Merge pull request 'enable nextcloud appstore' (#33) from enable-nextcloud-appstore into main

Reviewed-on: #33
2023-04-23 17:42:22 +00:00 · 2023-04-23 17:42:22 +00:00 · c80bdb1a39
commit c80bdb1a39
parent bc12e7033a 55a219670b
4 changed files with 108 additions and 107 deletions
--- a/config/services/nextcloud.nix
+++ b/config/services/nextcloud.nix
@ -4,6 +4,7 @@
  ...
 }: {
  services.nextcloud = {
+    appstoreEnable = true;
    caching.redis = true;
    config = {
      adminpassFile = config.sops.secrets."services/nextcloud/adminpass".path;
--- a/flake.nix
+++ b/flake.nix
@ -69,7 +69,7 @@ rec {
      inputs.attic.follows = "attic";
      inputs.flake-utils.follows = "flake-utils";
      inputs.nixpkgs.follows = "nixpkgs";
-#      inputs.hydra.follows = "hydra";
+      #      inputs.hydra.follows = "hydra";
    };
    nixos-config-for-netboot.url = "github:DarkKirb/nixos-config/c9c3d16b23042a25f504a6d71e7075318f1137f8";
    nixos-hardware.url = "github:NixOS/nixos-hardware";
--- a/modules/gitea.nix
+++ b/modules/gitea.nix
@ -58,57 +58,58 @@ in {
        lfsJwtSecret = "${cfg.customDir}/conf/lfs_jwt_secret"; # new file for LFS_JWT_SECRET
        internalToken = "${cfg.customDir}/conf/internal_token";
        replaceSecretBin = "${pkgs.replace-secret}/bin/replace-secret";
-      in lib.mkForce ''
-        # copy custom configuration and generate random secrets if needed
-        ${optionalString (!cfg.useWizard) ''
-          function gitea_setup {
-            cp -f '${configFile}' '${runConfig}'
-            if [ ! -s '${secretKey}' ]; then
-                ${exe} generate secret SECRET_KEY > '${secretKey}'
-            fi
-            # Migrate LFS_JWT_SECRET filename
-            if [[ -s '${oldLfsJwtSecret}' && ! -s '${lfsJwtSecret}' ]]; then
-                mv '${oldLfsJwtSecret}' '${lfsJwtSecret}'
-            fi
-            if [ ! -s '${oauth2JwtSecret}' ]; then
-                ${exe} generate secret JWT_SECRET > '${oauth2JwtSecret}'
-            fi
-            ${lib.optionalString cfg.lfs.enable ''
-            if [ ! -s '${lfsJwtSecret}' ]; then
-                ${exe} generate secret LFS_JWT_SECRET > '${lfsJwtSecret}'
-            fi
+      in
+        lib.mkForce ''
+          # copy custom configuration and generate random secrets if needed
+          ${optionalString (!cfg.useWizard) ''
+            function gitea_setup {
+              cp -f '${configFile}' '${runConfig}'
+              if [ ! -s '${secretKey}' ]; then
+                  ${exe} generate secret SECRET_KEY > '${secretKey}'
+              fi
+              # Migrate LFS_JWT_SECRET filename
+              if [[ -s '${oldLfsJwtSecret}' && ! -s '${lfsJwtSecret}' ]]; then
+                  mv '${oldLfsJwtSecret}' '${lfsJwtSecret}'
+              fi
+              if [ ! -s '${oauth2JwtSecret}' ]; then
+                  ${exe} generate secret JWT_SECRET > '${oauth2JwtSecret}'
+              fi
+              ${lib.optionalString cfg.lfs.enable ''
+              if [ ! -s '${lfsJwtSecret}' ]; then
+                  ${exe} generate secret LFS_JWT_SECRET > '${lfsJwtSecret}'
+              fi
+            ''}
+              if [ ! -s '${internalToken}' ]; then
+                  ${exe} generate secret INTERNAL_TOKEN > '${internalToken}'
+              fi
+              chmod u+w '${runConfig}'
+              ${replaceSecretBin} '#secretkey#' '${secretKey}' '${runConfig}'
+              ${replaceSecretBin} '#dbpass#' '${cfg.database.passwordFile}' '${runConfig}'
