diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2023-04-21 11:14:29 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-21 11:14:29 +0200 |
commit | 636e9f7418c691ed48e39a139711c5f89f0302f5 (patch) | |
tree | 486dea3162ce7e96a037ecefb1af61100b7fa4b8 /nixos | |
parent | e55e3a962fdc70d73c95c9d2d79aaac510ee9306 (diff) | |
parent | 0abc5bcc7ed8db1ef23165c6ade0d65858b415cf (diff) |
Merge pull request #227235 from Ma27/bump-nextcloud
nextcloud: 25.0.5 -> 25.0.6, 26.0.0 -> 26.0.1, remove nc24
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/web-apps/nextcloud.md | 4 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/nextcloud.nix | 6 | ||||
-rw-r--r-- | nixos/tests/nextcloud/default.nix | 2 |
3 files changed, 9 insertions, 3 deletions
diff --git a/nixos/modules/services/web-apps/nextcloud.md b/nixos/modules/services/web-apps/nextcloud.md index 7ef3cca281f9e..15c1f2da2724b 100644 --- a/nixos/modules/services/web-apps/nextcloud.md +++ b/nixos/modules/services/web-apps/nextcloud.md @@ -132,7 +132,9 @@ Auto updates for Nextcloud apps can be enabled using Nextcloud supports [server-side encryption (SSE)](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html). This is not an end-to-end encryption, but can be used to encrypt files that will be persisted to external storage such as S3. Please note that this won't work anymore when using OpenSSL 3 - for PHP's openssl extension because this is implemented using the legacy cipher RC4. + for PHP's openssl extension and **Nextcloud 25 or older** because this is implemented using the + legacy cipher RC4. For Nextcloud26 this isn't relevant anymore, because Nextcloud has an RC4 implementation + written in native PHP and thus doesn't need `ext-openssl` for that anymore. If [](#opt-system.stateVersion) is *above* `22.05`, this is disabled by default. To turn it on again and for further information please refer to [](#opt-services.nextcloud.enableBrokenCiphersForSSE). diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index 76a0172747ffd..2824b7ee24562 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -204,7 +204,7 @@ in { package = mkOption { type = types.package; description = lib.mdDoc "Which package to use for the Nextcloud instance."; - relatedPackages = [ "nextcloud24" "nextcloud25" "nextcloud26" ]; + relatedPackages = [ "nextcloud25" "nextcloud26" ]; }; phpPackage = mkOption { type = types.package; @@ -712,6 +712,10 @@ in { See <https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html#disabling-encryption> on how to achieve this. For more context, here is the implementing pull request: https://github.com/NixOS/nixpkgs/pull/198470 + '') + ++ (optional (cfg.enableBrokenCiphersForSSE && versionAtLeast cfg.package.version "26") '' + Nextcloud26 supports RC4 without requiring legacy OpenSSL, so + `services.nextcloud.enableBrokenCiphersForSSE` can be set to `false`. ''); services.nextcloud.package = with pkgs; diff --git a/nixos/tests/nextcloud/default.nix b/nixos/tests/nextcloud/default.nix index 350486e8c733c..78fe026b4a84c 100644 --- a/nixos/tests/nextcloud/default.nix +++ b/nixos/tests/nextcloud/default.nix @@ -26,4 +26,4 @@ foldl }; }) { } - [ 24 25 26 ] + [ 25 26 ] |