PR #277382 didn't fix just an issue with .mjs files for the `forms` app,
but an underlying, more problematic issue: for `/nix-apps` &
`/store-apps`, the fcgi config for PHP and the block for assets were
never reached.
That meant that e.g. `/nix-apps/notes/lib/AppInfo/Application.php`
returned the PHP source code as text/plain. Considering that there was
never a fundamental change to how this config's structure, I'm pretty
sure that the issue was pretty much there since the module exists.
After consulting the NixOS security team we agreed that this is most
likely harmless because you'd have to use private apps with secrets in
the raw PHP code of said app. However, this is still problematic because
one important assumption - that PHP code is never sent to the browser -
is broken which is why we decided on not mentioning this impact in the
previous PR from December 2023.
To make sure that we don't regress our nginx config, I decided to add
the reproducer which fails on 8bbbb228b4
as testcase to our integration tests.
Starting with Rclone v1.63, which is used in the Nextcloud tests for
synchronization, the client relies on the correct WebDAV endpoint url,
see https://github.com/rclone/rclone/issues/7103
* Ensure that the redis cache is actually used in the "trivial" case
(`with-postgresql-and-redis`)
* Test against all Nextcloud versions we've packaged
* Actually set a secret to make sure that the provided secret is
properly read by Nextcloud.
* Add myself as maintainer to the secret-test to make sure that I don't
miss any more changes like this that could break the functionality of
that feature.
One of the main problems of the Nextcloud module is that it's currently
not possible to alter e.g. database configuration after the initial
setup as it's written by their imperative installer to a file.
After some research[1] it turned out that it's possible to override all values
with an additional config file. The documentation has been
slightly updated to remain up-to-date, but the warnings should
remain there as the imperative configuration is still used and may cause
unwanted side-effects.
Also simplified the postgresql test which uses `ensure{Databases,Users}` to
configure the database.
Fixes#49783
[1] https://github.com/NixOS/nixpkgs/issues/49783#issuecomment-483063922