+              ${replaceSecretBin} '#oauth2jwtsecret#' '${oauth2JwtSecret}' '${runConfig}'
+              ${replaceSecretBin} '#internaltoken#' '${internalToken}' '${runConfig}'
+              ${lib.optionalString cfg.lfs.enable ''
+              ${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}'
+            ''}
+              ${lib.optionalString (cfg.mailerPasswordFile != null) ''
+              ${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}'
+            ''}
+              ${lib.optionalString (cfg.storageSecretFile != null) ''
+              ${replaceSecretBin} '#storageSecret#' '${cfg.storageSecretFile}' '${runConfig}'
+            ''}
+              chmod u-w '${runConfig}'
+            }
+            (umask 027; gitea_setup)
          ''}
-            if [ ! -s '${internalToken}' ]; then
-                ${exe} generate secret INTERNAL_TOKEN > '${internalToken}'
-            fi
-            chmod u+w '${runConfig}'
-            ${replaceSecretBin} '#secretkey#' '${secretKey}' '${runConfig}'
-            ${replaceSecretBin} '#dbpass#' '${cfg.database.passwordFile}' '${runConfig}'
-            ${replaceSecretBin} '#oauth2jwtsecret#' '${oauth2JwtSecret}' '${runConfig}'
-            ${replaceSecretBin} '#internaltoken#' '${internalToken}' '${runConfig}'
-            ${lib.optionalString cfg.lfs.enable ''
-            ${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}'
-          ''}
-            ${lib.optionalString (cfg.mailerPasswordFile != null) ''
-            ${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}'
-          ''}
-            ${lib.optionalString (cfg.storageSecretFile != null) ''
-            ${replaceSecretBin} '#storageSecret#' '${cfg.storageSecretFile}' '${runConfig}'
-          ''}
-            chmod u-w '${runConfig}'
-          }
-          (umask 027; gitea_setup)
-        ''}
-        # run migrations/init the database
-        ${exe} migrate
-        # update all hooks' binary paths
-        ${exe} admin regenerate hooks
-        # update command option in authorized_keys
-        if [ -r ${cfg.stateDir}/.ssh/authorized_keys ]
-        then
-          ${exe} admin regenerate keys
-        fi
-      '';
+          # run migrations/init the database
+          ${exe} migrate
+          # update all hooks' binary paths
+          ${exe} admin regenerate hooks
+          # update command option in authorized_keys
+          if [ -r ${cfg.stateDir}/.ssh/authorized_keys ]
+          then
+            ${exe} admin regenerate keys
+          fi
+        '';
    };
  };
 }
--- a/overlays/default.nix
+++ b/overlays/default.nix
@ -2,63 +2,62 @@ inputs: system: self: prev: let
  inherit (inputs) nixpkgs nixpkgs-noto-variable nix-packages;
  noto-variable = import nixpkgs-noto-variable {inherit system;};
 in
-  with nixpkgs.legacyPackages.${system};
-    {
-      mosh = prev.mosh.overrideAttrs (old: {
-        patches = [
-          ./mosh/ssh_path.patch
-          ./mosh/mosh-client_path.patch
-          ./mosh/utempter_path.patch
-          ./mosh/bash_completion_datadir.patch
-        ];
-        postPatch = ''
-          substituteInPlace scripts/mosh.pl \
-            --subst-var-by ssh "${openssh}/bin/ssh" \
-            --subst-var-by mosh-client "$out/bin/mosh-client"
-        '';
-        version = "2022-02-04";
-        src = prev.fetchFromGitHub {
-          owner = "mobile-shell";
-          repo = "mosh";
-          rev = "dbe419d0e069df3fedc212d456449f64d0280c76";
-          sha256 = "09mvk9zxclkf4wrkkfzg0p2hx1f74gpymr0a0l3pckmk6za2n3d1";
