thary/sp-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Delete nextcloud admin user (#133)

Browse Source 
Co-authored-by: Alexander Tomokhov <alexoundos@selfprivacy.org>
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/133
This commit is contained in:
Inex Code
2025-04-25 14:21:44 +03:00
parent 72472e8edf
commit 547eb00544
3 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
selfprivacy-module.nix
View File

@@ -159,5 +159,17 @@ with lib;
You can put whatever you want here. You can put whatever you want here.
''; '';
}; };
#################
# Workarounds #
#################
workarounds = {
deleteNextcloudAdmin = mkOption {
description = ''
Whether to delete an admin user, which is initially created
'';
type = types.bool;
default = false;
};
};
}; };
} }

1
sp-modules/nextcloud/config-paths-needed.json
View File

@@ -13,6 +13,7 @@
[ "selfprivacy", "passthru", "auth", "oauth2-discovery-url" ], [ "selfprivacy", "passthru", "auth", "oauth2-discovery-url" ],
[ "selfprivacy", "passthru", "auth", "oauth2-provider-name" ], [ "selfprivacy", "passthru", "auth", "oauth2-provider-name" ],
[ "selfprivacy", "passthru", "auth", "oauth2-systemd-service" ], [ "selfprivacy", "passthru", "auth", "oauth2-systemd-service" ],
[ "selfprivacy", "workarounds", "deleteNextcloudAdmin" ],
[ "selfprivacy", "sso", "enable" ], [ "selfprivacy", "sso", "enable" ],
[ "selfprivacy", "useBinds" ], [ "selfprivacy", "useBinds" ],
[ "services", "nextcloud" ], [ "services", "nextcloud" ],

9
sp-modules/nextcloud/module.nix
View File

@@ -11,6 +11,7 @@ let
hostName = "${cfg.subdomain}.${sp.domain}"; hostName = "${cfg.subdomain}.${sp.domain}";
auth-passthru = config.selfprivacy.passthru.auth; auth-passthru = config.selfprivacy.passthru.auth;
deleteNextcloudAdmin = config.selfprivacy.workarounds.deleteNextcloudAdmin;
cfg = sp.modules.nextcloud; cfg = sp.modules.nextcloud;
is-auth-enabled = cfg.enableSso && config.selfprivacy.sso.enable; is-auth-enabled = cfg.enableSso && config.selfprivacy.sso.enable;
ldap_scheme_and_host = "ldaps://${auth-passthru.ldap-host}"; ldap_scheme_and_host = "ldaps://${auth-passthru.ldap-host}";
@@ -89,7 +90,7 @@ in
}) // { }) // {
meta = { meta = {
type = "bool"; type = "bool";
weight = 3; weight = 4;
}; };
}; };
}; };
@@ -317,6 +318,12 @@ in
--mapping-groups=groups \ --mapping-groups=groups \
--group-provisioning=1 \ --group-provisioning=1 \
-vvv -vvv
'' + lib.optionalString deleteNextcloudAdmin ''
if [[ ! -f /var/lib/nextcloud/.admin-user-deleted ]]; then
${occ} user:delete admin
touch /var/lib/nextcloud/.admin-user-deleted
fi
''; '';
}; };
selfprivacy.auth.clients."${oauthClientID}" = { selfprivacy.auth.clients."${oauthClientID}" = {