz2'] = {
 }
 
 directories['/opt/nextcloud'] = {}
+directories['/opt/nextcloud/config'] = {
+    'owner': 'www-data',
+    'group': 'www-data',
+}
+directories['/opt/nextcloud/apps'] = {
+    'owner': 'www-data',
+    'group': 'www-data',
+}
 
 actions['extract_nextcloud'] = {
     'command': f'tar xfvj /tmp/nextcloud-{version}.tar.bz2 --strip 1 -C /opt/nextcloud nextcloud',
@@ -21,7 +34,70 @@ actions['extract_nextcloud'] = {
     ],
 }
 
-directories['/var/lib/nextcloud'] = {
+actions['chown_/opt/nextcloud/apps'] = {
+    'command': 'chown -R www-data:www-data /opt/nextcloud/apps',
+    'unless': '! stat -c "%U:%G" /opt/nextcloud/apps/* | grep -vq www-data:www-data',
+    'needs': [
+        'action:extract_nextcloud',
+    ],
+}
+actions['chown_/opt/nextcloud/config'] = {
+    'command': 'chown -R www-data:www-data /opt/nextcloud/config',
+    'unless': '! stat -c "%U:%G" /opt/nextcloud/config/* | grep -vq www-data:www-data',
+    'needs': [
+        'action:extract_nextcloud',
+    ],
+}
+
+directories[node.metadata.get('nextcloud/data_dir')] = {
     'owner': 'www-data',
     'group': 'www-data',
+    'mode': '0770',
+}
+
+actions['install_nextcloud'] = {
+    'command': occ(
+        'maintenance:install',
+        no_interaction=None,
+        database='pgsql',
+        database_name='nextcloud',
+        database_host='localhost',
+        database_user='nextcloud',
+        database_pass=node.metadata.get('postgresql/roles/nextcloud/password'),
+        admin_user='admin',
+        admin_pass=node.metadata.get('nextcloud/admin_pass'),
+        data_dir=node.metadata.get('nextcloud/data_dir'),
+    ),
+    'unless': occ('status') + ' | grep -q "installed: true"',
+    'needs': [
+        f"directory:{node.metadata.get('nextcloud/data_dir')}",
+        'directory:/opt/nextcloud',
+        'directory:/opt/nextcloud/config',
+        'directory:/opt/nextcloud/apps',
+        'action:chown_/opt/nextcloud/config',
+        'action:chown_/opt/nextcloud/apps',
+        'action:extract_nextcloud',
+    ],
+    'preceded_by': [
+        f'download:/tmp/nextcloud-{version}.tar.bz2',
+    ],
+}
+
+actions['upgrade_nextcloud'] = {
+    'command': occ('upgrade'),
+    'unless': occ('status') + ' | grep -q "installed: true"',
+    'needs': [
+        'action:install_nextcloud',
+    ],
+}
+
+actions['nextcloud_add_missing_inidces'] = {
+    'command': occ('db:add-missing-indices'),
+    'needs': [
+        'action:upgrade_nextcloud',
+    ],
+    'triggered': True,
+    'triggered_by': [
+        f'action:extract_nextcloud',
+    ],
 }
diff --git a/bundles/nextcloud/metadata.py b/bundles/nextcloud/metadata.py
index fa1fc51..b7e2d22 100644
--- a/bundles/nextcloud/metadata.py
+++ b/bundles/nextcloud/metadata.py
@@ -27,4 +27,29 @@ defaults = {
             },
         },
     },
+    'nextcloud': {
+        'data_dir': '/var/lib/nextcloud',
+        'admin_user': 'admin',
+        'admin_pass': repo.vault.password_for(f'{node.name} nextcloud admin pw'),
+    },
+    'nginx': {
+        'vhosts': {
+            'nextcloud': {
+                'webroot': '/opt/nextcloud',
+                'php': True,
+            },
+        },
+    },
+    'postgresql': {
+        'roles': {
+            'nextcloud': {
+                'password': repo.vault.password_for(f'{node.name} nextcloud db pw'),
+            },
+        },
+        'databases': {
+            'nextcloud': {
+                'owner': 'nextcloud',
+            },
+        },
+    },
 }