From 84b509ec37005eeeb4bed16891f27169d14f788e Mon Sep 17 00:00:00 2001
From: Fabio Sinibaldi <fabio.sinibaldi@isti.cnr.it>
Date: Mon, 15 Jun 2026 16:49:01 +0200
Subject: [PATCH 1/5] Nextcloud AIO

---
 ansible/inventories/externals.yaml            | 17 ++++++++
 ansible/playbooks/nextcloud.yaml              | 13 +-----
 .../roles/nextcloud_aio/defaults/main.yaml    |  3 ++
 .../roles/nextcloud_aio/meta/main.yml         |  2 -
 .../tasks/nextcloud_docker_aio.yaml           | 43 ++++++++++++-------
 5 files changed, 50 insertions(+), 28 deletions(-)
 create mode 100644 ansible/inventories/externals.yaml
 create mode 100644 ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml
 delete mode 100644 ansible/playbooks/roles/nextcloud_aio/meta/main.yml

diff --git a/ansible/inventories/externals.yaml b/ansible/inventories/externals.yaml
new file mode 100644
index 0000000..3f7b083
--- /dev/null
+++ b/ansible/inventories/externals.yaml
@@ -0,0 +1,17 @@
+---
+externals:
+    children:
+      nextcloud:
+        hosts:
+          c-service.sse.cloud.isti.cnr.it
+      rup_tests:
+        hosts:
+          liquid:
+            ansible_host: 146.48.108.15
+          nextrup_copy_test:
+            ansible_host: 146.48.108.16
+      misc_tests:
+        hosts:
+          bigbrain:
+            ansible_host: 146.48.108.14
+          
diff --git a/ansible/playbooks/nextcloud.yaml b/ansible/playbooks/nextcloud.yaml
index 8d0b34e..01b76e4 100644
--- a/ansible/playbooks/nextcloud.yaml
+++ b/ansible/playbooks/nextcloud.yaml
@@ -1,17 +1,8 @@
 ---
 - name: Install Nextcloud AIO Docker
-  hosts: all
+  hosts: nextcloud
   become: true
-  vars:
-    pip_install_packages:
-      - name: docker
-    docker_version: "=5:28.2.2-1~ubuntu.24.04~noble"
-    docker_users:
-      - fabio
-      - ansible
-
 
   roles: 
-    - geerlingguy.pip
     - geerlingguy.docker
-    # - nextcloud_aio
+    - nextcloud_aio
diff --git a/ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml b/ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml
new file mode 100644
index 0000000..72ab502
--- /dev/null
+++ b/ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml
@@ -0,0 +1,3 @@
+nextcloud_docker_image_tag: latest
+nextcloud_docker_skip_domain_validation: "true"
+nextcloud_docker_mastercontainer_volume_dir: /usr/data/nextcloud_aio_mastercontainer
\ No newline at end of file
diff --git a/ansible/playbooks/roles/nextcloud_aio/meta/main.yml b/ansible/playbooks/roles/nextcloud_aio/meta/main.yml
deleted file mode 100644
index b456d40..0000000
--- a/ansible/playbooks/roles/nextcloud_aio/meta/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-dependencies:
-  - role: docker
\ No newline at end of file
diff --git a/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml b/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
index 65a06bb..ef2c22f 100644
--- a/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
+++ b/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
@@ -1,18 +1,31 @@
 ---
-- name: Create volumes 
-  debug:
-    msg:
-    - "TODO!!!"
+- name: Pull docker image
+  docker_image:
+    name: "nextcloud/all-in-one"
+    tag: "{{ nextcloud_docker_image_tag }}"
+    source: pull
 
-- name: Download compose file 
-  become: true
-  become_user: docker
-  ansible.builtin.git:
-    repo: "https://gitea-s2i2s.isti.cnr.it/sinibaldi/SSE-Lab"
-    dest: SSE-Lab
+- name: Create Master Container volume dir
+  file:
+    path: "{{ nextcloud_docker_mastercontainer_volume_dir }}"
+    state: directory
+    mode: "0766"
 
-- name: create and start docker compose services
-  become: true
-  become_user: docker
-  community.docker.docker_compose_v2:
-    project_src: ~/SSE-Lab/dockerized/nextcloud-aio/compose.yaml
+- name: Create container
+  docker_container:
+    name: nextcloud-aio-mastercontainer
+    image: nextcloud/all-in-one
+    ports:
+      - "8080:8080"
+      - "80:80"
+      - "8443:8443"
+    env:
+      APACHE_PORT: "11000"
+      APACHE_IP_BINDING: "0.0.0.0"
+      APACHE_ADDITIONAL_NETWORK: ""
+      SKIP_DOMAIN_VALIDATION: "{{ nextcloud_docker_skip_domain_validation }}"
+    volumes:
+      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    restart_policy : "always"
+    init : true
\ No newline at end of file
-- 
2.17.1


From e320843d5a2fcc4ff27d03a9c42451c73a1db81b Mon Sep 17 00:00:00 2001
From: Fabio Sinibaldi <fabio.sinibaldi@isti.cnr.it>
Date: Tue, 16 Jun 2026 12:04:56 +0200
Subject: [PATCH 2/5] Fixed N Aio image tag and name

