diff --git a/.vscode/launch.json b/.vscode/launch.json index 1cb398c..362cef7 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -16,6 +16,7 @@ "/var/lib/nextcloud/server/apps/dav": "${workspaceRoot}/server/apps/dav", "/var/lib/nextcloud/dev-apps/circles": "${workspaceRoot}/circles", "/var/lib/nextcloud/store-apps/calendar": "${workspaceRoot}/calendar", + "/var/lib/nextcloud/store-apps/cleanup": "${workspaceRoot}/cleanup", }, } ] diff --git a/flake.lock b/flake.lock index 8ef2738..a626ee4 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1698737528, - "narHash": "sha256-65qiCQPFGCpdjcfQrO1EZKe+LFD0tzmlecFOACNwMbY=", + "lastModified": 1711263551, + "narHash": "sha256-lDaSa0yT0uzFXq1rB0DbD5MNi2TmG9DaTrZqZoPP/I4=", "owner": "Mic92", "repo": "nixos-shell", - "rev": "8a835e240adc32e68d6fc7ca5aaf3f597de08d5f", + "rev": "b7e8a0c75c99d81039d1ca7eaab227e4814de638", "type": "github" }, "original": { @@ -35,11 +35,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1705916986, - "narHash": "sha256-iBpfltu6QvN4xMpen6jGGEb6jOqmmVQKUrXdOJ32u8w=", + "lastModified": 1711460390, + "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d7f206b723e42edb09d9d753020a84b3061a79d8", + "rev": "44733514b72e732bd49f5511bd0203dea9b9a434", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 7484837..3946805 100644 --- a/flake.nix +++ b/flake.nix @@ -31,6 +31,8 @@ phpunit nodejs nodePackages.rollup + act + npm-check-updates ]; }; }; diff --git a/nextcloud-ensure-users.nix b/nextcloud-ensure-users.nix new file mode 100644 index 0000000..862b2f0 --- /dev/null +++ b/nextcloud-ensure-users.nix @@ -0,0 +1,87 @@ +{ + config, + lib, + ... +}: let + inherit + (lib) + optionalString + escapeShellArg + types + concatStringsSep + mapAttrsToList + mkIf + mkOption + ; + + cfg = config.services.nextcloud; + +in { + options = { + services.nextcloud = { + + ensureUsers = mkOption { + default = {}; + description = lib.mdDoc '' + List of user accounts which get automatically created if they don't + exist yet. This option does not delete accounts which are not listed + anymore. + ''; + example = { + user1 = { + passwordFile = /secrets/user1-localhost; + email = "user1@localhost"; + }; + user2 = { + passwordFile = /secrets/user2-localhost; + email = "user2@localhost"; + }; + }; + type = types.attrsOf (types.submodule { + options = { + passwordFile = mkOption { + type = types.path; + example = "/path/to/file"; + default = null; + description = lib.mdDoc '' + Specifies the path to a file containing the + clear text password for the user. + ''; + }; + email = mkOption { + type = types.str; + example = "user1@localhost"; + default = null; + }; + }; + }); + }; + + }; + }; + + config = mkIf cfg.enable { + + systemd.services.nextcloud-ensure-users = { + enable = true; + script = '' + ${optionalString (cfg.ensureUsers != {}) '' + ${concatStringsSep "\n" (mapAttrsToList (name: cfg: '' + if ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then + export OC_PASS="$(cat ${escapeShellArg cfg.passwordFile})" + ${config.services.nextcloud.occ}/bin/nextcloud-occ user:add --password-from-env "${name}" + fi + if ! ${config.services.nextcloud.occ}/bin/nextcloud-occ user:info "${name}" | grep "user not found"; then + ${optionalString (cfg.email != null) '' + ${config.services.nextcloud.occ}/bin/nextcloud-occ user:setting "${name}" settings email "${cfg.email}" + ''} + fi + '') cfg.ensureUsers)} + ''} + ''; + wantedBy = [ "multi-user.target" ]; + after = ["nextcloud-setup.service"]; + }; + + }; +} diff --git a/server