# Install Nextcloud and Gitea This guide will assist you to quickly configure ansible project, for deployment of Nexcloud (NC) and Gitea(GT). **During deployment of applications following actions will be done** * Docker / Docker compose will be installed. * Installation of NC * Configuration of NC * Installation of GT * Configuration of GT * OS hardening will be done (Devsec and fail2ban configs). * Nginx setup * Reverse proxy setup * Lets encrypt setuo * Opening of upstreams on nginx #### Steps to configure and execute playbook 1. Change Internal IP address in following files * Go to roles -> next-cloud -> defaults -> main.yml, Provide internal ip address of VPS at following field ```` service: ip: 192.168.0.0 port: 9080 ```` * Go to roles -> git-tea -> defaults -> main.yml ```` internal_ip: 192.168.0.0 ```` * Go to playbooks -> nginx-playbook.yml ```` nginx_revproxy_sites: drive.smarticlelabs.com: domains: - drive.smarticlelabs.com upstreams: - { backend_address: 192.168.0.0, backend_port: 9080 } ```` ```` source.smarticlelabs.com: domains: - source.smarticlelabs.com upstreams: - { backend_address: 10.0.0.2, backend_port: 3000 } ```` 2. Now you need to provide domain and sub domain * Go to playbooks -> nginx-playbook.yml ```` nginx_revproxy_sites: subdomain.yourdomain.com: domains: - subdoamin.yourdomain.com ```` ```` subdomaintwo.yourdomain.com: domains: - subdomaintwo.yourdomain.com ```` * Go to roles -> next-cloud -> defaults -> main.yml ```` next_cloud_domain: https://subdoamin.yourdomain.com ```` * Go to roles -> git-tea -> defaults -> main.yml ```` app: domain: subdomaintwo.yourdomain.com name : SmarticleLabs mode : prod disable_ssh : false http_port : 3000 root_url : https://subdomaintwo.yourdomain.com ```` 3. Now you need to provide your VPS external/public ip and ssh key path in inventory, So to do that * Navigate to inventory -> inventory.ini file * provide external/public ip * provide path to your ssh public key 4. Finally you need to run following playbooks in suggested order * $ansible-playbook -i inventory/inventory.ini playbooks/docker-playbook.yml * $ansible-playbook -i inventory/inventory.ini playbooks/next-cloud-playbook.yml * $ansible-playbook -i inventory/inventory.ini playbooks/git-tea-playbook.yml * $ansible-playbook -i inventory/inventory.ini playbooks/os-hardening.yml * $ansible-playbook -i inventory/inventory.ini playbooks/nginx-playbook.yml 5. And you are done ;-) Wait for few mins, let `nginx-playbook` issue ssl certificate and register against your domain.