From c2b570b2afe09c39d513331fa566f04085f75267 Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Tue, 4 Oct 2022 03:06:55 +0000
Subject: [PATCH] don't use s3 as primary nextcloud storage

---
 hosts/oracle/default.nix       |  7 -------
 modules/services/nextcloud.nix | 36 ++--------------------------------
 private/nextcloud-s3.age       |  6 ------
 3 files changed, 2 insertions(+), 47 deletions(-)
 delete mode 100644 private/nextcloud-s3.age

diff --git a/hosts/oracle/default.nix b/hosts/oracle/default.nix
index 43cd48e..8da7180 100644
--- a/hosts/oracle/default.nix
+++ b/hosts/oracle/default.nix
@@ -26,13 +26,6 @@ nixpkgs.lib.nixosSystem {
       publicKey =
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
 
-      # Store Nextcloud data in cloud object storage
-      nextcloudS3 = {
-        bucket = "noahmasur-nextcloud";
-        hostname = "s3.us-west-002.backblazeb2.com";
-        key = "0026b0e73b2e2c80000000003";
-      };
-
       # Grant access to Jellyfin directories from nextcloud
       users.users.nextcloud.extraGroups = [ "jellyfin" ];
     }
diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix
index 39db55d..5fad953 100644
--- a/modules/services/nextcloud.nix
+++ b/modules/services/nextcloud.nix
@@ -1,12 +1,10 @@
 { config, pkgs, lib, ... }:
 
-let
-  adminpassFile = "/var/lib/nextcloud/creds";
-  s3SecretFile = "/var/lib/nextcloud/creds-s3";
+let adminpassFile = "/var/lib/nextcloud/creds";
 
 in {
 
-  imports = [ ../shell/age.nix ];
+  imports = [ ./caddy.nix ../shell/age.nix ];
 
   options = {
 
@@ -15,20 +13,6 @@ in {
       description = "Hostname for Nextcloud";
     };
 
-    nextcloudS3 = {
-      bucket = lib.mkOption {
-        type = lib.types.str;
-        description = "S3 bucket name for Nextcloud storage";
-      };
-      hostname = lib.mkOption {
-        type = lib.types.str;
-        description = "S3 endpoint for Nextcloud storage";
-      };
-      key = lib.mkOption {
-        type = lib.types.str;
-        description = "S3 access key for Nextcloud storage";
-      };
-    };
   };
 
   config = {
@@ -41,14 +25,6 @@ in {
       config = {
         adminpassFile = adminpassFile;
         extraTrustedDomains = [ config.nextcloudServer ];
-        objectstore.s3 = {
-          enable = true;
-          bucket = config.nextcloudS3.bucket;
-          hostname = config.nextcloudS3.hostname;
-          key = config.nextcloudS3.key;
-          autocreate = false;
-          secretFile = s3SecretFile;
-        };
       };
     };
 
@@ -78,14 +54,6 @@ in {
             ${builtins.toString ../../private/nextcloud.age}
           $DRY_RUN_CMD chown nextcloud:nextcloud ${adminpassFile}
         fi
-        if [ ! -f "${s3SecretFile}" ]; then
-          $DRY_RUN_CMD mkdir --parents $VERBOSE_ARG $(dirname ${s3SecretFile})
-          $DRY_RUN_CMD ${pkgs.age}/bin/age --decrypt \
-            --identity ${config.identityFile} \
-            --output ${s3SecretFile} \
-            ${builtins.toString ../../private/nextcloud-s3.age}
-          $DRY_RUN_CMD chown nextcloud:nextcloud ${s3SecretFile}
-        fi
       '';
     };
 
diff --git a/private/nextcloud-s3.age b/private/nextcloud-s3.age
deleted file mode 100644
index 14aad0a..0000000
--- a/private/nextcloud-s3.age
+++ /dev/null
@@ -1,6 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 MgHaOw 6598vLOAPdLywyCHQtneJRWWVQhjP2ydv40ULRGLrFE
-KB4O8c3bcpKkyQbjsg8Hu3m3MP5HQ90YVXy8xXHOTqk
---- mLQsxjZKwwM0jvf79WrLh1IW6mzsfuOHDYJQhjBe2Rg
-�Ʌ���XL��������ܪr������ױ��E�G�UP�
-Ζ�T�HN
���$Z�+L4�
\ No newline at end of file