Add cron and fix database maintenance task

README.md

@@ -26,11 +26,28 @@ and services operated by Free I.T. Athens (FRITA).
 4. Run `ansible-playbook` against the production servers, e.g.,
 
     ```
-    ansible-playbook -u root -i environments/production --vault-pass-file ./.ansible_vault webserver.yml --check
+    ansible-playbook -u root -i environments/production --vault-pass-file ./.ansible_vault webserver.yml --diff --check
     ```
 
 5. Delete the `.ansible_vault` file when you are done
 
+### Using Ansible Vault to add or rotate values
+Do not submit ciphertext into Ansible Vault with the indention formatting.<br />
+To submit, press `CTRL+d` twice.
+
+- Decrypt Ansible Vault values
+
+    ```
+    ansible-vault decrypt --vault-pass-file .ansible_vault
+    ```
+
+- Encrypt new Ansible Vault values
+
+    ```
+    ansible-vault encrypt --vault-pass-file .ansible_vault
+    ```
+    - e.g., `pwgen -s 100 1 | ansible-vault encrypt --vault-pass-file .ansible_vault`
+
 ## Authors
 * **Kris Lamoureux** - *Project Founder* - [@krislamo](https://github.com/krislamo)
 

roles/common/defaults/main.yml

@@ -1,2 +1,4 @@
 packages:
   - dnsutils
+  - ncdu
+  - tree

roles/webserver/files/docker-compose.yml

@@ -3,13 +3,10 @@ version: '3.5'
 volumes:
   wordpress:
   nextcloud:
-  postgres:
 
 networks:
   traefik:
     name: traefik
-  postgres:
-    name: postgres
 
 services:
   traefik:
@@ -111,36 +108,3 @@ services:
       - traefik
     extra_hosts:
       - host.docker.internal:host-gateway
-
-  timetrex:
-    image: freeitathens/timetrex:${TIMETREX_VERSION:-latest}
-    restart: always
-    environment:
-      POSTGRES_PASSWORD: password
-      POSTGRES_HOST: postgres
-    links:
-      - postgres
-    labels:
-      traefik.http.routers.timetrex.rule: "Host(`${TIMETREX_DOMAIN:-time.local.freeitathens.org}`)"
-      traefik.http.routers.timetrex.entrypoints: websecure
-      traefik.http.routers.timetrex.tls: true
-      traefik.http.routers.timetrex.tls.certresolver: letsencrypt
-      traefik.http.routers.timetrex.tls.domains[0].main: ${TRAEFIK_ACME_DOMAIN_MAIN:-local.freeitathens.org}
-      traefik.http.routers.timetrex.tls.domains[0].sans: "${TRAEFIK_ACME_DOMAIN_SANS:-*.local.freeitathens.org}"
-      traefik.http.services.timetrex.loadbalancer.server.port: 80
-      traefik.docker.network: traefik
-      traefik.enable: ${NEXTCLOUD_WEB_ENABLED:-true}
-    networks:
-      - postgres
-      - traefik
-
-  postgres:
-    image: postgres:13-bullseye
-    volumes:
-      - postgres:/var/lib/postgresql/data
-    environment:
-      POSTGRES_DB: timetrex
-      POSTGRES_USER: timetrex
-      POSTGRES_PASSWORD: password
-    networks:
-      - postgres

roles/webserver/handlers/nextcloud.yml

@@ -24,6 +24,15 @@
   listen: composeup_webserver
   when: nextcloud_install.changed
 
+- name: Install Nextcloud background jobs cron
+  ansible.builtin.cron:
+    name: Nextcloud background job
+    minute: "*/5"
+    job: "/usr/bin/docker exec -u www-data webserver_nextcloud_1 /usr/local/bin/php -f /var/www/html/cron.php"
+    user: root
+  listen: composeup_webserver
+  when: nextcloud_install.changed
+
 - name: Preform Nextcloud database maintenance
   ansible.builtin.command: "docker exec --user www-data {{ webserver_root | basename }}_nextcloud_1 {{ item }}"
   loop:
@@ -32,4 +41,4 @@
     - "php occ db:convert-filecache-bigint"
     - "php occ maintenance:mode --off"
   listen: composeup_webserver
-  when: "'  - needsDbUpgrade: true' in nextcloud_status.stdout_lines"
+  when: "'  - needsDbUpgrade: true' in nextcloud_status.stdout_lines or nextcloud_install.changed"