move custom nextcloud service option into separate file

2024-03-28 16:29:06 +01:00 · 2024-03-28 16:29:06 +01:00 · 66e4ecdfe6
commit 66e4ecdfe6
parent bc7778e46c
6 changed files with 140 additions and 40 deletions
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -16,6 +16,7 @@
                "/var/lib/nextcloud/server/apps/dav": "${workspaceRoot}/server/apps/dav",
                "/var/lib/nextcloud/dev-apps/circles": "${workspaceRoot}/circles",
                "/var/lib/nextcloud/store-apps/calendar": "${workspaceRoot}/calendar",
+                "/var/lib/nextcloud/store-apps/cleanup": "${workspaceRoot}/cleanup",
            },              
        }
    ]
--- a/flake.lock
+++ b/flake.lock
@ -5,11 +5,11 @@
        "nixpkgs": "nixpkgs"
      },
      "locked": {
-        "lastModified": 1698737528,
-        "narHash": "sha256-65qiCQPFGCpdjcfQrO1EZKe+LFD0tzmlecFOACNwMbY=",
+        "lastModified": 1711263551,
+        "narHash": "sha256-lDaSa0yT0uzFXq1rB0DbD5MNi2TmG9DaTrZqZoPP/I4=",
        "owner": "Mic92",
        "repo": "nixos-shell",
-        "rev": "8a835e240adc32e68d6fc7ca5aaf3f597de08d5f",
+        "rev": "b7e8a0c75c99d81039d1ca7eaab227e4814de638",
        "type": "github"
      },
      "original": {
@ -35,11 +35,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1705916986,
-        "narHash": "sha256-iBpfltu6QvN4xMpen6jGGEb6jOqmmVQKUrXdOJ32u8w=",
+        "lastModified": 1711460390,
+        "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "d7f206b723e42edb09d9d753020a84b3061a79d8",
+        "rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -31,6 +31,8 @@
          phpunit
          nodejs
          nodePackages.rollup
+          act
+          npm-check-updates
        ];
      };
    };
--- a/nextcloud-ensure-users.nix
+++ b/nextcloud-ensure-users.nix
@ -0,0 +1,87 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  inherit
+    (lib)
+    optionalString
+    escapeShellArg
+    types
+    concatStringsSep
+    mapAttrsToList
+    mkIf
+    mkOption
+    ;
+
+  cfg = config.services.nextcloud;
+
+in {
+  options = {
+    services.nextcloud = {
+
+      ensureUsers = mkOption {
+        default = {};
+        description = lib.mdDoc ''
+          List of user accounts which get automatically created if they don't
+          exist yet. This option does not delete accounts which are not listed
+          anymore.
+        '';
+        example = {
+          user1 = {
+            passwordFile = /secrets/user1-localhost;
+            email = "user1@localhost";
+          };
+          user2 = {
+            passwordFile = /secrets/user2-localhost;
+            email = "user2@localhost";
+          };
+        };
+        type = types.attrsOf (types.submodule {
+          options = {
+            passwordFile = mkOption {
+              type = types.path;
+              example = "/path/to/file";
+              default = null;
+              description = lib.mdDoc ''
+                Specifies the path to a file containing the
+                clear text password for the user.
+              '';
+            };
+            email = mkOption {
+              type = types.str;
+              example = "user1@localhost";
+              default = null;
+            };
+          };
+        });
+      };
+
+    };
+  };
+
+  config = mkIf cfg.enable {
+
+    systemd.services.nextcloud-ensure-users = {
+      enable = true;
+      script = ''
+        ${optionalString (cfg.ensureUsers != {}) ''
+          ${concatStringsSep "\n" (mapAttrsToList (name: cfg: ''
+            if ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then
+              export OC_PASS="$(cat ${escapeShellArg cfg.passwordFile})"
+              ${config.services.nextcloud.occ}/bin/nextcloud-occ user:add --password-from-env "${name}"
+            fi
+            if ! ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then
+              ${optionalString (cfg.email != null) ''
+                ${config.services.nextcloud.occ}/bin/nextcloud-occ user:setting "${name}" settings email "${cfg.email}"
+              ''}
+            fi
+          '') cfg.ensureUsers)}
+        ''}
+      '';
+      wantedBy = [ "multi-user.target" ];
+      after = ["nextcloud-setup.service"];
+    };
+
+  };
+}
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 28e0ccfed906525183306ff3d38b67075d688773
+Subproject commit 7d1ca956a7a09cb3777114d3c8849415382066fd
--- a/vm-nextcloud.nix
+++ b/vm-nextcloud.nix
@ -5,13 +5,8 @@
    cores = 4;
  };

