Document Nextcloud upgrade process if it breaks again.

flake.lock

@@ -151,11 +151,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1749154018,
+        "lastModified": 1752544374,
-        "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=",
+        "narHash": "sha256-ReX0NG6nIAEtQQjLqeu1vUU2jjZuMlpymNtb4VQYeus=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111",
+        "rev": "2e00ed310c218127e02ffcf28ddd4e0f669fde3e",
         "type": "github"
       },
       "original": {
@@ -167,11 +167,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1750083401,
+        "lastModified": 1752048960,
-        "narHash": "sha256-ynqbgIYrg7P1fAKYqe8I/PMiLABBcNDYG9YaAP/d/C4=",
+        "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "61837d2a33ccc1582c5fabb7bf9130d39fee59ad",
+        "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806",
         "type": "github"
       },
       "original": {
@@ -215,11 +215,11 @@
     },
     "nixpkgsUnstable": {
       "locked": {
-        "lastModified": 1750134718,
+        "lastModified": 1752480373,
-        "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=",
+        "narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c",
+        "rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08",
         "type": "github"
       },
       "original": {
@@ -231,11 +231,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1750133334,
+        "lastModified": 1752436162,
-        "narHash": "sha256-urV51uWH7fVnhIvsZIELIYalMYsyr2FCalvlRTzqWRw=",
+        "narHash": "sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "36ab78dab7da2e4e27911007033713bab534187b",
+        "rev": "dfcd5b901dbab46c9c6e80b265648481aafb01f8",
         "type": "github"
       },
       "original": {

hosts/hub/apps/nextcloud.nix

@@ -28,7 +28,7 @@
           nextcloud = {
             enable = true;
             hostName = "nextcloud.thewordnerd.info";
-            package = pkgs.nextcloud30;
+            package = pkgs.nextcloud31;
             configureRedis = true;
             maxUploadSize = "16G";
             # autoUpdateApps.enable = true;
@@ -54,27 +54,43 @@
           };
           resolved.enable = true;
         };
+        # IMPORTANT: Nextcloud container startup workaround
+        # The nextcloud-setup service blocks container startup when it needs to perform upgrades,
+        # creating a circular dependency: the network can't be configured until the container is ready,
+        # but the container can't be ready without network access for the upgrade.
+        # 
+        # To upgrade Nextcloud when changing major versions:
+        # 1. Uncomment the lines below to disable nextcloud-setup
+        # 2. Run: nixos-rebuild switch
+        # 3. Run: nixos-container run nextcloud -- nextcloud-occ upgrade
+        # 4. Run: nixos-container run nextcloud -- nextcloud-occ maintenance:mode --off
+        # 5. Comment out the lines below again
+        # 6. Run: nixos-rebuild switch
+        #
+        # systemd.services.nextcloud-setup = {
+        #   enable = false;
+        # };
         programs.nix-ld.enable = true;
         networking = {
           firewall.allowedTCPPorts = [ 80 ];
           useHostResolvConf = lib.mkForce false;
         };
-        virtualisation.docker.enable = true;
+        # virtualisation.docker.enable = true;
-        users.users.nextcloud.extraGroups = [ "docker" ];
+        # users.users.nextcloud.extraGroups = [ "docker" ];
         environment.systemPackages = with pkgs; [
           poppler_utils
-          (pkgs.writeScriptBin "occ" ''
+          # (pkgs.writeScriptBin "occ" ''
-            #!${pkgs.bash}/bin/bash
+          #   #!${pkgs.bash}/bin/bash
-            exec nextcloud-occ "$@"
+          #   exec nextcloud-occ "$@"
-          '')
+          # '')
         ];
         programs.java.binfmt = true;
         system.stateVersion = "24.11";
       };
     # https://discourse.nixos.org/t/podman-docker-in-nixos-container-ideally-in-unprivileged-one/22909/12
-    additionalCapabilities = [
+    # additionalCapabilities = [
-      ''all" --system-call-filter="add_key keyctl bpf" --capability="all''
+    # ''all" --system-call-filter="add_key keyctl bpf" --capability="all''
-    ];
+    # ];
     bindMounts = {
       "/run/postgresql" = {
         hostPath = "/run/postgresql";

hosts/hub/default.nix

@@ -37,17 +37,12 @@
     ./apps/open-webui.nix
   ];
 
-  boot.loader.grub = {
+  boot = {
-    enable = true;
+    loader = {
-    zfsSupport = true;
+      efi.canTouchEfiVariables = true;
-    efiSupport = true;
+      systemd-boot.enable = true;
-    efiInstallAsRemovable = true;
+    };
-    mirroredBoots = [
+    supportedFilesystems = [ "zfs" ];
-      {
-        devices = [ "nodev" ];
-        path = "/boot";
-      }
-    ];
   };
 
   networking = {