From a98dafc98c19082923e9c412e7edb118b9d8ad73 Mon Sep 17 00:00:00 2001 From: Alexander Tomokhov Date: Sun, 26 Nov 2023 03:11:23 +0400 Subject: [PATCH] fix nextcloud (case when enabled) Previously, second mkIf for cleanup case took precedence when merge with `//`. Now it's 2 modules: one for selfprivacy.modules.nextcloud.enable == true, another for selfprivacy.modules.nextcloud.enable == false. --- sp-modules/nextcloud/cleanup-module.nix | 19 +++++++++++++++++++ sp-modules/nextcloud/common.nix | 7 +++++++ sp-modules/nextcloud/flake.nix | 3 ++- sp-modules/nextcloud/module.nix | 23 +++-------------------- 4 files changed, 31 insertions(+), 21 deletions(-) create mode 100644 sp-modules/nextcloud/cleanup-module.nix create mode 100644 sp-modules/nextcloud/common.nix diff --git a/sp-modules/nextcloud/cleanup-module.nix b/sp-modules/nextcloud/cleanup-module.nix new file mode 100644 index 0000000..d3f916f --- /dev/null +++ b/sp-modules/nextcloud/cleanup-module.nix @@ -0,0 +1,19 @@ +{ config, lib, ... }: +let + inherit (import ./common.nix config) sp db-pass-filepath admin-pass-filepath; +in +# FIXME do we really want to delete passwords on module deactivation!? +{ + config = lib.mkIf (!sp.modules.nextcloud.enable) { + system.activationScripts.nextcloudSecrets = + lib.trivial.warn + ( + "nextcloud service is disabled, " + + "${db-pass-filepath} and ${admin-pass-filepath} will be removed!" + ) + '' + rm -f ${db-pass-filepath} + rm -f ${admin-pass-filepath} + ''; + }; +} diff --git a/sp-modules/nextcloud/common.nix b/sp-modules/nextcloud/common.nix new file mode 100644 index 0000000..99a3d8e --- /dev/null +++ b/sp-modules/nextcloud/common.nix @@ -0,0 +1,7 @@ +config: rec { + sp = config.selfprivacy; + secrets-filepath = "/etc/selfprivacy/secrets.json"; + db-pass-filepath = "/var/lib/nextcloud/db-pass"; + admin-pass-filepath = "/var/lib/nextcloud/admin-pass"; + hostName = "cloud.${sp.domain}"; +} diff --git a/sp-modules/nextcloud/flake.nix b/sp-modules/nextcloud/flake.nix index 738beff..2cf384e 100644 --- a/sp-modules/nextcloud/flake.nix +++ b/sp-modules/nextcloud/flake.nix @@ -2,7 +2,8 @@ description = "PoC SP module for nextcloud"; outputs = { self }: { - nixosModules.default = import ./module.nix; + nixosModules.default = _: + { imports = [ ./module.nix ./cleanup-module.nix ]; }; configPathsNeeded = builtins.fromJSON (builtins.readFile ./config-paths-needed.json); }; diff --git a/sp-modules/nextcloud/module.nix b/sp-modules/nextcloud/module.nix index df6ab8c..b084969 100644 --- a/sp-modules/nextcloud/module.nix +++ b/sp-modules/nextcloud/module.nix @@ -13,11 +13,8 @@ config = let - sp = config.selfprivacy; - secrets-filepath = "/etc/selfprivacy/secrets.json"; - db-pass-filepath = "/var/lib/nextcloud/db-pass"; - admin-pass-filepath = "/var/lib/nextcloud/admin-pass"; - hostName = "cloud.${sp.domain}"; + inherit (import ./common.nix config) + sp secrets-filepath db-pass-filepath admin-pass-filepath hostName; in lib.mkIf sp.modules.nextcloud.enable { @@ -83,19 +80,5 @@ }; }; }; - } - # FIXME do we really want to delete passwords on module deactivation!? - // - lib.mkIf (!sp.modules.nextcloud.enable) { - system.activationScripts.nextcloudSecrets = - lib.trivial.warn - ( - "nextcloud service is disabled, " + - "${db-pass-filepath} and ${admin-pass-filepath} will be removed!" - ) - '' - rm -f ${db-pass-filepath} - rm -f ${admin-pass-filepath} - ''; - }; + }; }