From d7370e206a49a9e0531599abccb2087d20eee316 Mon Sep 17 00:00:00 2001 From: Andreas Zweili Date: Sun, 11 Feb 2024 18:06:10 +0100 Subject: [PATCH] Add a module for nextcloud-cli-client --- modules/default.nix | 1 + .../services/nextcloud-cli-client/default.nix | 74 +++++++++++++++++++ scrts/nextcloud_cli.age | 33 +++++++++ scrts/secrets.nix | 1 + systems/management/default.nix | 1 + 5 files changed, 110 insertions(+) create mode 100644 modules/services/nextcloud-cli-client/default.nix create mode 100644 scrts/nextcloud_cli.age diff --git a/modules/default.nix b/modules/default.nix index 1cd55ed..4dde1c6 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -33,6 +33,7 @@ ./services/mariadb-for-containers ./services/media-share ./services/nextcloud + ./services/nextcloud-cli-client ./services/nginx-acme-base ./services/nginx-fpm ./services/nginx-proxy diff --git a/modules/services/nextcloud-cli-client/default.nix b/modules/services/nextcloud-cli-client/default.nix new file mode 100644 index 0000000..7ff7dbc --- /dev/null +++ b/modules/services/nextcloud-cli-client/default.nix @@ -0,0 +1,74 @@ +{ + config, + inputs, + lib, + pkgs, + ... +}: +let + cfg = config.services.az-nextcloud-cli-client; + pathToMonitor = "/home/${config.az-username}/nextcloud/10_documents/"; + monitor-notes = pkgs.writeShellScriptBin "monitor-notes" '' + ${pkgs.nextcloud-client}/bin/nextcloudcmd \ + --user andreas \ + --password $(cat ${config.age.secrets.nextcloudCliSecrets.path}) \ + --non-interactive \ + --path /10_documents \ + ${pathToMonitor} \ + https://nextcloud.2li.ch + ''; +in +{ + options = { + services.az-nextcloud-cli-client.enable = lib.mkEnableOption "Enable my implementation of a Nextcloud headless client"; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = [ pkgs.nextcloud-client ]; + services.az-telegram-notifications.enable = true; + + age.secrets.nextcloudCliSecrets = { + file = "${inputs.self}/scrts/nextcloud_cli.age"; + path = "/home/${config.az-username}/.config/nextcloud_cli/nextcloud_cli.key"; + mode = "600"; + owner = "${config.az-username}"; + group = "users"; + }; + + systemd.timers."nextcloud-sync" = { + wantedBy = [ "timers.target" ]; + partOf = [ "nextcloud-sync.service" ]; + timerConfig = { + OnStartupSec = "5min"; + OnUnitActiveSec = "5min"; + }; + }; + + systemd.services."nextcloud-sync" = { + after = [ "network-online.target" ]; + serviceConfig = { + User = config.az-username; + Type = "oneshot"; + }; + onFailure = [ "unit-status-telegram@%n.service" ]; + script = "${monitor-notes}/bin/monitor-notes"; + }; + + systemd.services."nextcloud-monitor" = { + requires = [ "network-online.