commit b79a62aac052c06c33ffaf711e8f36feb41321eb · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge: nixos/nextcloud: remove with lib usage (#413393)

authored by Maximilian Bosch and committed by GitHub 6 months ago b79a62aa 1cc578e8

+218 -214

1 changed file

expand all

unified split

nixos

modules

services

web-apps

nextcloud.nix

+218 -214

nixos/modules/services/web-apps/nextcloud.nix

··· 4 4 pkgs, 5 5 ... 6 6 }: 7 - 8 - with lib; 9 - 10 7 let 8 + inherit (lib) 9 + mkIf 10 + mkMerge 11 + ; 12 + 11 13 cfg = config.services.nextcloud; 12 14 13 15 overridePackage = cfg.package.override { ··· 43 45 nix-apps = { 44 46 enabled = cfg.extraApps != { }; 45 47 linkTarget = pkgs.linkFarm "nix-apps" ( 46 - mapAttrsToList (name: path: { inherit name path; }) cfg.extraApps 48 + lib.mapAttrsToList (name: path: { inherit name path; }) cfg.extraApps 47 49 ); 48 50 writable = false; 49 51 }; ··· 63 65 '' 64 66 mkdir $out 65 67 ln -sfv "${overridePackage}"/* "$out" 66 - ${concatStrings ( 67 - mapAttrsToList ( 68 + ${lib.concatStrings ( 69 + lib.mapAttrsToList ( 68 70 name: store: 69 - optionalString (store.enabled && store ? linkTarget) '' 71 + lib.optionalString (store.enabled && store ? linkTarget) '' 70 72 if [ -e "$out"/${name} ]; then 71 73 echo "Didn't expect ${name} already in $out!" 72 74 exit 1 ··· 90 92 intl 91 93 sodium 92 94 ] # recommended 93 - ++ optional cfg.enableImagemagick imagick 95 + ++ lib.optional cfg.enableImagemagick imagick 94 96 # Optionally enabled depending on caching settings 95 - ++ optional cfg.caching.apcu apcu 96 - ++ optional cfg.caching.redis redis 97 - ++ optional cfg.caching.memcached memcached 98 - ++ optional (cfg.settings.log_type == "systemd") systemd 97 + ++ lib.optional cfg.caching.apcu apcu 98 + ++ lib.optional cfg.caching.redis redis 99 + ++ lib.optional cfg.caching.memcached memcached 100 + ++ lib.optional (cfg.settings.log_type == "systemd") systemd 99 101 ) 100 102 ++ cfg.phpExtraExtensions all; # Enabled by user 101 103 extraConfig = toKeyValue cfg.phpOptions; 102 104 }; 103 105 104 - toKeyValue = generators.toKeyValue { 105 - mkKeyValue = generators.mkKeyValueDefault { } " = "; 106 + toKeyValue = lib.generators.toKeyValue { 107 + mkKeyValue = lib.generators.mkKeyValueDefault { } " = "; 106 108 }; 107 109 108 - phpCli = concatStringsSep " " ( 110 + phpCli = lib.concatStringsSep " " ( 109 111 [ 110 - "${getExe phpPackage}" 112 + "${lib.getExe phpPackage}" 111 113 ] 112 - ++ optionals (cfg.cli.memoryLimit != null) [ 114 + ++ lib.optionals (cfg.cli.memoryLimit != null) [ 113 115 "-dmemory_limit=${cfg.cli.memoryLimit}" 114 116 ] 115 117 ); ··· 198 200 let 199 201 s3 = c.objectstore.s3; 200 202 in 201 - optionalString s3.enable '' 203 + lib.optionalString s3.enable '' 202 204 'objectstore' => [ 203 205 'class' => '\\OC\\Files\\ObjectStore\\S3', 204 206 'arguments' => [ 205 207 'bucket' => '${s3.bucket}', 206 - 'verify_bucket_exists' => ${boolToString s3.verify_bucket_exists}, 208 + 'verify_bucket_exists' => ${lib.boolToString s3.verify_bucket_exists}, 207 209 'key' => '${s3.key}', 208 210 'secret' => nix_read_secret('s3_secret'), 209 - ${optionalString (s3.hostname != null) "'hostname' => '${s3.hostname}',"} 210 - ${optionalString (s3.port != null) "'port' => ${toString s3.port},"} 211 - 'use_ssl' => ${boolToString s3.useSsl}, 212 - ${optionalString (s3.region != null) "'region' => '${s3.region}',"} 213 - 'use_path_style' => ${boolToString s3.usePathStyle}, 214 - ${optionalString (s3.sseCKeyFile != null) "'sse_c_key' => nix_read_secret('s3_sse_c_key'),"} 211 + ${lib.optionalString (s3.hostname != null) "'hostname' => '${s3.hostname}',"} 212 + ${lib.optionalString (s3.port != null) "'port' => ${toString s3.port},"} 213 + 'use_ssl' => ${lib.boolToString s3.useSsl}, 214 + ${lib.optionalString (s3.region != null) "'region' => '${s3.region}',"} 215 + 'use_path_style' => ${lib.boolToString s3.usePathStyle}, 216 + ${lib.optionalString (s3.sseCKeyFile != null) "'sse_c_key' => nix_read_secret('s3_sse_c_key'),"} 215 217 ], 216 218 ] 217 219 ''; ··· 220 222 let 221 223 x = cfg.appstoreEnable; 222 224 in 223 - if x == null then "false" else boolToString x; 225 + if x == null then "false" else lib.boolToString x; 224 226 mkAppStoreConfig = 225 227 name: 226 228 { enabled, writable, ... }: 227 - optionalString enabled '' 228 - [ 'path' => '${webroot}/${name}', 'url' => '/${name}', 'writable' => ${boolToString writable} ], 229 + lib.optionalString enabled '' 230 + [ 'path' => '${webroot}/${name}', 'url' => '/${name}', 'writable' => ${lib.boolToString writable} ], 229 231 ''; 230 232 in 231 233 pkgs.writeText "nextcloud-config.php" '' 232 234 <?php 233 - ${optionalString requiresRuntimeSystemdCredentials '' 235 + ${lib.optionalString requiresRuntimeSystemdCredentials '' 234 236 function nix_read_secret($credential_name) { 235 237 $credentials_directory = getenv("CREDENTIALS_DIRECTORY"); 236 238 if (!