The ownCloud configuration file does not get touched. The virtual host
configuration is modified by sovereign but can be updated in place and
Apache restarted.
- Remove unnecessary dependencies
- Clean up postgresql server setup
- Install from official package repository
- Expect package installer to enable modules that are needed
- Update virtual host config with owncloud 8.2 configuration
- Update post-deploy instructions
Avoid using the Include directive. Move most of the SSL configuration
to the global configuration and leave enabling the SSL engine to each
virtual host that wants to use it.
Use "modern" SSLCipherSuite per Mozilla recommendations.
See https://wiki.mozilla.org/Security/Server_Side_TLS for details.
Removes RC4 cipher. Fixes issue #341.
Also explicitly disabled SSLCompression and enables OCSP stapling.
We should put all these settings in
/etc/apache2/mods-enabled/ssl.conf
to avoid duplication...
Added rules for dealing with old virtualhost files in
/etc/apache2/sites-available and old (dangling) symlinks in
/etc/apaches/sites-enabled.
Also, remove unnecessary apache2 restart after creating a new
virtualhost but not yet enabling it.
* Postfix: Trusty comes with postgresql 9.3, not 9.1
* owncloud 6.0.1 is part of the distribution, doesn't require opensuse repository
* owncloud requires libapache2-mod-php5
* uses prosody repository that matches the ansible_distribution_release (trusty, wheezy, etc)
The virtual site files must be owned by root (serious security issue)
and they must have the .conf filename suffix for a2ensite on
Ubuntu 14.04LTS (apache 2.4.7).
Remove all configuration for MySQL and configure PostgreSQL as the main
database.
All *_mysql_* options have been changed to *_db_* options.
Postgres requires the database user to have a password in order to
connect via localhost. The db_admin_password option is used to set the
password of the admin user (usually postgres).