noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2024-09-19 15:54:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

don't use s3 as primary nextcloud storage

Browse Source
This commit is contained in:
Noah Masur 2022-10-04 03:06:55 +00:00
parent 84ecbf9974
commit c2b570b2af
3 changed files with 2 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/oracle/default.nix
View File

@ -26,13 +26,6 @@ nixpkgs.lib.nixosSystem {
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# Store Nextcloud data in cloud object storage
nextcloudS3 = {
bucket = "noahmasur-nextcloud";
hostname = "s3.us-west-002.backblazeb2.com";
key = "0026b0e73b2e2c80000000003";
};
# Grant access to Jellyfin directories from nextcloud # Grant access to Jellyfin directories from nextcloud
users.users.nextcloud.extraGroups = [ "jellyfin" ]; users.users.nextcloud.extraGroups = [ "jellyfin" ];
} }

36
modules/services/nextcloud.nix
View File

@ -1,12 +1,10 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let adminpassFile = "/var/lib/nextcloud/creds";
adminpassFile = "/var/lib/nextcloud/creds";
s3SecretFile = "/var/lib/nextcloud/creds-s3";
in { in {
imports = [ ../shell/age.nix ]; imports = [ ./caddy.nix ../shell/age.nix ];
options = { options = {
@ -15,20 +13,6 @@ in {
description = "Hostname for Nextcloud"; description = "Hostname for Nextcloud";
}; };
nextcloudS3 = {
bucket = lib.mkOption {
type = lib.types.str;
description = "S3 bucket name for Nextcloud storage";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "S3 endpoint for Nextcloud storage";
};
key = lib.mkOption {
type = lib.types.str;
description = "S3 access key for Nextcloud storage";
};
};
}; };
config = { config = {
@ -41,14 +25,6 @@ in {
config = { config = {
adminpassFile = adminpassFile; adminpassFile = adminpassFile;
extraTrustedDomains = [ config.nextcloudServer ]; extraTrustedDomains = [ config.nextcloudServer ];
objectstore.s3 = {
enable = true;
bucket = config.nextcloudS3.bucket;
hostname = config.nextcloudS3.hostname;
key = config.nextcloudS3.key;
autocreate = false;
secretFile = s3SecretFile;
};
}; };
}; };
@ -78,14 +54,6 @@ in {
${builtins.toString ../../private/nextcloud.age} ${builtins.toString ../../private/nextcloud.age}
$DRY_RUN_CMD chown nextcloud:nextcloud ${adminpassFile} $DRY_RUN_CMD chown nextcloud:nextcloud ${adminpassFile}
fi fi
if [ ! -f "${s3SecretFile}" ]; then
$DRY_RUN_CMD mkdir --parents $VERBOSE_ARG $(dirname ${s3SecretFile})
$DRY_RUN_CMD ${pkgs.age}/bin/age --decrypt \
--identity ${config.identityFile} \
--output ${s3SecretFile} \
${builtins.toString ../../private/nextcloud-s3.age}
$DRY_RUN_CMD chown nextcloud:nextcloud ${s3SecretFile}
fi
''; '';
}; };

6
private/nextcloud-s3.age
View File

@ -1,6 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 MgHaOw 6598vLOAPdLywyCHQtneJRWWVQhjP2ydv40ULRGLrFE
KB4O8c3bcpKkyQbjsg8Hu3m3MP5HQ90YVXy8xXHOTqk
--- mLQsxjZKwwM0jvf79WrLh1IW6mzsfuOHDYJQhjBe2Rg
¹É…®à™XL<07>ÞúÐÖ„¢Îܪr•ñÍáÖÛ×±¯üEŒGûUP™
ÎæTÎHN¢–ñ$Z• +L4 Ð