Add basic nextcloud deployment

Uses php-fpm image and is served through a simple caddy server.
Automatically deploys by default and can be automatically deployed with
smtp e-mail sending and s3 primary object storage optionally if desired.

Utilizes some necessary hackery for container ordering and startup so
startup is relatively slow (takes around 2-5 minutes at least) but once
running should be stable and uninterrupted.

Implements health-checks for all involved containers.

Switch apache for php-fpm image

roles/nextcloud/README.md

@@ -0,0 +1,136 @@
+# Nextcloud
+
+A full office suite and groupware proposition,
+though its main draw for most is the file synchronization abilities.
+AKA Dropbox replacement.
+
+This software can grow enormous and enormously complicated, 
+this Ansible setup role concentrates on 3 things:
+* a stable and secure base setup from the official docker container
+* automatic setup of an email pipeline so users can reset passwords and be updated of changes
+* the ability to use S3 object storage as the primary way of storing users' files
+
+The rest should be taken care of either automatically, 
+or supplied after the fact (if using different plugins or similar).
+
+## Defaults
+
+```yml
+nextcloud_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}"
+```
+
+The on-target directory where the proxy configuration files should be stashed.
+
+```yml
+nextcloud_use_https: true
+```
+
+Whether the service should be reachable through http (port 80) or through https (port 443) and provision an https certificate. Usually you will want this to stay `true` if facing the public internet.
+
+```yml
+nextcloud_version: fpm
+nextcloud_db_version: 12
+```
+
+The docker image version to be used in stack creation. 
+The role sets up the `php-fpm` version of the official Nextcloud image.
+That means, Caddy is used in front as the server which presents all pages
+and access to files, the Nextcloud image itself only serves as the PHP data store.
+
+If changing the version to one relying on Nextcloud's in-built Apache server,
+take care to change where the upstream proxy is pointing to since the Caddy server in front loses its meaning.
+
+The second variable points to the docker image that should be used for the PostgreSQL database,
+with 12 pre-filled as default. 
+You can put this to latest, but should take care to migrate the database correctly when an update rolls around,
+or it *will* destroy your data at some point.
+Generally, it seems easier to pin this to a specific version and then only update manually.
+
+```yml
+subdomain_alias: files
+```
+
+If the deployed container should be served over a uri that is not the stack name. 
+By default, it will be set to `files.yourdomain.com`  - 
+if this option is not set it will be served on `nextcloud.yourdomain.com` instead.
+If you change or delete this, you should also change what `nextcloud_trusted_domains` points to.
+
+## Basic setup
+
+```yml
+nextcloud_app_admin_username: mynextcloudusername
+nextcloud_app_admin_password: mynextcloudpassword
+nextcloud_redis_password: myredispass
+nextcloud_db_username: nextcloud
+nextcloud_db_password: secretnextcloud
+```
+
+Sets the default username and password for application and database.
+All of these variables are necessary to circumvent the manual installation process 
+you would usually be faced with on first creating a Nextcloud instance.
+Ideally change all of these for your personal setup,
+but it is especially important to change the app admin login data since they are what is public facing.
+
+```yml
+nextcloud_trusted_domains: "{{ subdomain_alias }}.{{ server_domain }}"
+```
+
+The domains that are allowed to access your Nextcloud instance.
+Should point to any domains that you want it accessible on,
+can be a space-separated list of them. 
+Take care to include the sub-domain if your are accessing it through one of them.
+[Further explanation](https://blog.martyoeh.me/posts/2021-11-18-nextcloud-trusted-domains/).
+
+## E-Mail setup
+
+```yml
+nextcloud_smtp_host: smtp.mailgun.org (no default)
+nextcloud_smtp_secure: ssl
+nextcloud_smtp_port: 465
+nextcloud_smtp_authtype: LOGIN
+nextcloud_smtp_username: <smtp-username> (no default)
+nextcloud_smtp_password: <smtp-password> (no default)
+nextcloud_smtp_from_address: noreply
+nextcloud_smtp_from_domain: "{{ server_domain }}"
+```
+
+To set up e-mail routing you will need to provide your smtp details here.
+The three lines absolutely necessary to fill in are:
+
+```yml
+nextcloud_smtp_host: smtp.mailgun.org (no default)
+nextcloud_smtp_username: <smtp-username> (no default)
+nextcloud_smtp_password: <smtp-password> (no default)
+```
+
+Since they carry no default, you will have to supply your own details here.
+If the default settings of the other variables work for your provider,
+e-mail sending will automatically be set up in your Nextcloud instance
+(as for e.g. mailgun)
+otherwise change those accordingly as well.
+
+## Primary S3 object storage
+
+```yml
+nextcloud_s3_host: s3.eu-central-1.wasabisys.com (no default)
+nextcloud_s3_bucket: nextcloud (no default)
+nextcloud_s3_key: <s3-key> (no default)
+nextcloud_s3_secret: <s3-secret> (no default)
+nextcloud_s3_port: 443 (no default)
+nextcloud_s3_ssl: true (no default)
+nextcloud_s3_region: eu-central-1 (no default)
+nextcloud_s3_usepath_style: true (no default)
+```
+
+To set up an object storage as primary file storage you will need to provide your S3-compatible details here.
+All lines are necessary to fill out correctly to enable S3.
+Since they carry no default, you will need to supply your own details for each variable.
+
+If your details are correct, Nextcloud should automatically set up S3 as its primary object storage.
+
+Be careful if you switch an existing data volume of the Nextcloud image to S3
+as you will lose all access to existing files.
+The files *should* not be deleted at this point,
+only access will be lost,
+but you are playing with fire at this point.
+