nextcloud: Make HArP optional and opt-in

roles/nextcloud/tasks/main.yaml

@@ -14,8 +14,8 @@
         source: data
         destination: /var/www/html
     service_container_secrets:
-      - name: adminpw
-        value: "{{ nextcloud_admin_pw }}"
+      - name: admin-password
+        value: "{{ nextcloud_admin_password }}"
       - name: harp-shared-key
     service_container_env:
       POSTGRES_HOST: postgres
@@ -26,39 +26,6 @@
       TRUSTED_PROXIES: 10.0.0.0/8
       NEXTCLOUD_TRUSTED_DOMAINS: "{{ nextcloud_domains | join(' ') }}"
       NEXTCLOUD_ADMIN_USER: admin
-      NEXTCLOUD_ADMIN_PASSWORD_FILE: /run/secrets/adminpw
-    service_additional_containers:
-      - name: cron
-        entrypoint: /cron.sh
-      - name: harp
-        add_capabilities:
-          - CAP_SYS_ADMIN
-        image: quay.io/podman/stable:latest
-        user: podman
-        entrypoint: /entrypoint.sh
-        devices:
-          - source: /dev/fuse
-        mounts:
-          - type: template
-            source: containers.conf.j2
-            destination: /etc/containers/containers.conf
-          - type: template
-            source: harp_entrypoint.sh.j2
-            destination: /entrypoint.sh
-            mode: "0755"
-          - type: volume
-            source: harp-certs
-            destination: /certs
-#          - type: volume
-#            source: harp-containers
-#            destination: /home/podman/.local/share/containers
-        env: {}
-        secrets:
-          - name: harp-shared-key
-        publish_ports:
-          - name: harp
-            type: socket
-            container_port: 8780
-    service_vhost_locations:
-      - path: /exapps/*
-        proxy_target_socket: /run/nextcloud-harp-socat.sock
+      NEXTCLOUD_ADMIN_PASSWORD_FILE: /run/secrets/admin-password
+    service_additional_containers: "{{ _nextcloud_additional_containers }}"
+    service_vhost_locations: "{{ _nextcloud_vhost_locations }}"