$credentials_directory) { ··· 278 280 } 279 281 $CONFIG = [ 280 282 'apps_paths' => [ 281 - ${concatStrings (mapAttrsToList mkAppStoreConfig appStores)} 283 + ${lib.concatStrings (lib.mapAttrsToList mkAppStoreConfig appStores)} 282 284 ], 283 - ${optionalString (showAppStoreSetting) "'appstoreenabled' => ${renderedAppStoreSetting},"} 284 - ${optionalString cfg.caching.apcu "'memcache.local' => '\\OC\\Memcache\\APCu',"} 285 - ${optionalString (c.dbname != null) "'dbname' => '${c.dbname}',"} 286 - ${optionalString (c.dbhost != null) "'dbhost' => '${c.dbhost}',"} 287 - ${optionalString (c.dbuser != null) "'dbuser' => '${c.dbuser}',"} 288 - ${optionalString (c.dbtableprefix != null) "'dbtableprefix' => '${toString c.dbtableprefix}',"} 289 - ${optionalString (c.dbpassFile != null) "'dbpassword' => nix_read_secret('dbpass'),"} 285 + ${lib.optionalString (showAppStoreSetting) "'appstoreenabled' => ${renderedAppStoreSetting},"} 286 + ${lib.optionalString cfg.caching.apcu "'memcache.local' => '\\OC\\Memcache\\APCu',"} 287 + ${lib.optionalString (c.dbname != null) "'dbname' => '${c.dbname}',"} 288 + ${lib.optionalString (c.dbhost != null) "'dbhost' => '${c.dbhost}',"} 289 + ${lib.optionalString (c.dbuser != null) "'dbuser' => '${c.dbuser}',"} 290 + ${lib.optionalString ( 291 + c.dbtableprefix != null 292 + ) "'dbtableprefix' => '${toString c.dbtableprefix}',"} 293 + ${lib.optionalString (c.dbpassFile != null) "'dbpassword' => nix_read_secret('dbpass'),"} 290 294 'dbtype' => '${c.dbtype}', 291 295 ${objectstoreConfig} 292 296 ]; ··· 296 300 "impossible: this should never happen (decoding generated settings file %s failed)" 297 301 )); 298 302 299 - ${optionalString (cfg.secretFile != null) '' 303 + ${lib.optionalString (cfg.secretFile != null) '' 300 304 $CONFIG = array_replace_recursive($CONFIG, nix_read_secret_and_decode_json_file('secret_file')); 301 305 ''} 302 306 ''; ··· 304 308 { 305 309 306 310 imports = [ 307 - (mkRenamedOptionModule 311 + (lib.mkRenamedOptionModule 308 312 [ "services" "nextcloud" "cron" "memoryLimit" ] 309 313 [ "services" "nextcloud" "cli" "memoryLimit" ] 310 314 ) 311 - (mkRemovedOptionModule [ "services" "nextcloud" "enableBrokenCiphersForSSE" ] '' 315 + (lib.mkRemovedOptionModule [ "services" "nextcloud" "enableBrokenCiphersForSSE" ] '' 312 316 This option has no effect since there's no supported Nextcloud version packaged here 313 317 using OpenSSL for RC4 SSE. 314 318 '') 315 - (mkRemovedOptionModule [ "services" "nextcloud" "config" "dbport" ] '' 319 + (lib.mkRemovedOptionModule [ "services" "nextcloud" "config" "dbport" ] '' 316 320 Add port to services.nextcloud.config.dbhost instead. 317 321 '') 318 - (mkRenamedOptionModule 322 + (lib.mkRenamedOptionModule 319 323 [ "services" "nextcloud" "logLevel" ] 320 324 [ "services" "nextcloud" "settings" "loglevel" ] 321 325 ) 322 - (mkRenamedOptionModule 326 + (lib.mkRenamedOptionModule 323 327 [ "services" "nextcloud" "logType" ] 324 328 [ "services" "nextcloud" "settings" "log_type" ] 325 329 ) 326 - (mkRenamedOptionModule 330 + (lib.mkRenamedOptionModule 327 331 [ "services" "nextcloud" "config" "defaultPhoneRegion" ] 328 332 [ "services" "nextcloud" "settings" "default_phone_region" ] 329 333 ) 330 - (mkRenamedOptionModule 334 + (lib.mkRenamedOptionModule 331 335 [ "services" "nextcloud" "config" "overwriteProtocol" ] 332 336 [ "services" "nextcloud" "settings" "overwriteprotocol" ] 333 337 ) 334 - (mkRenamedOptionModule 338 + (lib.mkRenamedOptionModule 335 339 [ "services" "nextcloud" "skeletonDirectory" ] 336 340 [ "services" "nextcloud" "settings" "skeletondirectory" ] 337 341 ) 338 - (mkRenamedOptionModule 342 + (lib.mkRenamedOptionModule 339 343 [ "services" "nextcloud" "globalProfiles" ] 340 344 [ "services" "nextcloud" "settings" "profile.enabled" ] 341 345 ) 342 - (mkRenamedOptionModule 346 + (lib.mkRenamedOptionModule 343 347 [ "services" "nextcloud" "config" "extraTrustedDomains" ] 344 348 [ "services" "nextcloud" "settings" "trusted_domains" ] 345 349 ) 346 - (mkRenamedOptionModule 350 + (lib.mkRenamedOptionModule 347 351 [ "services" "nextcloud" "config" "trustedProxies" ] 348 352 [ "services" "nextcloud" "settings" "trusted_proxies" ] 349 353 ) 350 - (mkRenamedOptionModule 354 + (lib.mkRenamedOptionModule 351 355 [ "services" "nextcloud" "extraOptions" ] 352 356 [ "services" "nextcloud" "settings" ] 353 357 ) 354 - (mkRenamedOptionModule 