Switch to using volumes
This commit is contained in:
parent
d1d29056e8
commit
e170fbe469
|
|
@ -14,8 +14,6 @@ let
|
||||||
mapAttrsToList (var: val: ''${var}="${toString val}"'') envVars;
|
mapAttrsToList (var: val: ''${var}="${toString val}"'') envVars;
|
||||||
in pkgs.writeText "envFile" (concatStringsSep "\n" envLines);
|
in pkgs.writeText "envFile" (concatStringsSep "\n" envLines);
|
||||||
|
|
||||||
mkUserMap = uid: "${toString uid}:${toString uid}";
|
|
||||||
|
|
||||||
postgresPasswdFile =
|
postgresPasswdFile =
|
||||||
pkgs.lib.passwd.stablerandom-passwd-file "nextcloud-postgres-passwd"
|
pkgs.lib.passwd.stablerandom-passwd-file "nextcloud-postgres-passwd"
|
||||||
config.instance.build-seed;
|
config.instance.build-seed;
|
||||||
|
|
@ -45,18 +43,6 @@ in {
|
||||||
default = { };
|
default = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
uids = {
|
|
||||||
nextcloud = mkOption {
|
|
||||||
type = int;
|
|
||||||
default = 740;
|
|
||||||
};
|
|
||||||
|
|
||||||
postgres = mkOption {
|
|
||||||
type = int;
|
|
||||||
default = 741;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
port = mkOption {
|
port = mkOption {
|
||||||
type = port;
|
type = port;
|
||||||
description = "Intenal port on which to listen for requests.";
|
description = "Intenal port on which to listen for requests.";
|
||||||
|
|
@ -70,21 +56,13 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
systemd = {
|
# systemd = {
|
||||||
tmpfiles.rules = [
|
# tmpfiles.rules = [
|
||||||
"d ${cfg.state-directory}/home 0700 nextcloud root - -"
|
# "d ${cfg.state-directory}/home 0700 root root - -"
|
||||||
"d ${cfg.state-directory}/data 0700 nextcloud root - -"
|
# "d ${cfg.state-directory}/data 0700 root root - -"
|
||||||
"d ${cfg.state-directory}/postgres 0700 nextcloud root - -"
|
# "d ${cfg.state-directory}/postgres 0700 root root - -"
|
||||||
];
|
# ];
|
||||||
};
|
# };
|
||||||
|
|
||||||
users.users = {
|
|
||||||
nextcloud = {
|
|
||||||
isSystemUser = true;
|
|
||||||
group = "nextcloud";
|
|
||||||
uid = cfg.uids.nextcloud;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
fudo.secrets.host-secrets."${hostname}" = {
|
fudo.secrets.host-secrets."${hostname}" = {
|
||||||
nextcloudAdminPasswd = {
|
nextcloudAdminPasswd = {
|
||||||
|
|
@ -130,16 +108,20 @@ in {
|
||||||
service = {
|
service = {
|
||||||
restart = "always";
|
restart = "always";
|
||||||
volumes = [
|
volumes = [
|
||||||
"${cfg.state-directory}/home:/var/lib/nextcloud/home"
|
"nextcloud-home:/var/lib/nextcloud/home"
|
||||||
"${cfg.state-directory}/data:/var/lib/nextcloud/data"
|
"nextcloud-data:/var/lib/nextcloud/data"
|
||||||
"${hostSecrets.nextcloudAdminPasswd.target-file}:/run/nextcloud/admin.passwd:ro,Z"
|
"${hostSecrets.nextcloudAdminPasswd.target-file}:/run/nextcloud/admin.passwd:ro,Z"
|
||||||
"${cfg.state-directory}/postgres:/var/lib/postgresql"
|
"postgres-data:/var/lib/postgresql"
|
||||||
];
|
];
|
||||||
user = mkUserMap cfg.uids.nextcloud;
|
|
||||||
ports = [ "${toString cfg.port}:80" ];
|
ports = [ "${toString cfg.port}:80" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
volumes = {
|
||||||
|
postgres-data = { };
|
||||||
|
nextcloud-data = { };
|
||||||
|
nextcloud-home = { };
|
||||||
|
};
|
||||||
};
|
};
|
||||||
in { imports = [ image ]; };
|
in { imports = [ image ]; };
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue