ma nextcloud: allow service to write to cloud

This commit is contained in:
makefu 2022-06-06 21:20:28 +02:00
parent 9e2b4df8df
commit de582a2d00
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225

View file

@ -20,6 +20,12 @@ let
dbpw = "/run/secret/nextcloud-db-pw"; dbpw = "/run/secret/nextcloud-db-pw";
in { in {
fileSystems."/var/lib/nextcloud/data" = {
device = "/media/cloud/nextcloud-data";
options = [ "bind" ];
};
krebs.secret.files.nextcloud-db-pw = { krebs.secret.files.nextcloud-db-pw = {
path = dbpw; path = dbpw;
owner.name = "nextcloud"; owner.name = "nextcloud";
@ -40,13 +46,15 @@ in {
enable = true; enable = true;
databases = [ config.services.nextcloud.config.dbname ]; databases = [ config.services.nextcloud.config.dbname ];
}; };
systemd.services.postgresqlBackup-nextcloud.serviceConfig.SupplementaryGroups = [ "download" ];
state = [ state = [
# services.postgresql.dataDir # services.postgresql.dataDir
# "${config.services.nextcloud.home}/config" # "${config.services.nextcloud.home}/config"
config.services.postgresqlBackup.location config.services.postgresqlBackup.location
]; ];
users.users.nextcloud.extraGroups = [ "download" ];
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud22; package = pkgs.nextcloud22;
@ -59,10 +67,11 @@ in {
autoUpdateApps.startAt = "05:00:00"; autoUpdateApps.startAt = "05:00:00";
caching.redis = true; caching.redis = true;
# caching.memcached = true; caching.apcu = true;
config = { config = {
# Further forces Nextcloud to use HTTPS # Further forces Nextcloud to use HTTPS
overwriteProtocol = "https"; overwriteProtocol = "https";
defaultPhoneRegion = "DE";
# Nextcloud PostegreSQL database configuration, recommended over using SQLite # Nextcloud PostegreSQL database configuration, recommended over using SQLite
dbtype = "pgsql"; dbtype = "pgsql";
@ -71,7 +80,7 @@ in {
dbname = "nextcloud"; dbname = "nextcloud";
dbpassFile = dbpw; dbpassFile = dbpw;
adminpassFile = adminpw; adminpassFile = adminpw;
adminuser = "admin"; adminuser = "root";
}; };
}; };
services.redis.enable = true; services.redis.enable = true;