b/server index 28e0ccf..7d1ca95 160000 --- a/server +++ b/server @@ -1 +1 @@ -Subproject commit 28e0ccfed906525183306ff3d38b67075d688773 +Subproject commit 7d1ca956a7a09cb3777114d3c8849415382066fd diff --git a/vm-nextcloud.nix b/vm-nextcloud.nix index a1f61aa..96e0482 100644 --- a/vm-nextcloud.nix +++ b/vm-nextcloud.nix @@ -5,13 +5,8 @@ cores = 4; }; - # FIXME - # is it possible to extend existing module with additional options using flake? - disabledModules = [ - "services/web-apps/nextcloud.nix" - ]; imports = [ - "${fetchTarball "https://github.com/onny/nixpkgs/archive/nextcloud-ensureusers.tar.gz"}/nixos/modules/services/web-apps/nextcloud.nix" + ./nextcloud-ensure-users.nix ]; nixpkgs = { @@ -20,8 +15,6 @@ # Remove first run wizard and password policy check from Nextcloud # package nextcloud28 = super.nextcloud28.overrideAttrs (oldAttrs: rec { - #patches = []; - #src = ./server; installPhase = oldAttrs.installPhase + '' mkdir -p $out/ cp -R . $out/ @@ -40,25 +33,25 @@ package = pkgs.nextcloud28; hostName = "localhost"; extraApps = with config.services.nextcloud.package.packages.apps; { - inherit contacts calendar; - # FIXME - # enable hmr when debug flag is enabled - hmr_enabler = pkgs.php.buildComposerProject (finalAttrs: { - pname = "hmr_enabler"; - version = "1.0.0"; - src = pkgs.fetchFromGitHub { - owner = "nextcloud"; - repo = "hmr_enabler"; - rev = "b8d3ad290bfa6fe407280587181a5167d71a2617"; - hash = "sha256-yXFby5zlDiPdrw6HchmBoUdu9Zjfgp/bSu0G/isRpKg="; - }; - composerNoDev = false; - vendorHash = "sha256-PCWWu/SqTUGnZXUnXyL8c72p8L14ZUqIxoa5i49XPH4="; - postInstall = '' - cp -r $out/share/php/hmr_enabler/* $out/ - rm -r $out/share - ''; - }); + inherit contacts calendar; + # FIXME + # enable hmr when debug flag is enabled + hmr_enabler = pkgs.php.buildComposerProject (finalAttrs: { + pname = "hmr_enabler"; + version = "1.0.0"; + src = pkgs.fetchFromGitHub { + owner = "nextcloud"; + repo = "hmr_enabler"; + rev = "b8d3ad290bfa6fe407280587181a5167d71a2617"; + hash = "sha256-yXFby5zlDiPdrw6HchmBoUdu9Zjfgp/bSu0G/isRpKg="; + }; + composerNoDev = false; + vendorHash = "sha256-PCWWu/SqTUGnZXUnXyL8c72p8L14ZUqIxoa5i49XPH4="; + postInstall = '' + cp -r $out/share/php/hmr_enabler/* $out/ + rm -r $out/share + ''; + }); }; extraAppsEnable = true; config = { @@ -89,22 +82,36 @@ }; appstoreEnable = true; configureRedis = true; + # FIXME rename to settings with 24.05 extraOptions = { mail_smtpmode = "sendmail"; mail_sendmailmode = "pipe"; trusted_domains = [ "10.100.100.1" ]; "integrity.check.disabled" = true; debug = true; + #apps_paths = [ + # { + # path = "/var/lib/nextcloud/server/apps"; + # url = "/apps"; + # writable = false; + # } + #]; }; }; nixos-shell.mounts.extraMounts = { - "/var/lib/nextcloud/store-apps/cleanup" = { - target = /home/onny/projects/nixos-nextcloud-testumgebung/cleanup; - cache = "none"; - }; + #"/var/lib/nextcloud/store-apps/cleanup" = { + # target = /home/onny/projects/nixos-nextcloud-testumgebung/cleanup; + # cache = "none"; + #}; + #"/var/lib/nextcloud/server" = { + # target = /home/onny/projects/nixos-nextcloud-testumgebung/server; + # cache = "none"; + #}; }; + #services.nginx.virtualHosts."localhost".root = lib.mkForce "/var/lib/nextcloud/server"; + # Setup mail server services.maddy = { enable = true; @@ -146,10 +153,13 @@ }; }; - #system.fsPackages = [ pkgs.bindfs ]; - system.stateVersion = "23.11"; + environment.systemPackages = with pkgs; [ + sqlite sqldiff + unzip wget + ]; + documentation = { info.enable = false; man.enable = false;