358 + (lib.mkRenamedOptionModule 355 359 [ "services" "nextcloud" "config" "objectstore" "s3" "autocreate" ] 356 360 [ "services" "nextcloud" "config" "objectstore" "s3" "verify_bucket_exists" ] 357 361 ) 358 362 ]; 359 363 360 364 options.services.nextcloud = { 361 - enable = mkEnableOption "nextcloud"; 365 + enable = lib.mkEnableOption "nextcloud"; 362 366 363 - hostName = mkOption { 364 - type = types.str; 367 + hostName = lib.mkOption { 368 + type = lib.types.str; 365 369 description = "FQDN for the nextcloud instance."; 366 370 }; 367 - home = mkOption { 368 - type = types.str; 371 + home = lib.mkOption { 372 + type = lib.types.str; 369 373 default = "/var/lib/nextcloud"; 370 374 description = "Storage path of nextcloud."; 371 375 }; 372 - datadir = mkOption { 373 - type = types.str; 376 + datadir = lib.mkOption { 377 + type = lib.types.str; 374 378 default = config.services.nextcloud.home; 375 - defaultText = literalExpression "config.services.nextcloud.home"; 379 + defaultText = lib.literalExpression "config.services.nextcloud.home"; 376 380 description = '' 377 381 Nextcloud's data storage path. Will be [](#opt-services.nextcloud.home) by default. 378 382 This folder will be populated with a config.php file and a data folder which contains the state of the instance (excluding the database)."; 379 383 ''; 380 384 example = "/mnt/nextcloud-file"; 381 385 }; 382 - extraApps = mkOption { 383 - type = types.attrsOf types.package; 386 + extraApps = lib.mkOption { 387 + type = lib.types.attrsOf lib.types.package; 384 388 default = { }; 385 389 description = '' 386 390 Extra apps to install. Should be an attrSet of appid to packages generated by fetchNextcloudApp. 387 391 The appid must be identical to the "id" value in the apps appinfo/info.xml. 388 392 Using this will disable the appstore to prevent Nextcloud from updating these apps (see [](#opt-services.nextcloud.appstoreEnable)). 389 393 ''; 390 - example = literalExpression '' 394 + example = lib.literalExpression '' 391 395 { 392 396 inherit (pkgs.nextcloud31Packages.apps) mail calendar contacts; 393 397 phonetrack = pkgs.fetchNextcloudApp { ··· 399 403 } 400 404 ''; 401 405 }; 402 - extraAppsEnable = mkOption { 403 - type = types.bool; 406 + extraAppsEnable = lib.mkOption { 407 + type = lib.types.bool; 404 408 default = true; 405 409 description = '' 406 410 Automatically enable the apps in [](#opt-services.nextcloud.extraApps) every time Nextcloud starts. 407 411 If set to false, apps need to be enabled in the Nextcloud web user interface or with `nextcloud-occ app:enable`. 408 412 ''; 409 413 }; 410 - appstoreEnable = mkOption { 411 - type = types.nullOr types.bool; 414 + appstoreEnable = lib.mkOption { 415 + type = lib.types.nullOr lib.types.bool; 412 416 default = null; 413 417 example = true; 414 418 description = '' ··· 418 422 Set this to false to disable the installation of apps from the global appstore. App management is always enabled regardless of this setting. 419 423 ''; 420 424 }; 421 - https = mkOption { 422 - type = types.bool; 425 + https = lib.mkOption { 426 + type = lib.types.bool; 423 427 default = false; 424 428 description = '' 425 429 Use HTTPS for generated links. ··· 427 431 Be aware that this also enables HTTP Strict Transport Security (HSTS) headers. 428 432 ''; 429 433 }; 430 - package = mkOption { 431 - type = types.package; 434 + package = lib.mkOption { 435 + type = lib.types.package; 432 436 description = "Which package to use for the Nextcloud instance."; 433 437 relatedPackages = [ 434 438 "nextcloud30" 435 439 "nextcloud31" 436 440 ]; 437 441 }; 438 - phpPackage = mkPackageOption pkgs "php" { 442 + phpPackage = lib.mkPackageOption pkgs "php" { 439 443 default = [ "php83" ]; 440 444 example = "php82"; 441 445 }; 442 446 443 - finalPackage = mkOption { 444 - type = types.package; 447 + finalPackage = lib.mkOption { 448 + type = lib.types.package; 445 449 readOnly = true; 446 450 description = '' 447 451 Package to the finalized Nextcloud package, including all installed apps. ··· 449 453 ''; 450 454 }; 451 455 452 - maxUploadSize = mkOption { 456 + maxUploadSize = lib.mkOption { 453 457 default = "512M"; 454 - type = types.str; 458 + type = lib.types.str; 455 459 description = '' 456 460 The upload limit for files. This changes the relevant options 457 461 in php.ini and nginx if enabled. 