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + User = config.az-username; + }; + onFailure = [ "unit-status-telegram@%n.service" ]; + wantedBy = [ "multi-user.target" ]; + script = '' + ${pkgs.inotify-tools}/bin/inotifywait -m -r -e create,modify,delete,move "${pathToMonitor}" | + while read -r directory event file; do + sleep 10 + ${monitor-notes}/bin/monitor-notes + done + ''; + }; + }; +} diff --git a/scrts/nextcloud_cli.age b/scrts/nextcloud_cli.age new file mode 100644 index 0000000..1c15279 --- /dev/null +++ b/scrts/nextcloud_cli.age @@ -0,0 +1,33 @@ +age-encryption.org/v1 +-> ssh-rsa 7S8lxw +KFe28MS4Ow4aayFS18ywfn6bUnUoP9nQT+xc6n3QDrHJqw3qj34TtQ0n2RQc3Bhj +/qsn03s1KgCid0Nb80xzMUWBxiIRCG5LT72wflZatUe3HiTxPD+/TdzTDfNOfhnx +WxpA6yV1cfOrjgLPgp5tRwX2FxhxUkpTTeBCDgrJDeumnRuNjOGY+HcGmtNYVHSh +o9t0j8ZrvRI2wbwakY42sEREXA0WfgSoQq6PL3SvvWUISqbihkKQEkyQaGKiA3E9 +fT8EyR5lNvOh+z4HLtNni9IUVAim8SZAuSqrh8vEl/gEanbqRpO/f4GvP9MmU//E +IqCWoQwMsjhpZd/tz7HxkmFP4tiXvJcvW1lOkTR2w4XJpw/Al8n8xlOm/iMKSPW6 +kiGurRkzgYqn7H371IC4/YTTTTgoKr6K68Z04ImG7ydy9dG4xW/9uQMwWXzu6rB4 +FmQwXf9J1EpJijOh6wu3APQyLa8vv9kqHVs4mTdh6xnsZn5AvdBlC+pqB78uSxkm + +-> ssh-ed25519 Xj0rlw DiXhwtInAOcOsmcoM0xAnroR1+jjyWQvDgyxFo+JtEk ++ZJZWEBl4mBWHI2OVs1F3rRSFyzZW+efnXTRkady3Eg +-> ssh-rsa Ws+JZA +jZJNM68C/hHmZf2B/DkeRPCNLOkZMCDtYEzzyikJdV273WuhsAtw2qohM+mPwH2c +i8MJck/vCdfMXtGOQlUyA032EZCMicJewcmUiokZpf64FF9vw90tDaitDKX/M8BB +ISfXDOoysSlSwXOdT2+NAgopT4etM4npeSuE/ZZI5ZsSnP0lED2CxVcCSMX3uNVZ +3HxroysgUt9zJln5z+OvZqqzrOdrg8ucYybwnigQgxypVGDhkvqGm1k9rPXQKar1 +/+lFe+go5l6nMIwEQtBoBfAOu/uP22pQAGFNzuzM/H2iIDa8QqA3NI4esjvwfe96 +mWBuI9rsKcFSBeRa4vqMv2S6ypnttJzZGfDye9JkIn5HneGDN6cabuBX+xnx7DAB +MlY/gkMcZ/kNozh6db81eOQQtvZBkps7jx3UdRdCtkFWlM7R+XCOSCW5TZRTitcg ++g3WclHIMd47F68gVn8rHwASuUPrbquMpWL+j25nxVabmIx4dML0LXg/e/LnoHHv + +-> ssh-ed25519 skmU/w +tmWBmy+j5T7S93a2PyyoIWmCtEnhZUEpgqNDXqPMDA +kmJyRBOMLQE4JbUDADwFS5Q8qzgnQls6Gs6Qt8Hdvj8 +-> ssh-ed25519 YoupUg xe5vwT1FdxXK0Z7tdPuKADE6r2jWjChPpIQCcGBKqDQ +jlRtPl1cwyr+bA5g6iEu4PZVkofmcQa7sX34Xu7Ns2E +-> ssh-ed25519 KXqA9w CW8exLU6olSUluG5d2eGRcAFvYsqwpJboRpW5OqdVXA +MNmrx6+yFfHD2QMTWgCylsdBVjGn1QAhoxMfv116g8k +-> ssh-ed25519 O6+Deg wOAQ/0j4nuEE+CKTVwNK6peVQSO40sxucsKg1Kw67Ew +Aw+RDGCdgBftnjHBVz4crij0A2DkEvKKSB/FGh6lwks +--- xMBpypDreUVc9bBijQ8BnRxdhyOTKscTw8RBNx4qpwA +h)qiFO6F*bL*\r&ݥxf2nD>vzH0[ \ No newline at end of file diff --git a/scrts/secrets.nix b/scrts/secrets.nix index e21d8e8..99a422d 100644 --- a/scrts/secrets.nix +++ b/scrts/secrets.nix @@ -53,6 +53,7 @@ in "gitea_env.age".publicKeys = defaultKeys ++ [ git ]; "infomaniak_env.age".publicKeys = all; "nextcloud_env.age".publicKeys = defaultKeys ++ [ nextcloud ]; + "nextcloud_cli.age".publicKeys = defaultKeys; "personal_email.key.age".publicKeys = defaultKeys; "plex_claim.age".publicKeys = defaultKeys ++ [ plex ]; "restic.key.age".publicKeys = all; diff --git a/systems/management/default.nix b/systems/management/default.nix index ae7cd36..ac31af3 100644 --- a/systems/management/default.nix +++ b/systems/management/default.nix @@ -13,6 +13,7 @@ az-data-share.enable = true; az-docker.enable = true; az-logs-share.enable = true; + az-nextcloud-cli-client.enable = true; az-restic-client-server = { enable = true; path = "/home/andreas";