From 9931c4a4072215569a80a8e31316ab35bc65c8a5 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Sat, 23 Apr 2022 13:17:51 +0200 Subject: [PATCH] nixos/nextcloud: make `profile.enabled` configurable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I recently learned that Nextcloud 23's new profile feature — basically a way for users to share personal contact details — has a problematic default setting, profile data is shared with **everyone** by default. This means that an unauthenticated user can access personal information by accessing `nextcloud.tld/u/user.name`. The announcement of v23 states[1]: > We go a step further and introduce a profile page. Here you can put a > description of yourself, show links to, for example, social media, what > department you are in and information on how to contact you. All these > are of course entirely optional and you can choose what is visible to who! > The profile and user status are accessible also from our mobile and desktop clients. It's not mentioned that by default you share personal information[3] with everyone and personally I think that's somewhat problematic. To work around that, I decided to add an option for the recently added[2] and even set it to `false` by default to make an explicit opt-in for that feature. [1] https://nextcloud.com/blog/nextcloud-hub-2-brings-major-overhaul-introducing-nextcloud-office-p2p-backup-and-more/ [2] https://github.com/nextcloud/server/pull/31624/files [3] By default, this affects the following properties: * About * Full name * Headline * Organisation * Profile picture * Role * Twitter * Website Phone, Address and Email are not affected and only shown to authenticated users by default. --- nixos/modules/services/web-apps/nextcloud.nix | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index f74b6bda0ca..a4b886821eb 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -522,6 +522,29 @@ in { The nextcloud-occ program preconfigured to target this Nextcloud instance. ''; }; + globalProfiles = mkEnableOption "global profiles" // { + description = '' + Makes user-profiles globally available under nextcloud.tld/u/user.name. + Even though it's enabled by default in Nextcloud, it must be explicitly enabled + here because it has the side-effect that personal information is even accessible to + unauthenticated users by default. + + By default, the following properties are set to Show to everyone + if this flag is enabled: + + About + Full name + Headline + Organisation + Profile picture + Role + Twitter + Website + + + Only has an effect in Nextcloud 23 and later. + ''; + }; nginx.recommendedHttpHeaders = mkOption { type = types.bool; @@ -650,6 +673,8 @@ in { if x == null then "false" else boolToString x; + nextcloudGreaterOrEqualThan = req: versionAtLeast cfg.package.version req; + overrideConfig = pkgs.writeText "nextcloud-config.php" '' ${writePhpArrary ([ cfg.hostName ] ++ c.extraTrustedDomains)}, 'trusted_proxies' => ${writePhpArrary (c.trustedProxies)}, ${optionalString (c.defaultPhoneRegion != null) "'default_phone_region' => '${c.defaultPhoneRegion}',"} + ${optionalString (nextcloudGreaterOrEqualThan "23") "'profile.enabled' => ${boolToString cfg.globalProfiles}"} ${objectstoreConfig} ]; '';