458 462 ''; 459 463 }; 460 464 461 - webfinger = mkOption { 462 - type = types.bool; 465 + webfinger = lib.mkOption { 466 + type = lib.types.bool; 463 467 default = false; 464 468 description = '' 465 469 Enable this option if you plan on using the webfinger plugin. ··· 467 471 ''; 468 472 }; 469 473 470 - phpExtraExtensions = mkOption { 471 - type = with types; functionTo (listOf package); 474 + phpExtraExtensions = lib.mkOption { 475 + type = lib.types.functionTo (lib.types.listOf lib.types.package); 472 476 default = all: [ ]; 473 - defaultText = literalExpression "all: []"; 477 + defaultText = lib.literalExpression "all: []"; 474 478 description = '' 475 479 Additional PHP extensions to use for Nextcloud. 476 480 By default, only extensions necessary for a vanilla Nextcloud installation are enabled, 477 481 but you may choose from the list of available extensions and add further ones. 478 482 This is sometimes necessary to be able to install a certain Nextcloud app that has additional requirements. 479 483 ''; 480 - example = literalExpression '' 484 + example = lib.literalExpression '' 481 485 all: [ all.pdlib all.bz2 ] 482 486 ''; 483 487 }; 484 488 485 - phpOptions = mkOption { 486 - type = 487 - with types; 488 - attrsOf (oneOf [ 489 - str 490 - int 491 - ]); 492 - defaultText = literalExpression ( 493 - generators.toPretty { } ( 494 - defaultPHPSettings // { "openssl.cafile" = literalExpression "config.security.pki.caBundle"; } 489 + phpOptions = lib.mkOption { 490 + type = lib.types.attrsOf ( 491 + lib.types.oneOf [ 492 + lib.types.str 493 + lib.types.int 494 + ] 495 + ); 496 + defaultText = lib.literalExpression ( 497 + lib.generators.toPretty { } ( 498 + defaultPHPSettings // { "openssl.cafile" = lib.literalExpression "config.security.pki.caBundle"; } 495 499 ) 496 500 ); 497 501 description = '' ··· 523 527 ''; 524 528 }; 525 529 526 - poolSettings = mkOption { 527 - type = 528 - with types; 529 - attrsOf (oneOf [ 530 - str 531 - int 532 - bool 533 - ]); 530 + poolSettings = lib.mkOption { 531 + type = lib.types.attrsOf ( 532 + lib.types.oneOf [ 533 + lib.types.str 534 + lib.types.int 535 + lib.types.bool 536 + ] 537 + ); 534 538 default = { 535 539 "pm" = "dynamic"; 536 540 "pm.max_children" = "120"; ··· 548 552 ''; 549 553 }; 550 554 551 - poolConfig = mkOption { 552 - type = types.nullOr types.lines; 555 + poolConfig = lib.mkOption { 556 + type = lib.types.nullOr lib.types.lines; 553 557 default = null; 554 558 description = '' 555 559 Options for Nextcloud's PHP pool. See the documentation on `php-fpm.conf` for details on configuration directives. 556 560 ''; 557 561 }; 558 562 559 - fastcgiTimeout = mkOption { 560 - type = types.int; 563 + fastcgiTimeout = lib.mkOption { 564 + type = lib.types.int; 561 565 default = 120; 562 566 description = '' 563 567 FastCGI timeout for database connection in seconds. ··· 566 570 567 571 database = { 568 572 569 - createLocally = mkOption { 570 - type = types.bool; 573 + createLocally = lib.mkOption { 574 + type = lib.types.bool; 571 575 default = false; 572 576 description = '' 573 577 Whether to create the database and database user locally. ··· 577 581 }; 578 582 579 583 config = { 580 - dbtype = mkOption { 581 - type = types.nullOr ( 582 - types.enum [ 584 + dbtype = lib.mkOption { 585 + type = lib.types.nullOr ( 586 + lib.types.enum [ 583 587 "sqlite" 584 588 "pgsql" 585 589 "mysql" ··· 588 592 default = null; 589 593 description = "Database type."; 590 594 }; 591 - dbname = mkOption { 592 - type = types.nullOr types.str; 595 + dbname = lib.mkOption { 596 + type = lib.types.nullOr lib.types.str; 593 597 default = "nextcloud"; 594 598 description = "Database name."; 595 599 }; 596 - dbuser = mkOption { 597 - type = types.nullOr types.str; 600 + dbuser = lib.mkOption { 601 + type = lib.types.nullOr lib.types.str; 598 602 default = "nextcloud"; 599 603 description = "Database user."; 600 604 }; 601 - dbpassFile = mkOption { 602 - type = types.nullOr types.str; 605 + dbpassFile = lib.mkOption { 606 + type = lib.types.nullOr lib.types.str; 603 607 default = null; 604 608 description = '' 605 609 The full path to a file that contains the database password. 606 610 ''; 607 611 }; 608 - dbhost = mkOption { 609 - type = types.nullOr types.str; 612 + dbhost = lib.mkOption { 613 + type = lib.types.nullOr lib.types.str; 610 614 default = 611 615 if pgsqlLocal then 612 616 "/run/postgresql" ··· 623 627 defaults to the correct Unix socket instead. 624 628 ''; 625 629 }; 626 - dbtableprefix = mkOption { 627 - type = types.nullOr types.str; 630 + dbtableprefix = lib.mkOption { 631 + type = lib.types.nullOr lib.types.str; 628 632 default = null; 629 633 description = '' 630 634 Table prefix in Nextcloud's database. ··· 634 638 with installations that were originally provisioned with Nextcloud <20. 