--- # ================================================================= # Nextcloud Cloud Storage Role - Default Variables # ================================================================= # Self-contained Nextcloud deployment with FPM, PostgreSQL, and Valkey # ================================================================= # Service Configuration # ================================================================= # Service user and directories nextcloud_user: nextcloud nextcloud_group: nextcloud nextcloud_home: /opt/nextcloud nextcloud_html_dir: "{{ nextcloud_home }}/html" nextcloud_data_dir: "{{ nextcloud_home }}/data" nextcloud_config_dir: "{{ nextcloud_home }}/config" nextcloud_custom_apps_dir: "{{ nextcloud_home }}/custom_apps" # Container configuration (FPM variant) nextcloud_version: "stable-fpm" nextcloud_image: "docker.io/library/nextcloud" nextcloud_fpm_port: 9001 # Internal FPM port (published to 127.0.0.1, Authentik uses 9000) # Service management nextcloud_service_enabled: true nextcloud_service_state: "started" # ================================================================= # Database Configuration (Self-managed) # ================================================================= nextcloud_db_name: "nextcloud" nextcloud_db_user: "nextcloud" nextcloud_db_password: "{{ vault_nextcloud_db_password }}" # ================================================================= # Cache Configuration (Self-managed) # ================================================================= nextcloud_valkey_db: 2 # Use database 2 (Authentik uses 1) # ================================================================= # Network Configuration # ================================================================= nextcloud_domain: "cloud.jnss.me" # ================================================================= # Nextcloud Core Configuration # ================================================================= # Admin user (auto-configured on first run) nextcloud_admin_user: "admin" nextcloud_admin_password: "{{ vault_nextcloud_admin_password }}" # Trusted domains (space-separated) nextcloud_trusted_domains: "{{ nextcloud_domain }}" # Reverse proxy configuration nextcloud_overwriteprotocol: "https" # ================================================================= # PHP Configuration # ================================================================= nextcloud_php_memory_limit: "512M" nextcloud_php_upload_limit: "512M" # ================================================================= # Background Jobs Configuration # ================================================================= nextcloud_background_jobs_mode: "cron" # Options: ajax, webcron, cron nextcloud_cron_interval: "5min" # How often cron runs (systemd timer) # ================================================================= # Maintenance Configuration # ================================================================= nextcloud_maintenance_window_start: 4 # Start hour (UTC) for maintenance window nextcloud_default_phone_region: "NO" # Default phone region code (ISO 3166-1 alpha-2) # ================================================================= # Caddy Integration # ================================================================= # Caddy configuration (assumes caddy role provides these variables) caddy_sites_enabled_dir: "/etc/caddy/sites-enabled" caddy_log_dir: "/var/log/caddy" caddy_user: "caddy" # ================================================================= # Infrastructure Dependencies (Read-only) # ================================================================= # These variables reference infrastructure services defined by their roles # Applications MUST NOT modify these values - they are provided by infrastructure # PostgreSQL socket configuration (managed by postgresql role) postgresql_unix_socket_directories: "/var/run/postgresql" postgresql_client_group: "postgres-clients" postgresql_port: 5432 postgresql_unix_socket_enabled: true # Valkey socket configuration (managed by valkey role) valkey_unix_socket_path: "/var/run/valkey/valkey.sock" valkey_password: "{{ vault_valkey_password }}" valkey_client_group: "valkey-clients" valkey_unix_socket_enabled: true