mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-07-14 14:10:33 +03:00
Merge pull request #63900 from Ma27/nextcloud-declarative-dbconfig
nixos/nextcloud: write config to additional config file
This commit is contained in:
Robin Gloster
GitHub
commit
e891178dde
4 changed files with 74 additions and 47 deletions
|
|
@ -297,8 +297,23 @@ in {
|
|||
|
||||
systemd.services = {
|
||||
"nextcloud-setup" = let
|
||||
c = cfg.config;
|
||||
writePhpArrary = a: "[${concatMapStringsSep "," (val: ''"${toString val}"'') a}]";
|
||||
overrideConfig = pkgs.writeText "nextcloud-config.php" ''
|
||||
<?php
|
||||
${optionalString (c.dbpassFile != null) ''
|
||||
function nix_read_pwd() {
|
||||
$file = "${c.dbpassFile}";
|
||||
if (!file_exists($file)) {
|
||||
throw new \RuntimeException(sprintf(
|
||||
"Cannot start Nextcloud, dbpass file %s set by NixOS doesn't exist!",
|
||||
$file
|
||||
));
|
||||
}
|
||||
|
||||
return trim(file_get_contents($file));
|
||||
}
|
||||
''}
|
||||
$CONFIG = [
|
||||
'apps_paths' => [
|
||||
[ 'path' => '${cfg.home}/apps', 'url' => '/apps', 'writable' => false ],
|
||||
|
|
@ -309,19 +324,27 @@ in {
|
|||
${optionalString cfg.caching.apcu "'memcache.local' => '\\OC\\Memcache\\APCu',"}
|
||||
'log_type' => 'syslog',
|
||||
'log_level' => '${builtins.toString cfg.logLevel}',
|
||||
${optionalString (cfg.config.overwriteProtocol != null) "'overwriteprotocol' => '${cfg.config.overwriteProtocol}',"}
|
||||
${optionalString (c.overwriteProtocol != null) "'overwriteprotocol' => '${c.overwriteProtocol}',"}
|
||||
${optionalString (c.dbname != null) "'dbname' => '${c.dbname}',"}
|
||||
${optionalString (c.dbhost != null) "'dbhost' => '${c.dbhost}',"}
|
||||
${optionalString (c.dbport != null) "'dbport' => '${toString c.dbport}',"}
|
||||
${optionalString (c.dbuser != null) "'dbuser' => '${c.dbuser}',"}
|
||||
${optionalString (c.dbtableprefix != null) "'dbtableprefix' => '${toString c.dbtableprefix}',"}
|
||||
${optionalString (c.dbpass != null) "'dbpassword' => '${c.dbpass}',"}
|
||||
${optionalString (c.dbpassFile != null) "'dbpassword' => nix_read_pwd(),"}
|
||||
'dbtype' => '${c.dbtype}',
|
||||
'trusted_domains' => ${writePhpArrary c.extraTrustedDomains},
|
||||
];
|
||||
'';
|
||||
occInstallCmd = let
|
||||
c = cfg.config;
|
||||
adminpass = if c.adminpassFile != null
|
||||
then ''"$(<"${toString c.adminpassFile}")"''
|
||||
else ''"${toString c.adminpass}"'';
|
||||
dbpass = if c.dbpassFile != null
|
||||
then ''"$(<"${toString c.dbpassFile}")"''
|
||||
else if c.dbpass != null
|
||||
then ''"${toString c.dbpass}"''
|
||||
else null;
|
||||
adminpass = if c.adminpassFile != null
|
||||
then ''"$(<"${toString c.adminpassFile}")"''
|
||||
else ''"${toString c.adminpass}"'';
|
||||
installFlags = concatStringsSep " \\\n "
|
||||
(mapAttrsToList (k: v: "${k} ${toString v}") {
|
||||
"--database" = ''"${c.dbtype}"'';
|
||||
|
|
|
|||
|
|
@ -42,10 +42,12 @@
|
|||
|
||||
services.postgresql = {
|
||||
<link linkend="opt-services.postgresql.enable">enable</link> = true;
|
||||
<link linkend="opt-services.postgresql.initialScript">initialScript</link> = pkgs.writeText "psql-init" ''
|
||||
CREATE ROLE nextcloud WITH LOGIN;
|
||||
CREATE DATABASE nextcloud WITH OWNER nextcloud;
|
||||
'';
|
||||
<link linkend="opt-services.postgresql.ensureDatabases">ensureDatabases</link> = [ "nextcloud" ];
|
||||
<link linkend="opt-services.postgresql.ensureUsers">ensureUsers</link> = [
|
||||
{ name = "nextcloud";
|
||||
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
# ensure that postgres is running *before* running the setup
|
||||
|
|
@ -63,17 +65,22 @@
|
|||
are used internally to configure an HTTP server using
|
||||
<literal><link xlink:href="https://php-fpm.org/">PHP-FPM</link></literal>
|
||||
