diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
index 25b3a686c0d9..e06a6094c1a7 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
@@ -607,6 +607,22 @@
binaries, use the p4d package instead.
+
+
+ The NextCloud NixOS module uses OpenSSL 3.x for its PHP’s
+ openssl extension, this breaks RC4-based server-side
+ encryption in NextCloud, making all your files unreadable upon
+ upgrade. Upon testing, we could not trigger any cases of
+ data loss, but we
+ cannot guarantee that for
+ every accidental OpenSSL upgrade. To restore functionality,
+ services.nextcloud.enableBrokenCiphersForSSE
+ has to be set to true. NextCloud is
+ planning to implement AES-256-GCM server-side encryption in
+ the future through
+ https://github.com/nextcloud/server/pull/25551.
+
+
The coq package and versioned variants
diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md
index 583480bec020..5831dbbaba8a 100644
--- a/nixos/doc/manual/release-notes/rl-2211.section.md
+++ b/nixos/doc/manual/release-notes/rl-2211.section.md
@@ -196,6 +196,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
- The `p4` package now only includes the open-source Perforce Helix Core command-line client and APIs. It no longer installs the unfree Helix Core Server binaries `p4d`, `p4broker`, and `p4p`. To install the Helix Core Server binaries, use the `p4d` package instead.
+- The NextCloud NixOS module uses OpenSSL 3.x for its PHP's openssl extension, this breaks RC4-based server-side encryption in NextCloud, making all your files unreadable upon upgrade. Upon testing, we could not trigger any cases of **data loss**, but we **cannot guarantee** that for every accidental OpenSSL upgrade. To restore functionality, [`services.nextcloud.enableBrokenCiphersForSSE`](#opt-services.nextcloud.enableBrokenCiphersForSSE) has to be set to `true`. NextCloud is planning to implement AES-256-GCM server-side encryption in the future through .
+
- The `coq` package and versioned variants starting at `coq_8_14` no
longer include CoqIDE, which is now available through
`coqPackages.coqide`. It is still possible to get CoqIDE as part of
diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix
index 04599884f139..2a4ca13b473f 100644
--- a/nixos/modules/services/web-apps/nextcloud.nix
+++ b/nixos/modules/services/web-apps/nextcloud.nix
@@ -13,7 +13,12 @@ let
phpPackage = cfg.phpPackage.buildEnv {
extensions = { enabled, all }:
(with all;
- enabled
+ # disable default openssl extension
+ (lib.filter (e: e.pname != "openssl") enabled)
+ # use OpenSSL 1.1 for RC4 NextCloud encryption if user
+ # has acknowledged the brokeness of the ciphers (RC4).
+ # TODO: remove when https://github.com/nextcloud/server/issues/32003 is fixed.
+ ++ (if cfg.enableBrokenCiphersForSSE then [ cfg.phpPackage.extensions.openssl-legacy ] else [ cfg.phpPackage.extensions.openssl ])
++ optional cfg.enableImagemagick imagick
# Optionally enabled depending on caching settings
++ optional cfg.caching.apcu apcu
@@ -80,6 +85,36 @@ in {
options.services.nextcloud = {
enable = mkEnableOption (lib.mdDoc "nextcloud");
+
+ enableBrokenCiphersForSSE = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ This option uses OpenSSL PHP extension linked against OpenSSL 1.x rather
+ than latest OpenSSL (≥ 3), this is not recommended except if you need
+ it.
+
+ Server-side encryption in NextCloud uses RC4 ciphers, a broken cipher
+ since ~2004.
+
+ This cipher has been disabled in OpenSSL ≥ 3 and requires
+ a specific legacy profile to re-enable it.
+
+ If you upgrade to a NextCloud using OpenSSL ≥ 3 and have
+ server-side encryption configured, you will not be able to access
+ your files anymore, enabling this option can restore access to your files.
+
+ Unless you are using external storage,
+ it is advised to [disable server-side encryption](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html#disabling-encryption) as it is unclear
+ it provides any amount of security beyond encryption for external storage.
+ If you know more about this feature and is keen on it,
+ please chime in or open
+ an issue in nixpkgs.
+
+ In the future, NextCloud may move to AES-256-GCM, by then,
+ this option will be deprecated.
+ '';
+ };
hostName = mkOption {
type = types.str;
description = lib.mdDoc "FQDN for the nextcloud instance.";
@@ -649,6 +684,16 @@ in {
++ (optional (versionOlder cfg.package.version "23") (upgradeWarning 22 "22.05"))
++ (optional (versionOlder cfg.package.version "24") (upgradeWarning 23 "22.05"))
++ (optional (versionOlder cfg.package.version "25") (upgradeWarning 24 "22.11"))
+ ++ (optional cfg.enableBrokenCiphersForSSE ''
+ You're using PHP's openssl extension built against OpenSSL 1.1.
+ This is only necessary if you're using NextCloud's server-side encryption.
+ Please keep in mind that it's using the broken RC4 cipher.
+
+ In order to disable this option and remove this warning,
+ server-side encryption has to be disabled, see on how to achieve this.
+
+ For more context, here is the implementing pull request: https://github.com/NixOS/nixpkgs/pull/198470
+ '')
++ (optional isUnsupportedMariadb ''
You seem to be using MariaDB at an unsupported version (i.e. at least 10.6)!
Please note that this isn't supported officially by Nextcloud. You can either
diff --git a/nixos/tests/nextcloud/basic.nix b/nixos/tests/nextcloud/basic.nix
index eb37470a4c7b..5cf4d8ca7554 100644
--- a/nixos/tests/nextcloud/basic.nix
+++ b/nixos/tests/nextcloud/basic.nix
@@ -41,6 +41,7 @@ in {
enable = true;
datadir = "/var/lib/nextcloud-data";
hostName = "nextcloud";
+ enableBrokenCiphersForSSE = args.enableBrokenCiphersForSSE or false;
config = {
# Don't inherit adminuser since "root" is supposed to be the default
adminpassFile = "${pkgs.writeText "adminpass" adminpass}"; # Don't try this at home!
diff --git a/nixos/tests/nextcloud/default.nix b/nixos/tests/nextcloud/default.nix
index 7dbdff988238..b55831047c62 100644
--- a/nixos/tests/nextcloud/default.nix
+++ b/nixos/tests/nextcloud/default.nix
@@ -8,6 +8,11 @@ with pkgs.lib;
foldl
(matrix: ver: matrix // {
"basic${toString ver}" = import ./basic.nix { inherit system pkgs; nextcloudVersion = ver; };
+ "with-legacy-openssl${toString ver}" = import ./basic.nix {
+ inherit system pkgs;
+ nextcloudVersion = ver;
+ enableBrokenCiphersForSSE = true;
+ };
"with-postgresql-and-redis${toString ver}" = import ./with-postgresql-and-redis.nix {
inherit system pkgs;
nextcloudVersion = ver;
diff --git a/pkgs/top-level/php-packages.nix b/pkgs/top-level/php-packages.nix
index 0b9f4237327b..2ab2000af583 100644
--- a/pkgs/top-level/php-packages.nix
+++ b/pkgs/top-level/php-packages.nix
@@ -414,6 +414,15 @@ lib.makeScope pkgs.newScope (self: with self; {
configureFlags = [ "--with-openssl" ];
doCheck = false;
}
+ # This provides a legacy OpenSSL PHP extension
+ # For situations where OpenSSL 3 do not support a set of features
+ # without a specific openssl.cnf file
+ {
+ name = "openssl-legacy";
+ buildInputs = [ openssl_1_1 ];
+ configureFlags = [ "--with-openssl" ];
+ doCheck = false;
+ }
{ name = "pcntl"; }
{ name = "pdo"; doCheck = false; }
{