From a224731dcf4e64a578b9210f86a666a7af52a4f0 Mon Sep 17 00:00:00 2001
From: Alexander Tomokhov <alexoundos@gmail.com>
Date: Sun, 26 Nov 2023 09:08:14 +0400
Subject: [PATCH] nextcloud: write passwords using `install`

---
 sp-modules/nextcloud/module.nix | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/sp-modules/nextcloud/module.nix b/sp-modules/nextcloud/module.nix
index b084969..d9c7f85 100644
--- a/sp-modules/nextcloud/module.nix
+++ b/sp-modules/nextcloud/module.nix
@@ -19,14 +19,15 @@
     lib.mkIf sp.modules.nextcloud.enable
       {
         system.activationScripts.nextcloudSecrets = ''
-          mkdir -p /var/lib/nextcloud
-          ${pkgs.jq}/bin/jq < ${secrets-filepath} -r '.modules.nextcloud.databasePassword' > ${db-pass-filepath}
-          chmod 0440 ${db-pass-filepath}
-          chown nextcloud:nextcloud ${db-pass-filepath}
+          install -m 0440 -o nextcloud -g nextcloud -DT \
+          <(${pkgs.jq}/bin/jq < \
+            ${secrets-filepath} -r '.modules.nextcloud.databasePassword') \
+          ${db-pass-filepath}
 
-          ${pkgs.jq}/bin/jq < ${secrets-filepath} -r '.modules.nextcloud.adminPassword' > ${admin-pass-filepath}
-          chmod 0440 ${admin-pass-filepath}
-          chown nextcloud:nextcloud ${admin-pass-filepath}
+          install -m 0440 -o nextcloud -g nextcloud -DT \
+          <(${pkgs.jq}/bin/jq < \
+            ${secrets-filepath} -r '.modules.nextcloud.adminPassword') \
+          ${admin-pass-filepath}
         '';
         fileSystems = lib.mkIf sp.useBinds {
           "/var/lib/nextcloud" = {