diff --git a/files.nix b/files.nix index 0df05bf..35e0e25 100644 --- a/files.nix +++ b/files.nix @@ -15,14 +15,18 @@ in (if cfg.pleroma.enable then "f /var/lib/pleroma/secrets.exs 0755 pleroma pleroma - -" else "") "f+ /var/domain 0444 selfprivacy-api selfprivacy-api - ${domain}" ]; - system.activationScripts = { + system.activationScripts = let + jq = "${pkgs.jq}/bin/jq"; + sed = "${pkgs.sed}/bin/sed"; + in + { nextcloudSecrets = if cfg.nextcloud.enable then '' - cat /etc/nixos/userdata/userdata.json | jq -r '.nextcloud.databasePassword' > /var/lib/nextcloud/db-pass + cat /etc/nixos/userdata/userdata.json | ${jq} -r '.nextcloud.databasePassword' > /var/lib/nextcloud/db-pass chmod 0440 /var/lib/nextcloud/db-pass chown nextcloud:nextcloud /var/lib/nextcloud/db-pass - cat /etc/nixos/userdata/userdata.json | jq -r '.nextcloud.adminPassword' > /var/lib/nextcloud/admin-pass + cat /etc/nixos/userdata/userdata.json | ${jq} -r '.nextcloud.adminPassword' > /var/lib/nextcloud/admin-pass chmod 0440 /var/lib/nextcloud/admin-pass chown nextcloud:nextcloud /var/lib/nextcloud/admin-pass '' @@ -34,7 +38,7 @@ in echo 'CF_API_KEY=REPLACEME' > /var/lib/cloudflare/Credentials.ini echo 'CLOUDFLARE_DNS_API_TOKEN=REPLACEME' >> /var/lib/cloudflare/Credentials.ini echo 'CLOUDFLARE_ZONE_API_TOKEN=REPLACEME' >> /var/lib/cloudflare/Credentials.ini - sed -i "s/REPLACEME/$(cat /etc/nixos/userdata/userdata.json | jq -r '.cloudflare.apiKey')/g" /var/lib/cloudflare/Credentials.ini + ${sed} -i "s/REPLACEME/$(cat /etc/nixos/userdata/userdata.json | ${jq} -r '.cloudflare.apiKey')/g" /var/lib/cloudflare/Credentials.ini chmod 0440 /var/lib/cloudflare/Credentials.ini chown nginx:acmerecievers /var/lib/cloudflare/Credentials.ini ''; @@ -44,8 +48,8 @@ in echo 'account = REPLACEME1' >> /root/.config/rclone/rclone.conf echo 'key = REPLACEME2' >> /root/.config/rclone/rclone.conf - sed -i "s/REPLACEME1/$(cat /etc/nixos/userdata/userdata.json | jq -r '.backblaze.accountId')/g" /root/.config/rclone/rclone.conf - sed -i "s/REPLACEME2/$(cat /etc/nixos/userdata/userdata.json | jq -r '.backblaze.accountKey')/g" /root/.config/rclone/rclone.conf + ${sed} -i "s/REPLACEME1/$(cat /etc/nixos/userdata/userdata.json | ${jq} -r '.backblaze.accountId')/g" /root/.config/rclone/rclone.conf + ${sed} -i "s/REPLACEME2/$(cat /etc/nixos/userdata/userdata.json | ${jq} -r '.backblaze.accountKey')/g" /root/.config/rclone/rclone.conf chmod 0400 /root/.config/rclone/rclone.conf chown root:root /root/.config/rclone/rclone.conf