fix nextcloud

This commit is contained in:
Ingolf Wagner 2024-06-05 15:43:26 +02:00
parent 843b3a2752
commit ee9803c55a
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B

View file

@ -50,12 +50,10 @@ in
};
};
#sops.secrets.nextcloud_database_password.owner = "nextcloud";
#sops.secrets.nextcloud_root_password.owner = "nextcloud";
clanCore.facts.services.nextcloud_root = factsGenerator.password { service = "nextcloud"; name = "root"; };
clanCore.facts.services.nextcloud_database = factsGenerator.password { service = "nextcloud"; name = "database"; };
# todo : remove
users.users.nextcloud = {
isSystemUser = true;
uid = nextcloudUid;
@ -72,18 +70,15 @@ in
# * mysql
containers.nextcloud = {
# mount host folders
bindMounts = {
rootpassword = {
#hostPath = "/run/secrets/nextcloud_root_password";
hostPath = config.clanCore.facts.services.nextcloud_root.secret."nextcloud.root".path;
mountPoint = "/run/secrets/nextcloud_root_password";
mountPoint = "/run/secrets/nextcloud.root.intput";
isReadOnly = true;
};
databasepassword = {
#hostPath = "/run/secrets/nextcloud_database_password";
hostPath = config.clanCore.facts.services.nextcloud_database.secret."nextcloud.database".path;
mountPoint = "/run/secrets/nextcloud_database_password";
mountPoint = "/run/secrets/nextcloud.database.input";
isReadOnly = true;
};
};
@ -102,6 +97,23 @@ in
# A temporary workaround is to manually write the /etc/nixos/resolv.conf file like this:
#environment.etc."resolv.conf".text = "nameserver 8.8.8.8";
systemd.tmpfiles.settings.nextcloud = {
"/run/secrets/nextcloud.root".C = {
type = "C";
user = "nextcloud";
group = "nextcloud";
mode = "400";
argument = "/run/secrets/nextcloud.root.input";
};
"/run/secrets/nextcloud.database".C = {
type = "C";
user = "nextcloud";
group = "nextcloud";
mode = "400";
argument = "/run/secrets/nextcloud.database.input";
};
};
users.users.nextcloud.uid = nextcloudUid;
@ -187,10 +199,10 @@ in
loglevel = 2;
};
config = {
adminpassFile = "/run/secrets/nextcloud_root_password";
adminpassFile = "/run/secrets/nextcloud.root";
#overwriteProtocol = "https";
dbtype = "mysql";
dbpassFile = "/run/secrets/nextcloud_database_password";
dbpassFile = "/run/secrets/nextcloud.database";
dbhost = "localhost:3306";
};
};