palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Wiki Activity

fix nextcloud

Browse source
This commit is contained in:
Ingolf Wagner 2024-06-05 15:43:26 +02:00
parent 843b3a2752
commit ee9803c55a
Signed by: palo
GPG key ID: 76BF5F1928B9618B
1 changed files with 22 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
nixos/machines/orbi/media-nextcloud.nix
View file

@ -50,12 +50,10 @@ in
}; };
}; };
#sops.secrets.nextcloud_database_password.owner = "nextcloud";
#sops.secrets.nextcloud_root_password.owner = "nextcloud";
clanCore.facts.services.nextcloud_root = factsGenerator.password { service = "nextcloud"; name = "root"; }; clanCore.facts.services.nextcloud_root = factsGenerator.password { service = "nextcloud"; name = "root"; };
clanCore.facts.services.nextcloud_database = factsGenerator.password { service = "nextcloud"; name = "database"; }; clanCore.facts.services.nextcloud_database = factsGenerator.password { service = "nextcloud"; name = "database"; };
# todo : remove
users.users.nextcloud = { users.users.nextcloud = {
isSystemUser = true; isSystemUser = true;
uid = nextcloudUid; uid = nextcloudUid;
@ -72,18 +70,15 @@ in
# * mysql # * mysql
containers.nextcloud = { containers.nextcloud = {
# mount host folders
bindMounts = { bindMounts = {
rootpassword = { rootpassword = {
#hostPath = "/run/secrets/nextcloud_root_password";
hostPath = config.clanCore.facts.services.nextcloud_root.secret."nextcloud.root".path; hostPath = config.clanCore.facts.services.nextcloud_root.secret."nextcloud.root".path;
mountPoint = "/run/secrets/nextcloud_root_password"; mountPoint = "/run/secrets/nextcloud.root.intput";
isReadOnly = true; isReadOnly = true;
}; };
databasepassword = { databasepassword = {
#hostPath = "/run/secrets/nextcloud_database_password";
hostPath = config.clanCore.facts.services.nextcloud_database.secret."nextcloud.database".path; hostPath = config.clanCore.facts.services.nextcloud_database.secret."nextcloud.database".path;
mountPoint = "/run/secrets/nextcloud_database_password"; mountPoint = "/run/secrets/nextcloud.database.input";
isReadOnly = true; isReadOnly = true;
}; };
}; };
@ -102,6 +97,23 @@ in
# A temporary workaround is to manually write the /etc/nixos/resolv.conf file like this: # A temporary workaround is to manually write the /etc/nixos/resolv.conf file like this:
#environment.etc."resolv.conf".text = "nameserver 8.8.8.8"; #environment.etc."resolv.conf".text = "nameserver 8.8.8.8";
systemd.tmpfiles.settings.nextcloud = {
"/run/secrets/nextcloud.root".C = {
type = "C";
user = "nextcloud";
group = "nextcloud";
mode = "400";
argument = "/run/secrets/nextcloud.root.input";
};
"/run/secrets/nextcloud.database".C = {
type = "C";
user = "nextcloud";
group = "nextcloud";
mode = "400";
argument = "/run/secrets/nextcloud.database.input";
};
};
users.users.nextcloud.uid = nextcloudUid; users.users.nextcloud.uid = nextcloudUid;
@ -187,10 +199,10 @@ in
loglevel = 2; loglevel = 2;
}; };
config = { config = {
adminpassFile = "/run/secrets/nextcloud_root_password"; adminpassFile = "/run/secrets/nextcloud.root";
#overwriteProtocol = "https"; #overwriteProtocol = "https";
dbtype = "mysql"; dbtype = "mysql";
dbpassFile = "/run/secrets/nextcloud_database_password"; dbpassFile = "/run/secrets/nextcloud.database";
dbhost = "localhost:3306"; dbhost = "localhost:3306";
}; };
}; };