feat: Server monitroing, NixOS 24.05 (#84)

Co-authored-by: nhnn <nhnn@disroot.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/84
2024-07-30 19:19:06 +03:00
parent a6caa18981
commit 5218868b33
12 changed files with 195 additions and 102 deletions
--- a/sp-modules/nextcloud/module.nix
+++ b/sp-modules/nextcloud/module.nix
@@ -34,27 +34,39 @@
          ];
        };
      };
-      systemd.services.nextcloud-secrets = {
-        before = [ "nextcloud-setup.service" ];
-        requiredBy = [ "nextcloud-setup.service" ];
-        serviceConfig.Type = "oneshot";
-        path = with pkgs; [ coreutils jq ];
-        script = ''
-          databasePassword=$(jq -re '.modules.nextcloud.databasePassword' ${secrets-filepath})
-          adminPassword=$(jq -re '.modules.nextcloud.adminPassword' ${secrets-filepath})
+      systemd = {
+        services = {
+          phpfpm-nextcloud.serviceConfig.Slice = lib.mkForce "nextcloud.slice";
+          nextcloud-setup.serviceConfig.Slice = "nextcloud.slice";
+          nextcloud-cron.serviceConfig.Slice = "nextcloud.slice";
+          nextcloud-update-db.serviceConfig.Slice = "nextcloud.slice";
+          nextcloud-update-plugins.serviceConfig.Slice = "nextcloud.slice";
+          nextcloud-secrets = {
+            before = [ "nextcloud-setup.service" ];
+            requiredBy = [ "nextcloud-setup.service" ];
+            serviceConfig.Type = "oneshot";
+            path = with pkgs; [ coreutils jq ];
+            script = ''
+              databasePassword=$(jq -re '.modules.nextcloud.databasePassword' ${secrets-filepath})
+              adminPassword=$(jq -re '.modules.nextcloud.adminPassword' ${secrets-filepath})

-          install -C -m 0440 -o nextcloud -g nextcloud -DT \
-          <(printf "%s\n" "$databasePassword") \
-          ${db-pass-filepath}
+              install -C -m 0440 -o nextcloud -g nextcloud -DT \
+              <(printf "%s\n" "$databasePassword") \
+              ${db-pass-filepath}

-          install -C -m 0440 -o nextcloud -g nextcloud -DT \
-          <(printf "%s\n" "$adminPassword") \
-          ${admin-pass-filepath}
-        '';
+              install -C -m 0440 -o nextcloud -g nextcloud -DT \
+              <(printf "%s\n" "$adminPassword") \
+              ${admin-pass-filepath}
+            '';
+          };
+        };
+        slices.nextcloud = {
+          description = "Nextcloud service slice";
+        };
      };
      services.nextcloud = {
        enable = true;
-        package = pkgs.nextcloud27;
+        package = pkgs.nextcloud28;
        inherit hostName;

        # Use HTTPS for links
@@ -65,10 +77,12 @@
        # set what time makes sense for you
        autoUpdateApps.startAt = "05:00:00";

-        config = {
+        settings = {
          # further forces Nextcloud to use HTTPS
-          overwriteProtocol = "https";
+          overwriteprotocol = "https";
+        };

+        config = {
          dbtype = "sqlite";
          dbuser = "nextcloud";
          dbname = "nextcloud";