challenger/nextcloud: fix and document memories/recognize

This commit is contained in:
Felix Albrigtsen 2024-07-05 23:04:51 +02:00
parent 047d5b0d9d
commit a19ab9a661

View File

@ -45,6 +45,17 @@ in {
};
oidc_login_filter_allowed_values = [ "nextcloud-user" ];
oidc_login_disable_registration = false;
memories = {
# exiftool = "${lib.getExe pkgs.exiftool}"; # TODO - not working, use perl
# exiftool_no_local = false;
vod = {
disable = false;
ffmpeg = "${lib.getExe pkgs.ffmpeg-headless}";
ffprobe = "${pkgs.ffmpeg-headless}/bin/ffprobe";
};
};
preview_ffmpeg_path = "${pkgs.ffmpeg-headless}/bin/ffmpeg";
};
secretFile = config.sops.secrets."nextcloud/secretsjson".path;
@ -64,7 +75,10 @@ in {
};
};
environment.systemPackages = [ cfg.occ ];
environment.systemPackages = [
cfg.occ # "occ CMD" in the docs -> "sudo -u nextcloud nextcloud-occ CMD"
pkgs.nodejs_20 # For Recognize; Put /run/current-system/sw/bin/node in the "node_binary" field in the web UI -> Memories
];
sops.secrets."nextcloud/adminpass" = {
mode = "0440";
@ -87,6 +101,10 @@ in {
} ];
};
systemd.services.nextcloud-cron = {
path = [ pkgs.perl ]; # exiftool doesn't work, so make perl available instead
};
systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
@ -94,10 +112,12 @@ in {
systemd.services."phpfpm-nextcloud" = {
requires = [ "tank-nextcloud.mount" ];
path = [ pkgs.perl ];
serviceConfig = {
PrivateDevices = lib.mkForce false;
WorkingDirectory = "/tank/nextcloud";
NoNewPrivileges = true;
PrivateDevices = true;
PrivateMounts = true;
PrivateTmp = true;
ProtectClock = true;
@ -118,4 +138,11 @@ in {
CapabilityBoundingSet = "~CAP_FSETID ~CAP_SETFCAP ~CAP_SETUID ~CAP_SETGID ~CAP_SETPCAP ~CAP_NET_ADMIN ~CAP_SYS_ADMIN ~CAP_SYS_PTRACE ";
};
};
# Notes:
# - Install Memories and Recognize from the app store
# - They might need to be forced on with "nextcloud-occ app:enable memories", etc.
# - Run "nextcloud-occ maintenance:repair" to fix broken paths
# - Download ai models and maps with the commands given in the ui
# - libtensorflow doesn't work properly through node, but recognize still works(?)
}