nextcloud: restrict web server support to nginx only

nixos/modules/services/web-apps/nextcloud.nix

@@ -6,9 +6,6 @@ let
   cfg = config.services.nextcloud;
   fpm = config.services.phpfpm.pools.nextcloud;
 
-  group = if cfg.nginx.enable then config.services.nginx.group else cfg.group;
-  serverUser = if cfg.nginx.enable then config.services.nginx.user else cfg.serverUser;
-
   phpPackage =
     let
       base = pkgs.php74;
@@ -74,10 +71,6 @@ in {
       description = "Which package to use for the Nextcloud instance.";
       relatedPackages = [ "nextcloud17" "nextcloud18" "nextcloud19" ];
     };
-    serverUser = mkOption {
-      type = types.str;
-      description = "Must be set to the user of the webserver if nginx is not used.";
-    };
 
     maxUploadSize = mkOption {
       default = "512M";
@@ -98,16 +91,6 @@ in {
       '';
     };
 
-    nginx.enable = mkOption {
-      type = types.bool;
-      default = true;
-      description = ''
-        Whether to enable nginx virtual host management.
-        Further nginx configuration can be done by adapting <literal>services.nginx.virtualHosts.&lt;name&gt;</literal>.
-        See <xref linkend="opt-services.nginx.virtualHosts"/> for further information.
-      '';
-    };
-
     webfinger = mkOption {
       type = types.bool;
       default = false;
@@ -329,12 +312,6 @@ in {
             && !(acfg.adminpass != null && acfg.adminpassFile != null));
           message = "Please specify exactly one of adminpass or adminpassFile";
         }
-        { assertion = cfg.nginx.enable -> (cfg.serverUser == null);
-          message = "serverUser cannot be set if nginx is used";
-        }
-        { assertion = ! cfg.nginx.enable -> ( hasAttr cfg.serverUser config.users.users);
-          message = "configured serverUser '${cfg.serverUser}' doesn't exist";
-        }
       ];
 
       warnings = []
@@ -522,8 +499,8 @@ in {
             PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin";
           };
           settings = mapAttrs (name: mkDefault) {
-            "listen.owner" = serverUser;
-            "listen.group" = config.users.users.${serverUser}.group;
+            "listen.owner" = config.services.nginx.user;
+            "listen.group" = config.users.users.${config.services.nginx.user}.group;
           } // cfg.poolSettings;
           extraConfig = cfg.poolConfig;
         };
@@ -534,16 +511,12 @@ in {
         group = "nextcloud";
         createHome = true;
       };
-      users.groups.nextcloud.members = [ "nextcloud" "${serverUser}" ];
+      users.groups.nextcloud.members = [ "nextcloud" config.services.nginx.user ];
 
       environment.systemPackages = [ occ ];
-    }
     
-    (mkIf cfg.nginx.enable {
-      services.nginx = {
-        enable = true;
-        virtualHosts = {
-          ${cfg.hostName} = {
+      services.nginx.enable = true;
+      services.nginx.virtualHosts.${cfg.hostName} = {
         root = cfg.package;
         locations = {
           "= /robots.txt" = {
@@ -642,9 +615,7 @@ in {
           ''}
         '';
       };
-        };
-      };
-    })
+    }
   ]);
 
   meta.doc = ./nextcloud.xml;