---
 ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml      | 1 +
 .../roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml       | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml b/ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml
index 72ab502..cea8237 100644
--- a/ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml
+++ b/ansible/playbooks/roles/nextcloud_aio/defaults/main.yaml
@@ -1,3 +1,4 @@
+nextcloud_docker_image_name: "ghcr.io/nextcloud-releases/all-in-one"
 nextcloud_docker_image_tag: latest
 nextcloud_docker_skip_domain_validation: "true"
 nextcloud_docker_mastercontainer_volume_dir: /usr/data/nextcloud_aio_mastercontainer
\ No newline at end of file
diff --git a/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml b/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
index ef2c22f..866184f 100644
--- a/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
+++ b/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
@@ -1,7 +1,7 @@
 ---
 - name: Pull docker image
   docker_image:
-    name: "nextcloud/all-in-one"
+    name: "{{ nextcloud_docker_image_name }}"
     tag: "{{ nextcloud_docker_image_tag }}"
     source: pull
 
@@ -14,7 +14,7 @@
 - name: Create container
   docker_container:
     name: nextcloud-aio-mastercontainer
-    image: nextcloud/all-in-one
+    image: "{{ nextcloud_docker_image_name }}"
     ports:
       - "8080:8080"
       - "80:80"
-- 
2.17.1


From dd585233e27433251a5566a870517bccdb2f535e Mon Sep 17 00:00:00 2001
From: Fabio Sinibaldi <fabio.sinibaldi@isti.cnr.it>
Date: Fri, 19 Jun 2026 16:06:39 +0200
Subject: [PATCH 3/5] inventory update

---
 ansible/inventories/externals.yml | 13 -------------
 ansible/inventories/sifi.yaml     |  2 +-
 2 files changed, 1 insertion(+), 14 deletions(-)
 delete mode 100644 ansible/inventories/externals.yml

diff --git a/ansible/inventories/externals.yml b/ansible/inventories/externals.yml
deleted file mode 100644
index 75abd62..0000000
--- a/ansible/inventories/externals.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-externals:
-    children:
-      rup_tests:
-        hosts:
-          liquid:
-            ansible_host: 146.48.108.15
-          nextrup_copy_test:
-            ansible_host: 146.48.108.16
-      misc_tests:
-        hosts:
-          bigbrain:
-            ansible_host: 146.48.108.14
-          
diff --git a/ansible/inventories/sifi.yaml b/ansible/inventories/sifi.yaml
index 031ad4f..f79f6d6 100644
--- a/ansible/inventories/sifi.yaml
+++ b/ansible/inventories/sifi.yaml
@@ -10,7 +10,7 @@ sifi:
         # ansible_host: 10.20.30.111
     wireguard_server:
       hosts:
-        wireguarder.sifi.isti.cnr.it:
+        vpn-1.sse.cloud.isti.cnr.it:
         #  ansible_host: 146.48.108.13
     nameserver:
       hosts:
-- 
2.17.1


From 8b4d7737e191893f83d28ba01316e67ce45c7e5c Mon Sep 17 00:00:00 2001
From: Fabio Sinibaldi <fabio.sinibaldi@isti.cnr.it>
Date: Fri, 19 Jun 2026 16:06:58 +0200
Subject: [PATCH 4/5] wireguard key fabio

---
 ansible/inventories/group_vars/wireguard_server/sifi.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/inventories/group_vars/wireguard_server/sifi.yaml b/ansible/inventories/group_vars/wireguard_server/sifi.yaml
index 9f6edae..906eaac 100644
--- a/ansible/inventories/group_vars/wireguard_server/sifi.yaml
+++ b/ansible/inventories/group_vars/wireguard_server/sifi.yaml
@@ -8,5 +8,5 @@ wg_server_address: 192.168.99.1/32
 
 wg_peers:  
   - name: fabio_test
-    publicKey: "dzODOKndtafZSf2GqvClFdxrpwyNJnZ/AsZkNl+ovEE="
+    publicKey: "byR/8T9AZK2t1cxDCLVzdLXsxcUPRXA06CnfI8gwQyY="
     allowedIP: "192.168.99.4/32"
\ No newline at end of file
-- 
2.17.1


From 57eeda2a5214f4730843a8fe726ecd503aa74d8b Mon Sep 17 00:00:00 2001
From: Fabio Sinibaldi <fabio.sinibaldi@isti.cnr.it>
Date: Fri, 19 Jun 2026 16:07:15 +0200
Subject: [PATCH 5/5] Make Apache listen to 443

---
 .../roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml b/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
index 866184f..04b21d4 100644
--- a/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
+++ b/ansible/playbooks/roles/nextcloud_aio/tasks/nextcloud_docker_aio.yaml
@@ -20,7 +20,7 @@
       - "80:80"
       - "8443:8443"
     env:
-      APACHE_PORT: "11000"
+      APACHE_PORT: "443"
       APACHE_IP_BINDING: "0.0.0.0"
       APACHE_ADDITIONAL_NETWORK: ""
       SKIP_DOMAIN_VALIDATION: "{{ nextcloud_docker_skip_domain_validation }}"
-- 
2.17.1