Fix secret permissions in nextcloud container

hosts/stratus/containers/nextcloud/default.nix

@@ -10,8 +10,7 @@
     autoStart = true;
     ephemeral = true;
     bindMounts = {
-      "/run/secrets/nextcloud/admin-password" = { };
+      "/run/secrets/nextcloud".isReadOnly = false;
-      "/run/secrets/nextcloud/gmail-password" = { };
       "/run/secrets/tailscale-auth-key" = { };
       "/data/nextcloud".isReadOnly = false;
       "/data/postgresql".isReadOnly = false;

hosts/stratus/containers/nextcloud/email-server.nix

@@ -1,5 +1,5 @@
 {
-  systemd.tmpfiles.rules = [ "d /run/secrets/nextcloud/gmail-password 400 nextcloud nextcloud -" ];
+  systemd.tmpfiles.rules = [ "z /run/secrets/nextcloud/gmail-password 400 nextcloud nextcloud -" ];
 
   services.nextcloud.settings = {
     mail_smtpmode = "sendmail";

hosts/stratus/containers/nextcloud/nextcloud.nix

@@ -4,7 +4,7 @@
   ...
 }:
 {
-  systemd.tmpfiles.rules = [ "d /run/secrets/nextcloud/admin-password 400 nextcloud nextcloud -" ];
+  systemd.tmpfiles.rules = [ "z /run/secrets/nextcloud/admin-password 400 nextcloud nextcloud -" ];
 
   services.postgresql.dataDir = "/data/postgresql";