add harbor nc secrets

modules/services/nextcloud-instance.nix

@@ -20,11 +20,15 @@ in {
       default = true;
       description = "Use SSL and auto-update certificates";
     };
+
+    adminPasswordFile = lib.mkOption {
+      type = lib.types.path;
+      example = "/etc/nc-admin-pass.txt";
+      description = "Path to the file containing the Nextcloud admin password";
+    };
   };
 
   config = lib.mkIf cfg.enable {
-    environment.etc."nc-admin-pass.txt".text = "replace-me-with-a-sops-secret";
-
     services.nextcloud = {
       # Instance
       enable = true;
@@ -35,7 +39,7 @@ in {
       # DB
       config.dbtype = "pgsql";
       config.dbhost = "/run/postgresql";
-      config.adminpassFile = "/etc/nc-admin-pass.txt"; # FIXME: sops
+      config.adminpassFile = cfg.adminPasswordFile;
 
       #Mail
       settings = {