Nixfiles, for hacc.
Find a file
stuebinm 0882960b9a
First draft for a nextcloud deployment on nix
Things to note:
 - DO NOT DEPLOY THIS
 - use nixos-container for testing instead

I've played around with nextcloud on NixOS, essentially following the
examples given in the NixOS manual and searching through some of the
other options. Nextcloud itself works fine with this setup, as does
its database (postgres), and most of the other basic stuff.

However, the nextcloud module as it currently exists appears to be fairly
limited and incomplete in its capabilities, e.g. lack of options for redis
or multiple php pools; in general, it lacks extraOptions-hooks. For redis
the documentation even explicitely notes (in caching.redis) that redis
requires additional options set in `config.php`, but it appears these cannot
currently be set using nix.

I guess we have as options:
 - I missed something and it does in fact work
 - we can wait for later versions; looks like 21.03 will add at least *some* more
 - we can fork the module and add options ourselves
 - we can configure it nextcloud by manually editing `config.php`, as it's not
   actually inside the nix store but at /var/lib/nextcloud/config (veto)

See comments for additional notes and todos.
2021-03-25 18:34:35 +01:00
common security: remove hexchen 2021-03-12 23:53:51 +01:00
desktop remove hexchen from the project 2021-01-25 11:37:34 +00:00
hosts First draft for a nextcloud deployment on nix 2021-03-25 18:34:35 +01:00
modules hainich: init mattermost beta 2021-03-24 22:37:38 +01:00
nix sources: update nix packages 2021-03-24 22:22:10 +01:00
pkgs nixda: bump version of obs to nixpkgs/unstable 2021-03-11 00:12:08 +01:00
.gitignore repo: add vim swapfiles to gitignore 2020-11-29 12:53:03 +00:00
.gitlab-ci.yml ci: remove instantiate stage 2021-02-22 09:41:15 +00:00
default.nix default: unclutter by using a recursive attrset 2021-01-22 19:26:05 +00:00
README.md readme: add golden commit rule 2021-01-20 18:47:57 +00:00

hacc nixfiles

welcome to hacc nixfiles (haccfiles). this is the code describing our nix-based infrastructure.

structure

  • default.nix: Entrypoint to the config
  • common/: configuration common to all hosts
  • desktop/: desktop-relevant communication
  • modules/: home-grown modules for hacc-specific services
  • nix/: sources files, managed with niv
  • pkgs/: packages we built and don't want to upstream

working with the haccfiles

deploy:

nix build -f . deploy.$hostname && ./result switch

$hostname can be replaced with any hostname or group

committing to haccfiles

  • Golden Rule: DO NOT COMMIT TO MAIN
    • exceptions apply, if you are not sure where to commit, don't commit to main
  • split up commits, every commit is one atomic change
    • e.g. no big "did some changes" but instead "updated service x", "updated service y", "update service z"
  • follow the commit format: "$prefix$place: $change"
    • prefix: one of fixup, nothing
    • place: one of "modules/$module", "$hostname/service", "common/($place)", "pkgs/$pkgs" or "sources"
    • change: describe your change, don't go over the character limit where git starts hiding/wrapping
  • Exception: autogenerated messages (merge commits, reverts, etc)