diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml
index e5351519f8da..02d05dec0a2b 100644
--- a/nixos/doc/manual/release-notes/rl-2003.xml
+++ b/nixos/doc/manual/release-notes/rl-2003.xml
@@ -648,6 +648,55 @@ auth required pam_succeed_if.so uid >= 1000 quiet
.
+
+
+ nextcloud has been updated to v18.0.2. This means
+ that users from NixOS 19.09 can't upgrade directly since you can only move one version
+ forward and 19.09 uses v16.0.8.
+
+
+ To provide a safe upgrade-path and to circumvent similar issues in the future, the following
+ measures were taken:
+
+
+
+ The pkgs.nextcloud-attribute has been removed and replaced with
+ versioned attributes (currently pkgs.nextcloud17 and
+ pkgs.nextcloud18). With this change major-releases can be backported
+ without breaking stuff and to make upgrade-paths easier.
+
+
+
+
+ Existing setups will be detected using
+ system.stateVersion: by default,
+ nextcloud17 will be used, but will raise a warning which notes
+ that after that deploy it's recommended to update to the latest stable version
+ (nextcloud18) by declaring the newly introduced setting
+ services.nextcloud.package.
+
+
+
+
+ Users with an overlay (e.g. to use nextcloud at version
+ v18 on 19.09) will get an evaluation error
+ by default. This is done to ensure that our
+ package-option doesn't select an
+ older version by accident. It's recommended to use pkgs.nextcloud18
+ or to set package to
+ pkgs.nextcloud explicitly.
+
+
+
+
+
+
+ Please note that if you're comming from 19.03 or older, you have
+ to manually upgrade to 19.09 first to upgrade your server
+ to Nextcloud v16.
+
+
+
diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix
index 912e05d6d400..087bd0e5df3e 100644
--- a/nixos/modules/services/web-apps/nextcloud.nix
+++ b/nixos/modules/services/web-apps/nextcloud.nix
@@ -30,7 +30,7 @@ let
occ = pkgs.writeScriptBin "nextcloud-occ" ''
#! ${pkgs.stdenv.shell}
- cd ${pkgs.nextcloud}
+ cd ${cfg.package}
sudo=exec
if [[ "$USER" != nextcloud ]]; then
sudo='exec /run/wrappers/bin/sudo -u nextcloud --preserve-env=NEXTCLOUD_CONFIG_DIR'
@@ -42,6 +42,8 @@ let
occ $*
'';
+ inherit (config.system) stateVersion;
+
in {
options.services.nextcloud = {
enable = mkEnableOption "nextcloud";
@@ -64,6 +66,11 @@ in {
default = false;
description = "Use https for generated links.";
};
+ package = mkOption {
+ type = types.package;
+ description = "Which package to use for the Nextcloud instance.";
+ relatedPackages = [ "nextcloud17" "nextcloud18" ];
+ };
maxUploadSize = mkOption {
default = "512M";
@@ -309,10 +316,31 @@ in {
}
];
- warnings = optional (cfg.poolConfig != null) ''
- Using config.services.nextcloud.poolConfig is deprecated and will become unsupported in a future release.
- Please migrate your configuration to config.services.nextcloud.poolSettings.
- '';
+ warnings = []
+ ++ (optional (cfg.poolConfig != null) ''
+ Using config.services.nextcloud.poolConfig is deprecated and will become unsupported in a future release.
+ Please migrate your configuration to config.services.nextcloud.poolSettings.
+ '')
+ ++ (optional (versionOlder cfg.package.version "18") ''
+ You're currently deploying an older version of Nextcloud. This may be needed
+ since Nextcloud doesn't allow major version upgrades across multiple versions (i.e. an
+ upgrade from 16 is possible to 17, but not to 18).
+
+ Please deploy this to your server and wait until the migration is finished. After
+ that you can deploy to the latest Nextcloud version available.
+ '');
+
+ services.nextcloud.package = with pkgs;
+ mkDefault (
+ if pkgs ? nextcloud
+ then throw ''
+ The `pkgs.nextcloud`-attribute has been removed. If it's supposed to be the default
+ nextcloud defined in an overlay, please set `services.nextcloud.package` to
+ `pkgs.nextcloud`.
+ ''
+ else if versionOlder stateVersion "20.03" then nextcloud17
+ else nextcloud18
+ );
}
{ systemd.timers.nextcloud-cron = {
@@ -407,7 +435,7 @@ in {
path = [ occ ];
script = ''
chmod og+x ${cfg.home}
- ln -sf ${pkgs.nextcloud}/apps ${cfg.home}/
+ ln -sf ${cfg.package}/apps ${cfg.home}/
mkdir -p ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps
ln -sf ${overrideConfig} ${cfg.home}/config/override.config.php
@@ -429,7 +457,7 @@ in {
environment.NEXTCLOUD_CONFIG_DIR = "${cfg.home}/config";
serviceConfig.Type = "oneshot";
serviceConfig.User = "nextcloud";
- serviceConfig.ExecStart = "${phpPackage}/bin/php -f ${pkgs.nextcloud}/cron.php";
+ serviceConfig.ExecStart = "${phpPackage}/bin/php -f ${cfg.package}/cron.php";
};
nextcloud-update-plugins = mkIf cfg.autoUpdateApps.enable {
serviceConfig.Type = "oneshot";
@@ -471,7 +499,7 @@ in {
enable = true;
virtualHosts = {
${cfg.hostName} = {
- root = pkgs.nextcloud;
+ root = cfg.package;
locations = {
"= /robots.txt" = {
priority = 100;
diff --git a/nixos/modules/services/web-apps/nextcloud.xml b/nixos/modules/services/web-apps/nextcloud.xml
index d66e0f0c2997..fc454f8ba254 100644
--- a/nixos/modules/services/web-apps/nextcloud.xml
+++ b/nixos/modules/services/web-apps/nextcloud.xml
@@ -113,5 +113,53 @@
maintenance:install! This command tries to install the application
and can cause unwanted side-effects!
+
+
+ Nextcloud doesn't allow to move more than one major-version forward. If you're e.g. on
+ v16, you cannot upgrade to v18, you need to upgrade to
+ v17 first. This is ensured automatically as long as the
+ stateVersion is declared properly. In that case
+ the oldest version available (one major behind the one from the previous NixOS
+ release) will be selected by default and the module will generate a warning that reminds
+ the user to upgrade to latest Nextcloud after that deploy.
+
+
+
+
+ Maintainer information
+
+
+ As stated in the previous paragraph, we must provide a clean upgrade-path for Nextcloud
+ since it cannot move more than one major version forward on a single upgrade. This chapter
+ adds some notes how Nextcloud updates should be rolled out in the future.
+
+
+
+ While minor and patch-level updates are no problem and can be done directly in the
+ package-expression (and should be backported to supported stable branches after that),
+ major-releases should be added in a new attribute (e.g. Nextcloud v19.0.0
+ should be available in nixpkgs as pkgs.nextcloud19).
+ To provide simple upgrade paths it's generally useful to backport those as well to stable
+ branches. As long as the package-default isn't altered, this won't break existing setups.
+ After that, the versioning-warning in the nextcloud-module should be
+ updated to make sure that the
+ package-option selects the latest version
+ on fresh setups.
+
+
+
+ If major-releases will be abandoned by upstream, we should check first if those are needed
+ in NixOS for a safe upgrade-path before removing those. In that case we shold keep those
+ packages, but mark them as insecure in an expression like this (in
+ <nixpkgs/pkgs/servers/nextcloud/default.nix>):
+/* ... */
+{
+ nextcloud17 = generic {
+ version = "17.0.x";
+ sha256 = "0000000000000000000000000000000000000000000000000000";
+ insecure = true;
+ };
+}
+
diff --git a/pkgs/servers/nextcloud/default.nix b/pkgs/servers/nextcloud/default.nix
index 9b23e9ac501f..008d6bbde398 100644
--- a/pkgs/servers/nextcloud/default.nix
+++ b/pkgs/servers/nextcloud/default.nix
@@ -1,24 +1,37 @@
{ stdenv, fetchurl }:
-stdenv.mkDerivation rec {
- pname = "nextcloud";
- version = "18.0.2";
+let
+ generic = { version, sha256, insecure ? false }: stdenv.mkDerivation rec {
+ pname = "nextcloud";
+ inherit version;
- src = fetchurl {
- url = "https://download.nextcloud.com/server/releases/${pname}-${version}.tar.bz2";
+ src = fetchurl {
+ url = "https://download.nextcloud.com/server/releases/${pname}-${version}.tar.bz2";
+ inherit sha256;
+ };
+
+ installPhase = ''
+ mkdir -p $out/
+ cp -R . $out/
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Sharing solution for files, calendars, contacts and more";
+ homepage = https://nextcloud.com;
+ maintainers = with maintainers; [ schneefux bachp globin fpletz ma27 ];
+ license = licenses.agpl3Plus;
+ platforms = with platforms; unix;
+ knownVulnerabilities = optional insecure "Nextcloud version ${version} is EOL";
+ };
+ };
+in {
+ nextcloud17 = generic {
+ version = "17.0.4";
+ sha256 = "0cj5mng0nmj3hz30pyz3g19kj3mkm5ca8si3sw3arv61dmw6c5g6";
+ };
+
+ nextcloud18 = generic {
+ version = "18.0.2";
sha256 = "10fbdq0366iai2kpw6v6p78mnn9gz8x0xzsbqrp109yx4c4nccyh";
};
-
- installPhase = ''
- mkdir -p $out/
- cp -R . $out/
- '';
-
- meta = {
- description = "Sharing solution for files, calendars, contacts and more";
- homepage = https://nextcloud.com;
- maintainers = with stdenv.lib.maintainers; [ schneefux bachp globin fpletz ];
- license = stdenv.lib.licenses.agpl3Plus;
- platforms = with stdenv.lib.platforms; unix;
- };
}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index aca6b0e4f153..bed301ede54a 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -5443,7 +5443,8 @@ in
grocy = callPackage ../servers/grocy { };
- nextcloud = callPackage ../servers/nextcloud { };
+ inherit (callPackage ../servers/nextcloud {})
+ nextcloud17 nextcloud18;
nextcloud-client = libsForQt5.callPackage ../applications/networking/nextcloud-client { };