and <literal>nginx</literal>. The <literal>config</literal> attribute set is
|
||||
used for the <literal>config.php</literal> which is used for the
|
||||
application's configuration. <emphasis>Beware: this isn't entirely pure
|
||||
since the config is modified by the application's runtime!</emphasis>
|
||||
used by the imperative installer and all values are written to an additional file
|
||||
to ensure that changes can be applied by changing the module's options.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
In case the application serves multiple hosts (those are checked with
|
||||
In case the application serves multiple domains (those are checked with
|
||||
<literal><link xlink:href="http://php.net/manual/en/reserved.variables.server.php">$_SERVER['HTTP_HOST']</link></literal>)
|
||||
those can be added using
|
||||
it's needed to add them to
|
||||
<literal><link linkend="opt-services.nextcloud.config.extraTrustedDomains">services.nextcloud.config.extraTrustedDomains</link></literal>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Auto updates for Nextcloud apps can be enabled using
|
||||
<literal><link linkend="opt-services.nextcloud.autoUpdateApps.enable">services.nextcloud.autoUpdateApps</link></literal>.
|
||||
</para>
|
||||
|
||||
</section>
|
||||
<section xml:id="module-services-nextcloud-pitfalls-during-upgrade">
|
||||
<title>Pitfalls</title>
|
||||
|
|
@ -87,35 +94,24 @@
|
|||
</para>
|
||||
|
||||
<para>
|
||||
Right now changes to the <literal>services.nextcloud.config</literal>
|
||||
attribute set won't take effect after the first install (except
|
||||
<literal><link linkend="opt-services.nextcloud.config.extraTrustedDomains">services.nextcloud.config.extraTrustedDomains</link></literal>)
|
||||
since the actual configuration file is generated by the NextCloud installer
|
||||
which also sets up critical parts such as the database structure.
|
||||
All configuration parameters are also stored in
|
||||
<literal>/var/lib/nextcloud/config/override.config.php</literal> which is generated by
|
||||
the module and linked from the store to ensure that all values from <literal>config.php</literal>
|
||||
can be modified by the module.
|
||||
However <literal>config.php</literal> manages the application's state and shouldn't be touched
|
||||
manually because of that.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
<emphasis>Warning: don't delete <literal>config.php</literal>! This file
|
||||
<warning>
|
||||
<para>Don't delete <literal>config.php</literal>! This file
|
||||
tracks the application's state and a deletion can cause unwanted
|
||||
side-effects!</emphasis>
|
||||
</para>
|
||||
side-effects!</para>
|
||||
</warning>
|
||||
|
||||
<para>
|
||||
<emphasis>Warning: don't rerun <literal>nextcloud-occ
|
||||
<warning>
|
||||
<para>Don't rerun <literal>nextcloud-occ
|
||||
maintenance:install</literal>! This command tries to install the application
|
||||
and can cause unwanted side-effects!</emphasis>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The issues are known and reported in
|
||||
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/49783">#49783</link>,
|
||||
for now it's unfortunately necessary to manually work around these issues.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Right now app installation and configuration is done imperatively in the nextcloud web ui or via the <literal>nextcloud-occ</literal> command line utility.
|
||||
You can activate auto updates for your apps via
|
||||
<literal><link linkend="opt-services.nextcloud.autoUpdateApps.enable">services.nextcloud.autoUpdateApps</link></literal>.
|
||||
</para>
|
||||
and can cause unwanted side-effects!</para>
|
||||
</warning>
|
||||
</section>
|
||||
</chapter>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue