From 5c66657929eb515622e5882d7a7d84a5b0a41d09 Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Thu, 25 Jan 2024 23:17:48 +0900
Subject: feat(nixos/kanata): configure nextcloud

---
 nixos/kanata/configuration.nix    | 7 ++++++-
 nixos/kanata/secrets/secrets.yaml | 5 +++--
 2 files changed, 9 insertions(+), 3 deletions(-)

(limited to 'nixos')

diff --git a/nixos/kanata/configuration.nix b/nixos/kanata/configuration.nix
index 417e5f4..e19ee25 100644
--- a/nixos/kanata/configuration.nix
+++ b/nixos/kanata/configuration.nix
@@ -95,7 +95,7 @@ in
   powerManagement.cpuFreqGovernor = "ondemand";
 
   sops.secrets.zfs-smol-key = { };
-  # sops.secrets.nextcloud-admin-pass = { };
+  sops.secrets.nextcloud-admin-pass = { owner = "nextcloud"; };
 
   boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
   boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
@@ -112,6 +112,11 @@ in
 
   modules = {
     services.blocky.enable = true;
+
+    services.nextcloud = {
+      enable = true;
+      secrets.admin-pass = config.sops.secrets.nextcloud-admin-pass.path;
+    };
   };
 
   # This option defines the first version of NixOS you have installed on this particular machine,
diff --git a/nixos/kanata/secrets/secrets.yaml b/nixos/kanata/secrets/secrets.yaml
index efe1b0f..91a3595 100644
--- a/nixos/kanata/secrets/secrets.yaml
+++ b/nixos/kanata/secrets/secrets.yaml
@@ -2,6 +2,7 @@ initrd-ssh-host-rsa-key: ENC[AES256_GCM,data:gSkUM4GGij4u+qdpjfA3JBtOhLpvhvXALmy
 initrd-ssh-host-ed25519-key: ENC[AES256_GCM,data:eD8UZZ6FnqT5tP+y1xDrtjKjl/DQLXEQs/a4snHoHKHbyNmHXM8aO5o5QuPP6F9MMi0KvrnMHXJs+OqnA+/ZpXD3LJ/k13xIijktWPcpY97X6790ZmkIjE797LiV5YRuwuMQOQVsipISjVmlRWY1UpO4VO8n/TvMJV+SbJUgI3sfK1H5/xG0DlwdPJ1Wb8UVEK/3RPo75Z0tJ7OX7gNwPAh2pEz7XKHjIFdnNwjPgFOCO958ozSZPPMJElUjaffAMyiNBJPdPjV0TYxSD+G5/CVs3pWOEHD2FaF2Gx+BMHT8VRKIGW1cQOQjOBwePx5kQesPl9AkavpP6QOsbktY3+c9Dt4+G4XKsZ0ZpvlCRKf60u39z/K5DvM4CiNzu+nm+hfFcCXEHleFKq2BPB13tMJ3IaEtqA8TJ/8NqkP9zlnRuf/5sxSktUxAri9uIv8s++xNNSsIu+9BYK41t8Snso0uT3AN1emAsLGBMBQLpGzrC6l8WvfntAU7D9HTB0EA6xQCm7Pj+SIU6cxyVkUY,iv:GWEDQtmutLsL9RVQGoXv/uwg9gHKr/QA2/I9g52obqM=,tag:Rs6uaU9hwaoSP7oifJwkbA==,type:str]
 initrd-ts-state: ENC[AES256_GCM,data:8xftKiXfuaWB4XxvP9LBAmFTbX1VbGJix6SqkIbDliUzaiJwO9lrhYMTs2J4tGi4r56skPH1u8GUcUPZx90akXJbvZK+FMwNDxOBFr5nvXDTkkw2G/raBskwGFEpQbcQ6j+pCeh2pUq7EHw8JDSvj27uCrpau6MkjrO2ni/Eefce7EKBxwrFUc4x/Y2VymF48ovcBQsiYeeG7mbHLV1kBHvyqLkPVDX/Y+vkKACADi5QC5/Kg0ZVjXNqCHNDdjv0beOsq6hL7V7msfAfiNPceK8Yc6iyp1hlqyDPWZav5X8sYgD5mV7/G6304Am2435tyI/KQq6XHsd+JGUj/s8hHDfDZ6uz2iNgbDKxxWaOdvODrnqNQ+nNne5TIc1flZvXjEFNBkrMWAgos3J1Tx7jZmJfej51P0k9wQK3QMl9ADQnmn6GvvYrFCboaHO9SYeP+R09K0Tg29BEqvvJcc4MIrEzDyg28mxWAzVp96QfU2Qe4tRpC4yTJlFuXGeY1EWQB9qmGzzYZ2Jn1p+UXPJsrdiIsKkpeFS5fXQF5++UTC24XheXE6OZjYY94u2UpTM2lhLk3CWUe1KdHWYtpxRv6PEcl2QA1KhdvK/0ZvzQ9ercqjkjmOCKkThnI2pJDvU0FA5rjlRc1146AbI2LBklgqsPsesEoKSGaBEITGiHa2uwUlPNu/lesyl9+jPWEo62oT7na/WaYUJZPmAk5XL4BtZDHHfyssy7USoC7nKjc5ij9Y7ZMrmiHXQZiAS9XxvF1jmxhCIEYLBu3+tOaJW3BMDAWDmvQcAl4lQvTwprr7mO3+D3wyXFo7bYkALptA76LfUuzIrO5G8y4ijdcJYEYHw6wmGdvrmMZkzd5Wdu9I9CjSBodxbGQaxKBShfO1uwvCiKqqVPvn9hz59awUVuuPbo2Ev8xN27F5ntemZ1kdfStUVecLskVfm7lpWxLMqU9FWVGhZXTh5TRINNjKiRZin8lTZiIuZK2GwDnTO+XDhdCrcTVBrOl/oCpw7Ym+p4LYjeFhjNeroAm0j8PiYh471LOF6MrYtxb5YRdbp+z5VNWaWf6Lg7ZtDmZtBniyFHaa8iVLFjUUDRa3OhX+hNJ0P+mU1YPmAKjjqWBd0FSPLrnv0P3sizoC8ba0qqREzpcCMRAWHvK3VRfwRNklXxGzP8Az66ZayT4u5XPXLxCYZTa9xMsn72Kypz2HV7jAgvG9rN31pUHGCU8YurRWnK8sqQ5yNoNaWBsL2ypM/f9HfisacLMUazitgfFgP9agAdssSBdtp8BB6MMISq42RjPNCpeMth78egUbHOfqXkYjDs0FwjaIctKvq9myjHfqklZyiV6dh0gJKwoSRIXn+aGgr2/H2ltejT87Zj7IXOk7VD0N8rMcLJgiwFmjj3X1ecI8gJGwNLYRczH82NGWdYGAmCYiJ87kv7PBK++iRM22vK8diIjCepjj+FQgTHLy6Ig5UQ92PPsdLp8EQVtsVKBSHhVtX0sOsnIEnHUARsmLbkNQqA2nWNQB6XvwBPUOR+EhkL1sgeGf1Jq9ncDKbs7ZmbpQ0I5QH1C87m/KltOkinnIoktBQQdTvtoUL7EIdue+SeCwcAIuTdSHRvcUfn1AJtt6jdM0/B3PS23NXHRBe/3J2ejiXn5r2udQ1uE/u2eAfQjegJtx2ynxMOSyILeX8xqjtbhotO7f8R9A8pVaGKmFaMmz0vZtvKNaEKyWPM5YoQPGHq8v1e1WGsr4QmTD9tbnbxclq8CN82VPhPtwZFfhikwbuvdYIAd5tSIR40qW/3Zw3QmyE2Wp9sWwfauTr0K4qz1yj7W6/SiQFRO7RYCsOoTMQ3qTN/Uww2rY0xs9cTK/8h7Q590F65HEsE4V9DdrQ9hU127O3anWNhPXrJM7LTMYOwjW1x/jJSeU8y/SFOCrCz7zv3myIABJulGa1HYQn9y0sho6EFBECD5t6eYeCqWNgqREQaJs4PpyCCv49DThjim4DmkI+nf1CyZnJ1BED6555tFCEg3Rfzq86Z7PPtJ91bFpnYUWtPWOlKZbvun+TdqCFmWELRyVU7GA09mqefWqZYGtWoKX0HeHzj5np3q3G8ij7e159LU9uh3hvahth5yV8Xk3N7/hvefVUxQLkW2GbhOsNJX76q+2Fw8HicBN+z587ZhZzOx8kmqk1ZQqFnjG9wYpkxjz7gRk+gCyj+DNYZpBhUsUmz0f9JCfGJACyKYe/SaXHtE2Det2SQ/b3f4txe/DlHzsLmiSCU4GHrORw9jQFVrBPOISDKJyAh3VA7P50R+0m1bD6XVU048s7pjFg/rMsOy7JW3yyJVFQqGRyPC/yfNLeON7wX2wxYzk0RV/U+65Y5YnmxvIPP8i41cO2bJ3sZYgCVTK+uNfIL5+LWx9jvzN5EW9lHT4So5ny5ylpgW0CQBneYmFIIwuNY+539XgDhGEPIMk3yx4b/pCF532+q40EOtzCdsahAf8u7y5YAnfLYnlrdcXjnVbVFxh/r91BcbEN5ulOHGey1KYAXozh+8FFsD2LjNGWatb+b62HGgh6UcdmrIPHVu0jM+TDAC7rgaUHmRMpTUz5YgITKNA/sCtikpIEuSAKgpcUvhoHujBwe92LFE/0MI3vGLD7YhrEAF01lxwn5dbbuDkgq+WTBeYmrX784m5FiOD4FJiN6fc4oH9x6MWW/TTHmRW22WnMqirX5l/Pr6o6eEHmTYVoWP0wBiXCqjzYgMSvkym83J+6WZKPhbg4YqIj6xTsiXJIsTDW7tF2wEkgdGSK3YzryQb1CR98nyGYQr+01yArmhNPPxRY0Ozc50sBBvkjZAcc1Jr9Coj/xwPDa/onr/vg5seT4DzIQCDRm2dAWOGiugzYMpWn2AW08CsfNCYSaNrsMKbAVGB2syBdMHAxyEQUeOWkmttYJBvj+YDGYWZIZ6lXXidPPM6GI4rvKZ9I3fnFjxUkAgg5BrIYS7PYjzyFcAOGQ7Kc4a7nopi3LXLlkKMe6ubzgDcZt59YtFcUuZQ+67g3wDG32KCX97aapc7V1kkj5gplPFFzl9L7ONLyPzbJMkGYa6rfceeVjb6yPDQ4vGspJMY/oeEOfUhKeV9aoJvq8yU6Zu8K1hDcmcZ3sKswMB9DdTA00clq4Ay1HEQSNY8qjl2hHRzRMABCxWSPmDSv0vsx2pOZOBJoXuOF7Mxl4tGODhnckgP1phBebSwLbpOGoyY397t1NFNhVYXKgP7gx+B7iOgXlsEQsUnfs8XsFiOtiZyBGReGZzk7D4vg9EHRB7v1VlrX8SqUcBSYcPhBHWvqi5DUt+RBOJTdMnJiTWMQRO4AcxjTuiJF9gcg9oxVrg/ic7Vni4mu/xafGY9r5A+02P7B7tD3x,iv:sGA4zACuGYJ3P/auaHXOttP8TGyVgf++Ppk6jiekUbw=,tag:/+XtiRJIjTA7MM5sYdPlSg==,type:str]
 zfs-smol-key: ENC[AES256_GCM,data:M6JUsFoAvt2nqI/9bVq0slhrcQE8sGgC3s0x,iv:hZK99Veh+oMhxxA9BbBe7OBisjhF00baAb1JQ7yfMaA=,tag:30GjpPzIpgw5htoK1BcmUg==,type:str]
+nextcloud-admin-pass: ENC[AES256_GCM,data:Lvk/j/3fissx6Kyccp9q2gi7ahbd+pR7jFXnx5OL0JRG,iv:Y0GI/z4pFW98Ll6xpuENr+fTrm7JoE9KadDKx2O4WLI=,tag:ofln+SgrhJm8BpKnVSngoQ==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -26,8 +27,8 @@ sops:
             YkRGS2ZBbm1keWpUQUFOWDRtTWZVa0EKc+lKEP0L/yoFLx6p1zbWfifPWc7Y9Qqh
             qccODSyHqzwdriHLxXuw9SCnF+SeA721te6+pDVhJj8vqv2UqHiATw==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-01-22T18:40:17Z"
-    mac: ENC[AES256_GCM,data:Bja0XWa7S/PeA+61AYWLyDkJyY7RUOakJl4xhtvWp854Ku5wTRM5hsAbdpvAeKRvNN9EoJI1ljeUihRXY3e1jlD3yElH7p9Bfs1Gb6J4rQ+hODf/vvCwVyyVhXFCU6PHjUhFiTuAyQdY9VecOTZj4Jx603DzoGU0VYvpXp9k7EU=,iv:u6pdlF7Fkw1khrZVvi/bMa3HRAcyXkPWYc0RO0PCSaQ=,tag:c3KRwyZHoIoX8BwvCuGypw==,type:str]
+    lastmodified: "2024-01-24T12:28:05Z"
+    mac: ENC[AES256_GCM,data:1rW3YkvwbHiupjT62XxQwLEEGo1dMJkSbFUOaLqMXaVxmCebMWkQLWh72xr+VPF4MVU8vgz9GVmZap2uQ3/y+xkkrshaUIvDM2iznTrAIKyK8I5jSvZYqz9zxRBd8SGrPvZXzwCziDAEgfiAO7Yz5N5Z7KopEREN0XmtjDb4uMk=,iv:EVRCIeyQI8Lz+wkB42nz++Z2AkONs6pd9gylCdogUOc=,tag:YhCLF0/mYKxuO6SoQlmoGw==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.8.1
-- 
cgit 1.4.1