2024-12-10 11:39:55 +01:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}:
|
2021-07-17 00:24:30 +02:00
|
|
|
let
|
2024-03-26 23:37:53 +01:00
|
|
|
cfg = config.custom.services.nextcloud;
|
2024-12-10 11:39:55 +01:00
|
|
|
in
|
|
|
|
|
{
|
2024-03-26 23:37:53 +01:00
|
|
|
options.custom.services.nextcloud = {
|
|
|
|
|
enable = lib.mkEnableOption "nextcloud";
|
2021-11-29 02:04:29 +01:00
|
|
|
};
|
|
|
|
|
|
2024-03-26 23:37:53 +01:00
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
|
sops.secrets = {
|
|
|
|
|
nextcloudDbPassword = {
|
|
|
|
|
owner = config.users.users.nextcloud.name;
|
|
|
|
|
key = "nextcloud/db_password";
|
|
|
|
|
restartUnits = [ "nextcloud-setup.service" ];
|
|
|
|
|
};
|
|
|
|
|
nextcloudAdminPassword = {
|
|
|
|
|
owner = config.users.users.nextcloud.name;
|
|
|
|
|
key = "nextcloud/admin_password";
|
|
|
|
|
restartUnits = [ "nextcloud-setup.service" ];
|
|
|
|
|
};
|
2021-07-17 00:24:30 +02:00
|
|
|
};
|
|
|
|
|
|
2024-03-26 23:37:53 +01:00
|
|
|
environment.systemPackages = with pkgs; [ sshfs ];
|
2021-07-17 00:24:30 +02:00
|
|
|
|
2024-03-26 23:37:53 +01:00
|
|
|
services.nginx.virtualHosts."${config.services.nextcloud.hostName}" = {
|
|
|
|
|
enableACME = true;
|
|
|
|
|
forceSSL = true;
|
2021-07-17 00:24:30 +02:00
|
|
|
};
|
2022-07-27 23:50:41 +02:00
|
|
|
|
2024-12-11 05:02:44 +01:00
|
|
|
# Can't change home dir for now, use bind mount as workaround
|
|
|
|
|
# https://github.com/NixOS/nixpkgs/issues/356973
|
|
|
|
|
fileSystems."/var/lib/nextcloud" = {
|
|
|
|
|
device = "/nix/var/data/nextcloud";
|
|
|
|
|
options = [ "bind" ];
|
|
|
|
|
};
|
|
|
|
|
|
2024-03-26 23:37:53 +01:00
|
|
|
services.nextcloud = {
|
|
|
|
|
enable = true;
|
2024-12-10 11:39:55 +01:00
|
|
|
# home = "/nix/var/data/nextcloud";
|
2024-12-14 00:40:55 +01:00
|
|
|
package = pkgs.nextcloud30;
|
2024-03-26 23:37:53 +01:00
|
|
|
hostName = "cloud.${config.networking.domain}";
|
|
|
|
|
https = true;
|
|
|
|
|
maxUploadSize = "1G";
|
2024-12-14 02:50:59 +01:00
|
|
|
configureRedis = true;
|
2024-03-26 23:37:53 +01:00
|
|
|
|
|
|
|
|
config = {
|
|
|
|
|
dbtype = "pgsql";
|
|
|
|
|
dbuser = "nextcloud";
|
2024-12-10 11:39:55 +01:00
|
|
|
dbhost = "127.0.0.1";
|
2024-03-26 23:37:53 +01:00
|
|
|
dbname = "nextcloud";
|
|
|
|
|
dbpassFile = "${config.sops.secrets.nextcloudDbPassword.path}";
|
|
|
|
|
adminpassFile = "${config.sops.secrets.nextcloudAdminPassword.path}";
|
|
|
|
|
adminuser = "root";
|
|
|
|
|
};
|
|
|
|
|
|
2024-07-02 18:16:26 +02:00
|
|
|
settings = {
|
|
|
|
|
overwriteProtocol = "https";
|
|
|
|
|
default_phone_region = "BE";
|
|
|
|
|
maintenance_window_start = 1;
|
|
|
|
|
};
|
2024-03-12 05:13:57 +01:00
|
|
|
|
2024-03-26 23:37:53 +01:00
|
|
|
phpOptions = {
|
|
|
|
|
short_open_tag = "Off";
|
|
|
|
|
expose_php = "Off";
|
|
|
|
|
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
|
|
|
|
|
display_errors = "stderr";
|
|
|
|
|
"opcache.enable_cli" = "1";
|
2024-07-04 17:38:06 +02:00
|
|
|
"opcache.interned_strings_buffer" = "24";
|
2024-03-26 23:37:53 +01:00
|
|
|
"opcache.max_accelerated_files" = "10000";
|
|
|
|
|
"opcache.memory_consumption" = "128";
|
|
|
|
|
"opcache.revalidate_freq" = "1";
|
|
|
|
|
"opcache.fast_shutdown" = "1";
|
|
|
|
|
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
|
|
|
|
|
catch_workers_output = "yes";
|
|
|
|
|
};
|
2022-07-27 23:50:41 +02:00
|
|
|
};
|
2021-07-17 00:24:30 +02:00
|
|
|
};
|
|
|
|
|
}
|
