env-ansible/tasks/server/software/onlyoffice.yml

---
# Create OnlyOffice server for use with Nextcloud.

## Pre-Reqs ##

- name: Server | OnlyOffice | Pre-Requirements | Install
  package: 
    name: 
      - gnupg
      - python3-certbot-nginx
    state: present


## Install ##
# https://helpcenter.onlyoffice.com/installation/docs-community-install-ubuntu.aspx

# Dependencies #

- name: Server | OnlyOffice | Postgres | Install
  package: 
    name: postgresql
    state: present

- name: Server | OnlyOffice | Postgres | Configure
  shell: '{{ item }}'
  loop:
    - psql -c "CREATE DATABASE onlyoffice;"
    - psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';"
    - psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
  become_user: postgres
  ignore_errors: yes

- name: Server | OnlyOffice | RabbitMQ | Install
  package: 
    name: rabbitmq-server
    state: present

# Actual Program #

- name: Server | OnlyOffice | Docs | Add Repo
  shell: '{{ item }}'
  loop:
    - apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5
    - echo "deb https://download.onlyoffice.com/repo/debian squeeze main" | tee /etc/apt/sources.list.d/onlyoffice.list
    - apt update

- name: Server | OnlyOffice | Docs | Install
  package: 
    name: 
      - ttf-mscorefonts-installer
      - onlyoffice-documentserver
    state: present


# 2022-04-13 Looks like this went live too early, finish commenting it out.
## HTTPS ##
# https://helpcenter.onlyoffice.com/installation/docs-community-https-linux.aspx

# Certs #

#- name: Server | OnlyOffice | HTTPS | Check For Cert
#  shell: "ls -l /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/{fullchain,privkey}.pem"
#  register: onlyoffice_cert
#  ignore_errors: yes
#
#- name: Server | OnlyOffice | HTTPS | Create Cert
#  shell: "certbot --nginx -d {{ ansible_hostname }}.{{ domain }}"
#  when: onlyoffice_cert.failed

# Config #

#- name: Server | OnlyOffice | HTTPS | Check For Config
#  shell: ls -l /etc/onlyoffice/documentserver/nginx/ds.conf
#  register: onlyoffice_cert
#
#- name: Server | OnlyOffice | HTTPS | Create Config
#  shell: cp -f /etc/onlyoffice/documentserver/nginx/ds-ssl.conf.tmpl /etc/onlyoffice/documentserver/nginx/ds.conf
#  when: onlyoffice_cert.failed
#
#- name: Server | OnlyOffice | HTTPS | Modify Config
#  lineinfile:
#    path: /etc/onlyoffice/documentserver/nginx/ds.conf
#    regexp: '{{ item.regexp }}'
#    line: '{{ item.line }}; # MANAGED BY ANSIBLE'
#    state: present
#    create: no
#    backup: yes
#  loop:
#    - { "regexp": "ssl_certificate ", "line": "  ssl_certificate /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/fullchain.pem" }
#    - { "regexp": "ssl_certificate_key ", "line": "  ssl_certificate_key /etc/letsencrypt/live/{{ ansible_hostname }}.{{ domain }}/privkey.pem" }

# Services #

- name: Server | OnlyOffice | HTTPS | Reload nginx
  service:
    name: nginx
    status: reloaded
  ignore_errors: yes