nixos/nextcloud: fix nginx routing to store and nix apps

[Ma27]

Description of changes

Closes #277206

The bug mentioned above was a symptom of the issue fixed here: when opening the forms app which is installed via extraApps (or the app store) the site wouldn't work because .mjs files had the wrong Content-Type.

The actual problem got fixed already[1], however this config was not used for stuff from /nix-apps & /store-apps which had their own location section with only a root ; statement.

In fact, this setup isn't strictly supported by Nextcloud upstream[2], so to fix this for good, I decided to follow the upstream suggestion for app directories outside the server root, i.e. linking them back into the store path.

This means that the module generates a new derivation now with

• services.nextcloud.package linked into it via lndir.
• under nix-apps is a symlink to the link farm containing all apps from services.nextcloud.extraApps.
• under store-apps is a symlink to /var/lib/nextcloud/store-apps. Since this is only used in the NixOS module that also configures this location for imperatively installed apps, this seems an OK thing to do.

Successfully tested the change on a productive Nextcloud 28.0.1 with several apps installed via extraApps (forms, cospend, maps, user_saml and a few more).

[1] 292c74c
[2] https://docs.nextcloud.com/server/28/admin_manual/apps_management.html#using-custom-app-directories

cc @Silver-Golden for testing.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[Silver-Golden]

I'lltest this out this evening and get back to ye.
Thanks for the prompt response.

[SuperSandro2000]

I don't think we really want to backport this to 23.05 which supports ends literally in the next days.

[SuperSandro2000]

I've cherry-picked the commit into my fork and deployed it to my nextcloud which only has store-apps, no apps installed via nix, and I didn't encounter any issues.

[beardhatcode]

I no not have time to test this on my server atm, but it looks good

[Silver-Golden]

I copied the nextcloud.nix file locally, added disabledModules = [ "services/web-apps/nextcloud.nix" ]; to disable the existing one and then imported that file.

Forms work as expected.

[github-actions]

Backport failed for release-23.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-23.05
git worktree add -d .worktree/backport-277382-to-release-23.05 origin/release-23.05
cd .worktree/backport-277382-to-release-23.05
git switch --create backport-277382-to-release-23.05
git cherry-pick -x bae5e6516269cc804974ef2d5f494d46f7a012c1

[github-actions]

Successfully created backport PR for release-23.11:

• [Backport release-23.11] nixos/nextcloud: fix nginx routing to store and nix apps #277629