+  with nixpkgs.legacyPackages.${system}; {
+    mosh = prev.mosh.overrideAttrs (old: {
+      patches = [
+        ./mosh/ssh_path.patch
+        ./mosh/mosh-client_path.patch
+        ./mosh/utempter_path.patch
+        ./mosh/bash_completion_datadir.patch
+      ];
+      postPatch = ''
+        substituteInPlace scripts/mosh.pl \
+          --subst-var-by ssh "${openssh}/bin/ssh" \
+          --subst-var-by mosh-client "$out/bin/mosh-client"
+      '';
+      version = "2022-02-04";
+      src = prev.fetchFromGitHub {
+        owner = "mobile-shell";
+        repo = "mosh";
+        rev = "dbe419d0e069df3fedc212d456449f64d0280c76";
+        sha256 = "09mvk9zxclkf4wrkkfzg0p2hx1f74gpymr0a0l3pckmk6za2n3d1";
+      };
+    });
+    inherit (noto-variable) noto-fonts-cjk;
+    nix = prev.nix.overrideAttrs (old: {
+      postPatchPhase = ''
+        sed 's/getBoolAttr."allowSubstitutes", true./true/' src/libstore/parsed-derivations.cc
+      '';
+      checkPhase = "true";
+      installCheckPhase = "true";
+    });
+    rnix-lsp = with prev;
+      rustPlatform.buildRustPackage {
+        pname = "rnix-lsp";
+        version = "0.3.0-alejandra";
+
+        src = fetchFromGitHub {
+          owner = "nix-community";
+          repo = "rnix-lsp";
+          # https://github.com/nix-community/rnix-lsp/pull/89
+          rev = "9189b50b34285b2a9de36a439f6c990fd283c9c7";
+          sha256 = "sha256-ZnUtvwkcz7QlAiqQxhI4qVUhtVR+thLhG3wQlle7oZg=";
        };
-      });
-      inherit (noto-variable) noto-fonts-cjk;
-      nix = prev.nix.overrideAttrs (old: {
-        postPatchPhase = ''
-          sed 's/getBoolAttr."allowSubstitutes", true./true/' src/libstore/parsed-derivations.cc
-        '';
+
+        cargoSha256 = "sha256-VhE+DspQ0IZKf7rNkERA/gD7iMzjW4TnRSnYy1gdV0s=";
+        cargoBuildFlags = ["--no-default-features" "--features" "alejandra"];
+
        checkPhase = "true";
-        installCheckPhase = "true";
-      });
-      rnix-lsp = with prev;
-        rustPlatform.buildRustPackage {
-          pname = "rnix-lsp";
-          version = "0.3.0-alejandra";

-          src = fetchFromGitHub {
-            owner = "nix-community";
-            repo = "rnix-lsp";
-            # https://github.com/nix-community/rnix-lsp/pull/89
-            rev = "9189b50b34285b2a9de36a439f6c990fd283c9c7";
-            sha256 = "sha256-ZnUtvwkcz7QlAiqQxhI4qVUhtVR+thLhG3wQlle7oZg=";
-          };
-
-          cargoSha256 = "sha256-VhE+DspQ0IZKf7rNkERA/gD7iMzjW4TnRSnYy1gdV0s=";
-          cargoBuildFlags = ["--no-default-features" "--features" "alejandra"];
-
-          checkPhase = "true";
-
-          meta = with lib; {
-            description = "A work-in-progress language server for Nix, with syntax checking and basic completion";
-            license = licenses.mit;
-            maintainers = with maintainers; [ma27];
-          };
+        meta = with lib; {
+          description = "A work-in-progress language server for Nix, with syntax checking and basic completion";
+          license = licenses.mit;
+          maintainers = with maintainers; [ma27];
        };
-      hydra-unsstable = nix-packages.packages.${system}.hydra.overrideAttrs (super: {
-        doCheck = false;
-        checkPhase = "";
-        installCheckPhase = "";
-      });
-    }
+      };
+    hydra-unsstable = nix-packages.packages.${system}.hydra.overrideAttrs (super: {
+      doCheck = false;
+      checkPhase = "";
+      installCheckPhase = "";
+    });
+  }