635 639 ''; 636 640 }; 637 - adminuser = mkOption { 638 - type = types.str; 641 + adminuser = lib.mkOption { 642 + type = lib.types.str; 639 643 default = "root"; 640 644 description = '' 641 645 Username for the admin account. The username is only set during the ··· 643 647 ID internally, it cannot be changed later! 644 648 ''; 645 649 }; 646 - adminpassFile = mkOption { 647 - type = types.str; 650 + adminpassFile = lib.mkOption { 651 + type = lib.types.str; 648 652 description = '' 649 653 The full path to a file that contains the admin's password. The password is 650 654 set only in the initial setup of Nextcloud by the systemd service `nextcloud-setup.service`. ··· 652 656 }; 653 657 objectstore = { 654 658 s3 = { 655 - enable = mkEnableOption '' 659 + enable = lib.mkEnableOption '' 656 660 S3 object storage as primary storage. 657 661 658 662 This mounts a bucket on an Amazon S3 object storage or compatible ··· 661 665 Further details about this feature can be found in the 662 666 [upstream documentation](https://docs.nextcloud.com/server/22/admin_manual/configuration_files/primary_storage.html) 663 667 ''; 664 - bucket = mkOption { 665 - type = types.str; 668 + bucket = lib.mkOption { 669 + type = lib.types.str; 666 670 example = "nextcloud"; 667 671 description = '' 668 672 The name of the S3 bucket. 669 673 ''; 670 674 }; 671 - verify_bucket_exists = mkOption { 672 - type = types.bool; 675 + verify_bucket_exists = lib.mkOption { 676 + type = lib.types.bool; 673 677 default = true; 674 678 description = '' 675 679 Create the objectstore bucket if it does not exist. 676 680 ''; 677 681 }; 678 - key = mkOption { 679 - type = types.str; 682 + key = lib.mkOption { 683 + type = lib.types.str; 680 684 example = "EJ39ITYZEUH5BGWDRUFY"; 681 685 description = '' 682 686 The access key for the S3 bucket. 683 687 ''; 684 688 }; 685 - secretFile = mkOption { 686 - type = types.str; 689 + secretFile = lib.mkOption { 690 + type = lib.types.str; 687 691 example = "/var/nextcloud-objectstore-s3-secret"; 688 692 description = '' 689 693 The full path to a file that contains the access secret. 690 694 ''; 691 695 }; 692 - hostname = mkOption { 693 - type = types.nullOr types.str; 696 + hostname = lib.mkOption { 697 + type = lib.types.nullOr lib.types.str; 694 698 default = null; 695 699 example = "example.com"; 696 700 description = '' 697 701 Required for some non-Amazon implementations. 698 702 ''; 699 703 }; 700 - port = mkOption { 701 - type = types.nullOr types.port; 704 + port = lib.mkOption { 705 + type = lib.types.nullOr lib.types.port; 702 706 default = null; 703 707 description = '' 704 708 Required for some non-Amazon implementations. 705 709 ''; 706 710 }; 707 - useSsl = mkOption { 708 - type = types.bool; 711 + useSsl = lib.mkOption { 712 + type = lib.types.bool; 709 713 default = true; 710 714 description = '' 711 715 Use SSL for objectstore access. 712 716 ''; 713 717 }; 714 - region = mkOption { 715 - type = types.nullOr types.str; 718 + region = lib.mkOption { 719 + type = lib.types.nullOr lib.types.str; 716 720 default = null; 717 721 example = "REGION"; 718 722 description = '' 719 723 Required for some non-Amazon implementations. 720 724 ''; 721 725 }; 722 - usePathStyle = mkOption { 723 - type = types.bool; 726 + usePathStyle = lib.mkOption { 727 + type = lib.types.bool; 724 728 default = false; 725 729 description = '' 726 730 Required for some non-Amazon S3 implementations. ··· 731 735 `http://hostname.domain/bucket` instead. 732 736 ''; 733 737 }; 734 - sseCKeyFile = mkOption { 735 - type = types.nullOr types.path; 738 + sseCKeyFile = lib.mkOption { 739 + type = lib.types.nullOr lib.types.path; 736 740 default = null; 737 741 example = "/var/nextcloud-objectstore-s3-sse-c-key"; 738 742 description = '' ··· 755 759 }; 756 760 757 761 enableImagemagick = 758 - mkEnableOption '' 762 + lib.mkEnableOption '' 759 763 the ImageMagick module for PHP. 760 764 This is used by the theming app and for generating previews of certain images (e.g. SVG and HEIF). 761 765 You may want to disable it for increased security. In that case, previews will still be available ··· 769 773 configureRedis = lib.mkOption { 770 774 type = lib.types.bool; 771 775 default = config.services.nextcloud.notify_push.enable; 772 - defaultText = literalExpression "config.services.nextcloud.notify_push.enable"; 776 + defaultText = lib.literalExpression "config.services.nextcloud.notify_push.enable"; 773 777 description = '' 774 778 Whether to configure Nextcloud to use the recommended Redis settings for small instances. 