From 8a40c727e029897cc542f995073949038319b791 Mon Sep 17 00:00:00 2001
From: Asmir A <asmir.abdulahovic@gmail.com>
Date: Fri, 20 Oct 2023 21:35:43 +0200
Subject: [PATCH] magpie/nextcloud: add admin account/pass

---
 magpie/configuration.nix            | 42 ++++++++++++++++-------------
 magpie/secrets/nextcloud_admin.yaml | 21 +++++++++++++++
 2 files changed, 44 insertions(+), 19 deletions(-)
 create mode 100644 magpie/secrets/nextcloud_admin.yaml

diff --git a/magpie/configuration.nix b/magpie/configuration.nix
index eafb310..7dd5c0a 100644
--- a/magpie/configuration.nix
+++ b/magpie/configuration.nix
@@ -89,22 +89,27 @@
 
   services.nextcloud = {
     enable = true;
-    hostName = "project-cloud.net";
     package = pkgs.nextcloud27;
-    config.adminpassFile = "${pkgs.writeText "adminpass" "test123"}";
+    config.adminpassFile = config.sops.secrets."nextcloud_admin".path;
+    configureRedis = true;
+    hostName = "project-cloud.net";
     https = true;
-    caching = {
-      redis = true;
-      apcu = false;
-    };
     extraOptions = {
-      redis = {
-        host = "/run/redis-nextcloud/redis.sock";
-        port = 0;
-      };
-      "memcache.local" = "\\OC\\Memcache\\Redis";
-      "memcache.distributed" = "\\OC\\Memcache\\Redis";
-      "memcache.locking" = "\\OC\\Memcache\\Redis";
+      mail_smtpmode = "sendmail";
+      mail_sendmailmode = "pipe";
+      enabledPreviewProviders = [
+        "OC\\Preview\\BMP"
+        "OC\\Preview\\GIF"
+        "OC\\Preview\\HEIC"
+        "OC\\Preview\\JPEG"
+        "OC\\Preview\\Krita"
+        "OC\\Preview\\MarkDown"
+        "OC\\Preview\\MP3"
+        "OC\\Preview\\OpenDocument"
+        "OC\\Preview\\PNG"
+        "OC\\Preview\\TXT"
+        "OC\\Preview\\XBitmap"
+      ];
     };
   };
 
@@ -150,12 +155,6 @@
     };
   };
 
-  services.redis.servers.nextcloud = {
-    enable = true;
-    user = "nextcloud";
-    port = 0;
-  };
-
   services.gitea = {
     enable = true;
     appName = "Project Cloud Gitea server";
@@ -221,6 +220,11 @@
     owner = config.users.users.gitea.name;
   };
 
+  sops.secrets."nextcloud_admin" = {
+    sopsFile = ./secrets/nextcloud_admin.yaml;
+    owner = config.users.users.nextcloud.name;
+  };
+
   networking.hostName = "magpie";
   networking.wireless.enable = false;
   networking.firewall.enable = true;
diff --git a/magpie/secrets/nextcloud_admin.yaml b/magpie/secrets/nextcloud_admin.yaml
new file mode 100644
index 0000000..fa9b708
--- /dev/null
+++ b/magpie/secrets/nextcloud_admin.yaml
@@ -0,0 +1,21 @@
+nextcloud_admin: ENC[AES256_GCM,data:txb5JSKxFeTS3M9LSk7m5M1XAvg=,iv:Rf6VNFmK+f0pjL7wH0dlcPL4CqQDRq/qQyliTdn2c4I=,tag:wDQqDZCK2p5aG+g8eE4weA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age153y8mz6gqy5t54q4fnrdvjj4v5ls9cgp3hhpd2hzf5tvkcnncf6q4xns0j
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrUnQ3SDAyRTUxUDF0dDhY
+            K3JmQWlYRVJtdEFac0J4U0RGKzZGNXJmUEg4CmtBSW9yNGZScXhKdnhZWkxIamFW
+            YXEzbGhwR2F3dDJGdzljZUZBeERhU1kKLS0tIGlXZUhsdnI4ell5R3ZZbjZ0NCtO
+            TUpkZmxBNzZ1UUY1dGRud2hycGUyZW8KFUGikaFQjFfmn068qex2tpGbRHIbmS3l
+            27lqo8+eRFnq0nw8H/1yRMi8IghR0+XK68T49hlt0VLS9LZJG1aPag==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-10-17T23:08:24Z"
+    mac: ENC[AES256_GCM,data:fb9cOL4Q+q5uarmXtXNlpRmWgv/Ao1MqwwH2V2CQxEiP8zFyFBZs2435vdcLzrQrnBXz0JLVu4g10SH2T4dpYFP42teIkrgmneecjjcM+UOsBsGsrxlpHMha1t/ERRhBA7uJze5/kwHqry6eruWehRTu65QF1qBTql3m6ipjCeY=,iv:a7aFuTCcRCIDERlrj/9dFCF7VgCDDakfPteQimHV3lc=,tag:4mwrDHaQWA4EU0AgtgZaMg==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.7.3