diff --git a/modules/services/nextcloud-server.nix b/modules/services/nextcloud-server.nix index 8f980a2..3dc78d5 100644 --- a/modules/services/nextcloud-server.nix +++ b/modules/services/nextcloud-server.nix @@ -45,8 +45,9 @@ in }; adminPassFile = lib.mkOption { - type = lib.types.path; - description = "File containing the Nextcloud admin password."; + type = lib.types.nullOr lib.types.path; + description = "File containing the Nextcloud admin password. Required."; + default = null; }; maxUploadSize = lib.mkOption { @@ -132,6 +133,7 @@ in Enabling this app will also start an OnlyOffice instance accessible at the given subdomain from the given network range. ''; + default = {}; type = lib.types.submodule { options = { enable = lib.mkEnableOption "Nextcloud OnlyOffice App"; @@ -149,9 +151,9 @@ in }; jwtSecretFile = lib.mkOption { - type = lib.types.path; + type = lib.types.nullOr lib.types.path; description = "File containing the JWT secret. This option is required."; - default = ""; + default = null; }; }; }; @@ -170,7 +172,8 @@ in nextcloud-occ -vvv preview:generate-all ``` ''; - type = lib.types.nullOr (lib.types.submodule { + default = {}; + type = lib.types.submodule { options = { enable = lib.mkEnableOption "Nextcloud Preview Generator App"; @@ -181,7 +184,7 @@ in example = true; }; }; - }); + }; }; }; }; @@ -194,7 +197,7 @@ in generated by fetchNextcloudApp. The appid must be identical to the “id” value in the apps appinfo/info.xml. You can still install apps through the appstore. ''; - default = apps: {}; + default = null; example = lib.literalExpression '' apps: { inherit (apps) mail calendar contact; @@ -225,6 +228,13 @@ in config = lib.mkMerge [ (lib.mkIf cfg.enable { + assertions = [ + { + assertion = !(isNull cfg.adminPassFile); + message = "Must set shb.nextcloud.adminPassFile."; + } + ]; + users.users = { nextcloud = { name = "nextcloud"; @@ -284,7 +294,7 @@ in # Very important for a bunch of scripts to load correctly. Otherwise you get Content-Security-Policy errors. See https://docs.nextcloud.com/server/13/admin_manual/configuration_server/harden_server.html#enable-http-strict-transport-security https = config.shb.ssl.enable; - extraApps = cfg.extraApps nextcloudApps; + extraApps = if isNull cfg.extraApps then {} else cfg.extraApps nextcloudApps; extraAppsEnable = true; appstoreEnable = true; @@ -390,8 +400,8 @@ in (lib.mkIf cfg.apps.onlyoffice.enable { assertions = [ { - assertion = cfg.apps.onlyoffice.jwtSecretFile != ""; - message = "Must set jwtSecretFile."; + assertion = !(isNull cfg.apps.onlyoffice.jwtSecretFile); + message = "Must set shb.nextcloud.apps.onlyoffice.jwtSecretFile."; } ];