775 779 ··· 780 784 }; 781 785 782 786 caching = { 783 - apcu = mkOption { 784 - type = types.bool; 787 + apcu = lib.mkOption { 788 + type = lib.types.bool; 785 789 default = true; 786 790 description = '' 787 791 Whether to load the APCu module into PHP. 788 792 ''; 789 793 }; 790 - redis = mkOption { 791 - type = types.bool; 794 + redis = lib.mkOption { 795 + type = lib.types.bool; 792 796 default = false; 793 797 description = '' 794 798 Whether to load the Redis module into PHP. ··· 796 800 See <https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/caching_configuration.html> 797 801 ''; 798 802 }; 799 - memcached = mkOption { 800 - type = types.bool; 803 + memcached = lib.mkOption { 804 + type = lib.types.bool; 801 805 default = false; 802 806 description = '' 803 807 Whether to load the Memcached module into PHP. ··· 807 811 }; 808 812 }; 809 813 autoUpdateApps = { 810 - enable = mkOption { 811 - type = types.bool; 814 + enable = lib.mkOption { 815 + type = lib.types.bool; 812 816 default = false; 813 817 description = '' 814 818 Run a regular auto-update of all apps installed from the Nextcloud app store. 815 819 ''; 816 820 }; 817 - startAt = mkOption { 818 - type = with types; either str (listOf str); 821 + startAt = lib.mkOption { 822 + type = lib.types.either lib.types.str (lib.types.listOf lib.types.str); 819 823 default = "05:00:00"; 820 824 example = "Sun 14:00:00"; 821 825 description = '' ··· 823 827 ''; 824 828 }; 825 829 }; 826 - occ = mkOption { 827 - type = types.package; 830 + occ = lib.mkOption { 831 + type = lib.types.package; 828 832 default = occ; 829 - defaultText = literalMD "generated script"; 833 + defaultText = lib.literalMD "generated script"; 830 834 description = '' 831 835 The nextcloud-occ program preconfigured to target this Nextcloud instance. 832 836 ''; 833 837 }; 834 838 835 - settings = mkOption { 836 - type = types.submodule { 839 + settings = lib.mkOption { 840 + type = lib.types.submodule { 837 841 freeformType = jsonFormat.type; 838 842 options = { 839 843 840 - loglevel = mkOption { 841 - type = types.ints.between 0 4; 844 + loglevel = lib.mkOption { 845 + type = lib.types.ints.between 0 4; 842 846 default = 2; 843 847 description = '' 844 848 Log level value between 0 (DEBUG) and 4 (FATAL). ··· 854 858 - 4 (fatal): Log only fatal errors that cause the server to stop. 855 859 ''; 856 860 }; 857 - log_type = mkOption { 858 - type = types.enum [ 861 + log_type = lib.mkOption { 862 + type = lib.types.enum [ 859 863 "errorlog" 860 864 "file" 861 865 "syslog" ··· 868 872 See the [nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/logging_configuration.html) for details. 869 873 ''; 870 874 }; 871 - skeletondirectory = mkOption { 875 + skeletondirectory = lib.mkOption { 872 876 default = ""; 873 - type = types.str; 877 + type = lib.types.str; 874 878 description = '' 875 879 The directory where the skeleton files are located. These files will be 876 880 copied to the data directory of new users. Leave empty to not copy any 877 881 skeleton files. 878 882 ''; 879 883 }; 880 - trusted_domains = mkOption { 881 - type = types.listOf types.str; 884 + trusted_domains = lib.mkOption { 885 + type = lib.types.listOf lib.types.str; 882 886 default = [ ]; 883 887 description = '' 884 888 Trusted domains, from which the nextcloud installation will be ··· 886 890 `services.nextcloud.hostname` here. 887 891 ''; 888 892 }; 889 - trusted_proxies = mkOption { 890 - type = types.listOf types.str; 893 + trusted_proxies = lib.mkOption { 894 + type = lib.types.listOf lib.types.str; 891 895 default = [ ]; 892 896 description = '' 893 897 Trusted proxies, to provide if the nextcloud installation is being 894 898 proxied to secure against e.g. spoofing. 895 899 ''; 896 900 }; 897 - overwriteprotocol = mkOption { 898 - type = types.enum [ 901 + overwriteprotocol = lib.mkOption { 902 + type = lib.types.enum [ 899 903 "" 900 904 "http" 901 905 "https" ··· 909 913 Nextcloud may be served via HTTPS. 910 914 ''; 911 915 }; 912 - default_phone_region = mkOption { 916 + default_phone_region = lib.mkOption { 913 917 default = ""; 914 - type = types.str; 918 + type = lib.types.str; 915 919 example = "DE"; 916 920 description = '' 917 921 An [ISO 3166-1](https://www.iso.org/iso-3166-country-codes.html) ··· 922 926 the `+49` prefix can be omitted for phone numbers. 923 927 ''; 924 928 }; 925 - "profile.enabled" = mkEnableOption "global profiles" // { 929 + "profile.enabled" = lib.mkEnableOption "global profiles" // { 926 930 description = '' 927 931 Makes user-profiles globally available under `nextcloud.tld/u/user.name`. 