Merge pull request #224274 from SuperSandro2000/nixos/nextcloud-notify_push

nixos/nextcloud: add configureRedis option; nixos/nextcloud-notify_push: add bendDomainToLocalhost
2023-05-14 10:35:57 +02:00 · 2023-05-14 10:35:57 +02:00 · 9241cee3c4
commit 9241cee3c4
parent d5be467efe da15c5054e
2 changed files with 67 additions and 8 deletions
--- a/nixos/modules/services/web-apps/nextcloud-notify_push.nix
+++ b/nixos/modules/services/web-apps/nextcloud-notify_push.nix
@ -2,6 +2,7 @@

 let
  cfg = config.services.nextcloud.notify_push;
+  cfgN = config.services.nextcloud;
 in
 {
  options.services.nextcloud.notify_push = {
@ -25,6 +26,16 @@ in
      default = "error";
      description = lib.mdDoc "Log level";
    };
+
+    bendDomainToLocalhost = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = lib.mdDoc ''
+        Wether to add an entry to `/etc/hosts` for the configured nextcloud domain to point to `localhost` and add `localhost `to nextcloud's `trusted_proxies` config option.
+
+        This is useful when nextcloud's domain is not a static IP address and when the reverse proxy cannot be bypassed because the backend connection is done via unix socket.
+      '';
+    };
  } // (
    lib.genAttrs [
      "dbtype"
@ -44,11 +55,14 @@ in

  config = lib.mkIf cfg.enable {
    systemd.services.nextcloud-notify_push = let
-      nextcloudUrl = "http${lib.optionalString config.services.nextcloud.https "s"}://${config.services.nextcloud.hostName}";
+      nextcloudUrl = "http${lib.optionalString cfgN.https "s"}://${cfgN.hostName}";
    in {
      description = "Push daemon for Nextcloud clients";
      documentation = [ "https://github.com/nextcloud/notify_push" ];
-      after = [ "phpfpm-nextcloud.service" ];
+      after = [
+        "phpfpm-nextcloud.service"
+        "redis-nextcloud.service"
+      ];
      wantedBy = [ "multi-user.target" ];
      environment = {
        NEXTCLOUD_URL = nextcloudUrl;
@ -57,7 +71,7 @@ in
        LOG = cfg.logLevel;
      };
      postStart = ''
-        ${config.services.nextcloud.occ}/bin/nextcloud-occ notify_push:setup ${nextcloudUrl}/push
+        ${cfgN.occ}/bin/nextcloud-occ notify_push:setup ${nextcloudUrl}/push
      '';
      script = let
        dbType = if cfg.dbtype == "pgsql" then "postgresql" else cfg.dbtype;
@ -76,7 +90,7 @@ in
        export DATABASE_PASSWORD="$(<"${cfg.dbpassFile}")"
      '' + ''
        export DATABASE_URL="${dbUrl}"
-        ${cfg.package}/bin/notify_push '${config.services.nextcloud.datadir}/config/config.php'
+        ${cfg.package}/bin/notify_push '${cfgN.datadir}/config/config.php'
      '';
      serviceConfig = {
        User = "nextcloud";
@ -87,10 +101,23 @@ in
      };
    };

-    services.nginx.virtualHosts.${config.services.nextcloud.hostName}.locations."^~ /push/" = {
-      proxyPass = "http://unix:${cfg.socketPath}";
-      proxyWebsockets = true;
-      recommendedProxySettings = true;
+    networking.hosts = lib.mkIf cfg.bendDomainToLocalhost {
+      "127.0.0.1" = [ cfgN.hostName ];
+      "::1" = [ cfgN.hostName ];
    };
+
+    services = lib.mkMerge [
+      {
+        nginx.virtualHosts.${cfgN.hostName}.locations."^~ /push/" = {
+          proxyPass = "http://unix:${cfg.socketPath}";
+          proxyWebsockets = true;
+          recommendedProxySettings = true;
+        };
+      }
+
+      (lib.mkIf cfg.bendDomainToLocalhost {
+        nextcloud.extraOptions.trusted_proxies = [ "127.0.0.1" "::1" ];
+      })
+    ];
  };
 }
--- a/nixos/modules/services/web-apps/nextcloud.nix
+++ b/nixos/modules/services/web-apps/nextcloud.nix
@ -551,6 +551,19 @@ in {
      default = true;
    };

+    configureRedis = lib.mkOption {
+      type = lib.types.bool;
+      default = config.services.nextcloud.notify_push.enable;
+      defaultText = literalExpression "config.services.nextcloud.notify_push.enable";
+      description = lib.mdDoc ''
+        Wether to configure nextcloud to use the recommended redis settings for small instances.
+
+        ::: {.note}
+        The `notify_push` app requires redis to be configured. If this option is turned off, this must be configured manually.
+        :::
+      '';
+    };
+
    caching = {
      apcu = mkOption {
        type = types.bool;
@ -1044,6 +1057,25 @@ in {
        }];
      };

+      services.redis.servers.nextcloud = lib.mkIf cfg.configureRedis {
+        enable = true;
+        user = "nextcloud";
+      };
+
+      services.nextcloud = lib.mkIf cfg.configureRedis {
+        caching.redis = true;
+        extraOptions = {
+          memcache = {
+            distributed = ''\OC\Memcache\Redis'';
+            locking = ''\OC\Memcache\Redis'';
+          };
+          redis = {
+            host = config.services.redis.servers.nextcloud.unixSocket;
+            port = 0;
+          };
+        };
+      };
+
      services.nginx.enable = mkDefault true;

      services.nginx.virtualHosts.${cfg.hostName} = {