nextcloud: setup quota via ldap

2025-02-24 14:52:14 +01:00 · 2025-02-24 14:52:14 +01:00 · 332a10a0f9
commit 332a10a0f9
parent 02ab47fad5
3 changed files with 18 additions and 1 deletions
--- a/machines/gerd/services/lldap/default.nix
+++ b/machines/gerd/services/lldap/default.nix
@ -246,10 +246,12 @@ in {
    mkProvisionEmail = name: "${name}@${config.mine.shared.settings.domain}";
    mkProvisionUserNormal = name: config.mine.shared.lib.ldap.mkScope (lconfig: llib: {
      user_id = name;
+      display_name = name; # required for nextcloud
      membermail = mkProvisionEmail name;
      mail = "env:EMAIL_${lib.toUpper name}";
      groups = [ lconfig.groups.member ];
      membermaildiskquota = 100*1024*1024; # mb
+      nextcloudquota = 5*1024*1024; # mb
    });

    mkProvisionUserSystem = name: password_file: config.mine.shared.lib.ldap.mkScope (lconfig: llib: {
@ -261,11 +263,21 @@ in {
      membermaildiskquota = 10*1024*1024; # mb
    });

+    mkProvisionUserSystemExt = name: password_file: custom_attrs: lib.recursiveUpdate (config.mine.shared.lib.ldap.mkScope (lconfig: llib: {
+      user_id = name;
+      membermail = mkProvisionEmail name;
+      password = "file:${password_file}";
+      groups = [ lconfig.groups.system_mail lconfig.groups.system_service ];
+      membermaildiskquota = 10*1024*1024; # mb
+    })) custom_attrs;
+
    mkProvisionUserAdmin = name: config.mine.shared.lib.ldap.mkScope (lconfig: llib: {
      user_id = name;
+      display_name = name; # required for nextcloud
      membermail = mkProvisionEmail name;
      groups = [ lconfig.groups.admin lconfig.groups.member ];
      membermaildiskquota = 100*1024*1024; # mb
+      nextcloudquota = 100*1024*1024; # mb
    });
  };

--- a/machines/gerd/services/lldap/provision.nix
+++ b/machines/gerd/services/lldap/provision.nix
@ -59,6 +59,9 @@
        membermaildiskquota = {
          attributeType = "INTEGER";
        };
+        nextcloudquota = {
+          attributeType = "INTEGER";
+        };
      };

    });
--- a/machines/gerd/services/nextcloud.nix
+++ b/machines/gerd/services/nextcloud.nix
@ -3,7 +3,7 @@
 let
  svc_domain = "nextcloud.${config.mine.shared.settings.domain}";

-  default_storage_quota = "100MB";
+  default_storage_quota = "1mb";

  # place data into own zfs dataset
  stateDir = config.mine.zfsMounts."rpool/safe/svcs/nextcloud";
@ -59,6 +59,8 @@ let
      ldapUserFilterMode = 1;
      ldapExpertUsernameAttr = config.mine.shared.settings.ldap.attr.uid;
      ldapConfigurationActive = 1;
+      ldapQuotaDefault = 1;
+      ldapQuotaAttribute = config.mine.shared.settings.ldap.attr.nextcloudquota;
    };
    ldap_commands = lib.mapAttrsToList (n: v: "${occ} ldap:set-config $NEW_CONFIG_ID ${n} '${builtins.toString v}'") ldap_settings;
  in pkgs.writeShellScript "nextcloud-add-ldap.sh" ''