928 932 Even though it's enabled by default in Nextcloud, it must be explicitly enabled ··· 947 951 description = '' 948 952 Extra options which should be appended to Nextcloud's config.php file. 949 953 ''; 950 - example = literalExpression '' 954 + example = lib.literalExpression '' 951 955 { 952 956 redis = { 953 957 host = "/run/redis/redis.sock"; ··· 960 964 ''; 961 965 }; 962 966 963 - secretFile = mkOption { 964 - type = types.nullOr types.str; 967 + secretFile = lib.mkOption { 968 + type = lib.types.nullOr lib.types.str; 965 969 default = null; 966 970 description = '' 967 971 Secret options which will be appended to Nextcloud's config.php file (written as JSON, in the same ··· 971 975 }; 972 976 973 977 nginx = { 974 - recommendedHttpHeaders = mkOption { 975 - type = types.bool; 978 + recommendedHttpHeaders = lib.mkOption { 979 + type = lib.types.bool; 976 980 default = true; 977 981 description = "Enable additional recommended HTTP response headers"; 978 982 }; 979 - hstsMaxAge = mkOption { 980 - type = types.ints.positive; 983 + hstsMaxAge = lib.mkOption { 984 + type = lib.types.ints.positive; 981 985 default = 15552000; 982 986 description = '' 983 987 Value for the `max-age` directive of the HTTP ··· 987 991 directive and header. 988 992 ''; 989 993 }; 990 - enableFastcgiRequestBuffering = mkOption { 991 - type = types.bool; 994 + enableFastcgiRequestBuffering = lib.mkOption { 995 + type = lib.types.bool; 992 996 default = false; 993 997 description = '' 994 998 Whether to buffer requests against fastcgi requests. This is a workaround ··· 1006 1010 }; 1007 1011 }; 1008 1012 1009 - cli.memoryLimit = mkOption { 1010 - type = types.nullOr types.str; 1013 + cli.memoryLimit = lib.mkOption { 1014 + type = lib.types.nullOr lib.types.str; 1011 1015 default = null; 1012 1016 example = "1G"; 1013 1017 description = '' ··· 1036 1040 ''; 1037 1041 1038 1042 in 1039 - (optional (cfg.poolConfig != null) '' 1043 + (lib.optional (cfg.poolConfig != null) '' 1040 1044 Using config.services.nextcloud.poolConfig is deprecated and will become unsupported in a future release. 1041 1045 Please migrate your configuration to config.services.nextcloud.poolSettings. 1042 1046 '') 1043 - ++ (optional (cfg.config.dbtableprefix != null) '' 1047 + ++ (lib.optional (cfg.config.dbtableprefix != null) '' 1044 1048 Using `services.nextcloud.config.dbtableprefix` is deprecated. Fresh installations with this 1045 1049 option set are not allowed anymore since v20. 1046 1050 1047 1051 If you have an existing installation with a custom table prefix, make sure it is 1048 1052 set correctly in `config.php` and remove the option from your NixOS config. 1049 1053 '') 1050 - ++ (optional (versionOlder overridePackage.version "26") (upgradeWarning 25 "23.05")) 1051 - ++ (optional (versionOlder overridePackage.version "27") (upgradeWarning 26 "23.11")) 1052 - ++ (optional (versionOlder overridePackage.version "28") (upgradeWarning 27 "24.05")) 1053 - ++ (optional (versionOlder overridePackage.version "29") (upgradeWarning 28 "24.11")) 1054 - ++ (optional (versionOlder overridePackage.version "30") (upgradeWarning 29 "24.11")) 1055 - ++ (optional (versionOlder overridePackage.version "31") (upgradeWarning 30 "25.05")); 1054 + ++ (lib.optional (lib.versionOlder overridePackage.version "26") (upgradeWarning 25 "23.05")) 1055 + ++ (lib.optional (lib.versionOlder overridePackage.version "27") (upgradeWarning 26 "23.11")) 1056 + ++ (lib.optional (lib.versionOlder overridePackage.version "28") (upgradeWarning 27 "24.05")) 1057 + ++ (lib.optional (lib.versionOlder overridePackage.version "29") (upgradeWarning 28 "24.11")) 1058 + ++ (lib.optional (lib.versionOlder overridePackage.version "30") (upgradeWarning 29 "24.11")) 1059 + ++ (lib.optional (lib.versionOlder overridePackage.version "31") (upgradeWarning 30 "25.05")); 1056 1060 1057 1061 services.nextcloud.package = 1058 1062 with pkgs; 1059 - mkDefault ( 1063 + lib.mkDefault ( 1060 1064 if pkgs ? nextcloud then 1061 1065 throw '' 1062 1066 The `pkgs.nextcloud`-attribute has been removed. If it's supposed to be the default ··· 1074 1078 ); 1075 1079 1076 1080 services.nextcloud.phpOptions = mkMerge [ 1077 - (mapAttrs (const mkOptionDefault) defaultPHPSettings) 1081 + (lib.mapAttrs (lib.const lib.mkOptionDefault) defaultPHPSettings) 1078 1082 { 1079 1083 upload_max_filesize = cfg.maxUploadSize; 1080 1084 post_max_size = cfg.maxUploadSize; ··· 1163 1167 arg = "ADMINPASS"; 1164 1168 value = ''"$(<"$CREDENTIALS_DIRECTORY/adminpass")"''; 1165 1169 }; 1166 - installFlags = concatStringsSep " \\\n " ( 1167 - mapAttrsToList (k: v: "${k} ${toString v}") { 1170 + installFlags = lib.concatStringsSep " \\\n " ( 1171 + lib.mapAttrsToList (k: v: "${k} ${toString v}") { 1168 1172 "--database" = ''"${c.dbtype}"''; 1169 1173 # The following attributes are optional depending on the type of 1170 1174 # database. Those