-  # FIXME
-  # is it possible to extend existing module with additional options using flake?
-  disabledModules = [
-    "services/web-apps/nextcloud.nix"
-  ];
  imports = [
-    "${fetchTarball "https://github.com/onny/nixpkgs/archive/nextcloud-ensureusers.tar.gz"}/nixos/modules/services/web-apps/nextcloud.nix"
+    ./nextcloud-ensure-users.nix
  ];

  nixpkgs = {
@ -20,8 +15,6 @@
        # Remove first run wizard and password policy check from Nextcloud
        # package
        nextcloud28 = super.nextcloud28.overrideAttrs (oldAttrs: rec {
-          #patches = [];
-          #src = ./server;
          installPhase = oldAttrs.installPhase + ''
            mkdir -p $out/
            cp -R . $out/
@ -40,25 +33,25 @@
    package = pkgs.nextcloud28;
    hostName = "localhost";
    extraApps = with config.services.nextcloud.package.packages.apps; {
-      inherit contacts calendar;
-      # FIXME
-      # enable hmr when debug flag is enabled
-      hmr_enabler = pkgs.php.buildComposerProject (finalAttrs: {
-        pname = "hmr_enabler";
-        version = "1.0.0";
-        src = pkgs.fetchFromGitHub {
-          owner = "nextcloud";
-          repo = "hmr_enabler";
-          rev = "b8d3ad290bfa6fe407280587181a5167d71a2617";
-          hash = "sha256-yXFby5zlDiPdrw6HchmBoUdu9Zjfgp/bSu0G/isRpKg=";
-        };
-        composerNoDev = false;
-        vendorHash = "sha256-PCWWu/SqTUGnZXUnXyL8c72p8L14ZUqIxoa5i49XPH4=";
-        postInstall = ''
-          cp -r $out/share/php/hmr_enabler/* $out/
-          rm -r $out/share
-        '';
-      });
+     inherit contacts calendar;
+     # FIXME
+     # enable hmr when debug flag is enabled
+     hmr_enabler = pkgs.php.buildComposerProject (finalAttrs: {
+      pname = "hmr_enabler";
+      version = "1.0.0";
+      src = pkgs.fetchFromGitHub {
+        owner = "nextcloud";
+        repo = "hmr_enabler";
+        rev = "b8d3ad290bfa6fe407280587181a5167d71a2617";
+        hash = "sha256-yXFby5zlDiPdrw6HchmBoUdu9Zjfgp/bSu0G/isRpKg=";
+      };
+      composerNoDev = false;
+      vendorHash = "sha256-PCWWu/SqTUGnZXUnXyL8c72p8L14ZUqIxoa5i49XPH4=";
+      postInstall = ''
+        cp -r $out/share/php/hmr_enabler/* $out/
+        rm -r $out/share
+      '';
+     });
    };
    extraAppsEnable = true;
    config = {
@ -89,22 +82,36 @@
    };
    appstoreEnable = true;
    configureRedis = true;
+    # FIXME rename to settings with 24.05
    extraOptions = {
      mail_smtpmode = "sendmail";
      mail_sendmailmode = "pipe";
      trusted_domains = [ "10.100.100.1" ];
      "integrity.check.disabled" = true;
      debug = true;
+      #apps_paths = [
+      #  {
+      #    path = "/var/lib/nextcloud/server/apps";
+      #    url = "/apps";
+      #    writable = false;
+      #  }
+      #];
    };
  };

  nixos-shell.mounts.extraMounts = {
-    "/var/lib/nextcloud/store-apps/cleanup" = {
-       target = /home/onny/projects/nixos-nextcloud-testumgebung/cleanup;
-       cache = "none";
-    };
+    #"/var/lib/nextcloud/store-apps/cleanup" = {
+    #   target = /home/onny/projects/nixos-nextcloud-testumgebung/cleanup;
+    #   cache = "none";
+    #};
+    #"/var/lib/nextcloud/server" = {
+    #   target = /home/onny/projects/nixos-nextcloud-testumgebung/server;
+    #   cache = "none";
+    #};
  };

+  #services.nginx.virtualHosts."localhost".root = lib.mkForce "/var/lib/nextcloud/server";
+
  # Setup mail server
  services.maddy = {
    enable = true;
@ -146,10 +153,13 @@
    };
  };

-  #system.fsPackages = [ pkgs.bindfs ];
-
  system.stateVersion = "23.11";

+  environment.systemPackages = with pkgs; [
+    sqlite sqldiff
+    unzip wget
+  ];
+
  documentation = {
    info.enable = false;
    man.enable = false;