public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #141129 from Ma27/nextcloud-secret-backport 

[21.05] nixos/nextcloud: put secrets into the environment of nextcloud-setup.service
This commit is contained in:
Maximilian Bosch 2021-10-14 15:53:15 +02:00 committed by GitHub
parent 0ebb82a648 e33cbdc2de
commit a255ac3b23
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
nixos/modules/services/web-apps/nextcloud.nix
View File

@ -495,14 +495,21 @@ in {
];
'';
occInstallCmd = let
dbpass = if c.dbpassFile != null
then ''"$(<"${toString c.dbpassFile}")"''
else if c.dbpass != null
then ''"${toString c.dbpass}"''
else ''""'';
adminpass = if c.adminpassFile != null
then ''"$(<"${toString c.adminpassFile}")"''
else ''"${toString c.adminpass}"'';
mkExport = { arg, value }: "export ${arg}=${value}";
dbpass = {
arg = "DBPASS";
value = if c.dbpassFile != null
then ''"$(<"${toString c.dbpassFile}")"''
else if c.dbpass != null
then ''"${toString c.dbpass}"''
else ''""'';
};
adminpass = {
arg = "ADMINPASS";
value = if c.adminpassFile != null
then ''"$(<"${toString c.adminpassFile}")"''
else ''"${toString c.adminpass}"'';
};
installFlags = concatStringsSep " \\\n "
(mapAttrsToList (k: v: "${k} ${toString v}") {
"--database" = ''"${c.dbtype}"'';
@ -513,12 +520,14 @@ in {
${if c.dbhost != null then "--database-host" else null} = ''"${c.dbhost}"'';
${if c.dbport != null then "--database-port" else null} = ''"${toString c.dbport}"'';
${if c.dbuser != null then "--database-user" else null} = ''"${c.dbuser}"'';
"--database-pass" = dbpass;
"--database-pass" = "\$${dbpass.arg}";
"--admin-user" = ''"${c.adminuser}"'';
"--admin-pass" = adminpass;
"--admin-pass" = "\$${adminpass.arg}";
"--data-dir" = ''"${cfg.home}/data"'';
});
in ''
${mkExport dbpass}
${mkExport adminpass}
${occ}/bin/nextcloud-occ maintenance:install \
${installFlags}
'';