feat: Delete nextcloud admin user (#133)

Co-authored-by: Alexander Tomokhov <alexoundos@selfprivacy.org>
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/133

selfprivacy-module.nix

@@ -159,5 +159,17 @@ with lib;
         You can put whatever you want here.
       '';
     };
+    #################
+    #  Workarounds  #
+    #################
+    workarounds = {
+      deleteNextcloudAdmin = mkOption {
+        description = ''
+          Whether to delete an admin user, which is initially created
+        '';
+        type = types.bool;
+        default = false;
+      };
+    };
   };
 }

sp-modules/nextcloud/config-paths-needed.json

@@ -13,6 +13,7 @@
   [ "selfprivacy", "passthru", "auth", "oauth2-discovery-url" ],
   [ "selfprivacy", "passthru", "auth", "oauth2-provider-name" ],
   [ "selfprivacy", "passthru", "auth", "oauth2-systemd-service" ],
+  [ "selfprivacy", "workarounds", "deleteNextcloudAdmin" ],
   [ "selfprivacy", "sso", "enable" ],
   [ "selfprivacy", "useBinds" ],
   [ "services", "nextcloud" ],

sp-modules/nextcloud/module.nix

@@ -11,6 +11,7 @@ let
 
   hostName = "${cfg.subdomain}.${sp.domain}";
   auth-passthru = config.selfprivacy.passthru.auth;
+  deleteNextcloudAdmin = config.selfprivacy.workarounds.deleteNextcloudAdmin;
   cfg = sp.modules.nextcloud;
   is-auth-enabled = cfg.enableSso && config.selfprivacy.sso.enable;
   ldap_scheme_and_host = "ldaps://${auth-passthru.ldap-host}";
@@ -89,7 +90,7 @@ in
     }) // {
       meta = {
         type = "bool";
-        weight = 3;
+        weight = 4;
       };
     };
   };
@@ -317,6 +318,12 @@ in
           --mapping-groups=groups \
           --group-provisioning=1 \
           -vvv
+
+        '' + lib.optionalString deleteNextcloudAdmin ''
+          if [[ ! -f /var/lib/nextcloud/.admin-user-deleted ]]; then
+            ${occ} user:delete admin
+            touch /var/lib/nextcloud/.admin-user-deleted
+          fi
         '';
       };
       selfprivacy.auth.clients."${oauthClientID}" = {