that evaluate to null on the left hand side ··· 1185 1189 ${lib.getExe occ} maintenance:install \ 1186 1190 ${installFlags} 1187 1191 ''; 1188 - occSetTrustedDomainsCmd = concatStringsSep "\n" ( 1189 - imap0 (i: v: '' 1192 + occSetTrustedDomainsCmd = lib.concatStringsSep "\n" ( 1193 + lib.imap0 (i: v: '' 1190 1194 ${lib.getExe occ} config:system:set trusted_domains \ 1191 1195 ${toString i} --value="${toString v}" 1192 1196 '') (lib.unique ([ cfg.hostName ] ++ cfg.settings.trusted_domains)) ··· 1197 1201 wantedBy = [ "multi-user.target" ]; 1198 1202 wants = [ "nextcloud-update-db.service" ]; 1199 1203 before = [ "phpfpm-nextcloud.service" ]; 1200 - after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; 1201 - requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; 1204 + after = lib.optional mysqlLocal "mysql.service" ++ lib.optional pgsqlLocal "postgresql.target"; 1205 + requires = lib.optional mysqlLocal "mysql.service" ++ lib.optional pgsqlLocal "postgresql.target"; 1202 1206 path = [ occ ]; 1203 1207 restartTriggers = [ overrideConfig ]; 1204 1208 script = '' 1205 - ${optionalString (c.dbpassFile != null) '' 1209 + ${lib.optionalString (c.dbpassFile != null) '' 1206 1210 if [ -z "$(<"$CREDENTIALS_DIRECTORY/dbpass")" ]; then 1207 1211 echo "dbpassFile ${c.dbpassFile} is empty!" 1208 1212 exit 1 ··· 1222 1226 exit 1 1223 1227 fi 1224 1228 1225 - ${concatMapStrings 1229 + ${lib.concatMapStrings 1226 1230 (name: '' 1227 1231 if [ -d "${cfg.home}"/${name} ]; then 1228 1232 echo "Cleaning up ${name}; these are now bundled in the webroot store-path!" ··· 1244 1248 1245 1249 ${lib.getExe occ} config:system:delete trusted_domains 1246 1250 1247 - ${optionalString (cfg.extraAppsEnable && cfg.extraApps != { }) '' 1251 + ${lib.optionalString (cfg.extraAppsEnable && cfg.extraApps != { }) '' 1248 1252 # Try to enable apps 1249 - ${lib.getExe occ} app:enable ${concatStringsSep " " (attrNames cfg.extraApps)} 1253 + ${lib.getExe occ} app:enable ${lib.concatStringsSep " " (lib.attrNames cfg.extraApps)} 1250 1254 ''} 1251 1255 1252 1256 ${occSetTrustedDomainsCmd} ··· 1356 1360 PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin"; 1357 1361 }; 1358 1362 settings = 1359 - mapAttrs (name: mkDefault) { 1363 + lib.mapAttrs (name: lib.mkDefault) { 1360 1364 "listen.owner" = config.services.nginx.user; 1361 1365 "listen.group" = config.services.nginx.group; 1362 1366 } ··· 1410 1414 services.nextcloud = { 1411 1415 caching.redis = lib.mkIf cfg.configureRedis true; 1412 1416 settings = mkMerge [ 1413 - ({ 1417 + { 1414 1418 datadirectory = lib.mkDefault "${datadir}/data"; 1415 1419 trusted_domains = [ cfg.hostName ]; 1416 1420 "upgrade.disable-web" = true; 1417 1421 # NixOS already provides its own integrity check and the nix store is read-only, therefore Nextcloud does not need to do its own integrity checks. 1418 1422 "integrity.check.disabled" = true; 1419 - }) 1423 + } 1420 1424 (lib.mkIf cfg.configureRedis { 1421 1425 "memcache.distributed" = ''\OC\Memcache\Redis''; 1422 1426 "memcache.locking" = ''\OC\Memcache\Redis''; ··· 1428 1432 ]; 1429 1433 }; 1430 1434 1431 - services.nginx.enable = mkDefault true; 1435 + services.nginx.enable = lib.mkDefault true; 1432 1436 1433 1437 services.nginx.virtualHosts.${cfg.hostName} = { 1434 1438 root = webroot; ··· 1527 1531 }; 1528 1532 extraConfig = '' 1529 1533 index index.php index.html /index.php$request_uri; 1530 - ${optionalString (cfg.nginx.recommendedHttpHeaders) '' 1534 + ${lib.optionalString (cfg.nginx.recommendedHttpHeaders) '' 1531 1535 add_header X-Content-Type-Options nosniff; 1532 1536 add_header X-XSS-Protection "1; mode=block"; 1533 1537 add_header X-Robots-Tag "noindex, nofollow"; ··· 1535 1539 add_header X-Frame-Options sameorigin; 1536 1540 add_header Referrer-Policy no-referrer; 1537 1541 ''} 1538 - ${optionalString (cfg.https) '' 1542 + ${lib.optionalString (cfg.https) '' 1539 1543 add_header Strict-Transport-Security "max-age=${toString cfg.nginx.hstsMaxAge}; includeSubDomains" always; 1540 1544 ''} 1541 1545 client_max_body_size ${cfg.maxUploadSize}; ··· 1548 1552 gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; 1549 1553 gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; 1550 1554 1551 - ${optionalString cfg.webfinger '' 1555 + ${lib.optionalString cfg.webfinger '' 1552 1556 rewrite ^/.well-known/host-meta /public.php?service=host-meta last; 1553 1557 rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; 1554 1558 ''} ··· 1558 1562 ]); 1559 1563 1560 1564 meta.doc = ./nextcloud.md; 1561 - meta.maintainers = teams.nextcloud.members; 1565 + meta.maintainers = lib.teams.nextcloud.members; 1562 1566 }