diff options
| author | Silas Schöffel <sils@sils.li> | 2025-04-07 15:01:35 +0200 |
|---|---|---|
| committer | Silas Schöffel <sils@sils.li> | 2025-04-07 15:30:01 +0200 |
| commit | c0c8aa5fbb4ff3f6dc73c51a6333698411b7fe7e (patch) | |
| tree | 45598a781ce90a8ef332527569fbee1a47654bad /modules | |
| parent | hosts/server2: Format (diff) | |
| download | nixos-server-c0c8aa5fbb4ff3f6dc73c51a6333698411b7fe7e.zip | |
nextcloud: init on server2
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/by-name/co/constants/module.nix | 4 | ||||
| -rw-r--r-- | modules/by-name/ne/nextcloud/module.nix | 78 |
2 files changed, 82 insertions, 0 deletions
diff --git a/modules/by-name/co/constants/module.nix b/modules/by-name/co/constants/module.nix index d601e70..7eaa8b4 100644 --- a/modules/by-name/co/constants/module.nix +++ b/modules/by-name/co/constants/module.nix @@ -44,6 +44,8 @@ sshd = 331; systemd-oom = 332; nix-sync = 334; + nextcloud = 335; + redis-nextcloud = 336; # As per the NixOS file, the uids should not be greater or equal to 400; }; @@ -59,11 +61,13 @@ mastodon matrix-synapse mautrix-whatsapp + nextcloud nix-sync nscd opendkim peertube redis-mastodon + redis-nextcloud redis-peertube redis-rspamd redis-stalwart-mail diff --git a/modules/by-name/ne/nextcloud/module.nix b/modules/by-name/ne/nextcloud/module.nix new file mode 100644 index 0000000..2e40970 --- /dev/null +++ b/modules/by-name/ne/nextcloud/module.nix @@ -0,0 +1,78 @@ +{ + config, + pkgs, + lib, + ... +}: let + cfg = config.vhack.nextcloud; +in { + options.vhack.nextcloud = { + enable = lib.mkEnableOption "a sophisticated nextcloud setup"; + package = lib.mkOption { + type = lib.types.package; + default = pkgs.nextcloud31; + description = "The nextcloud package to use"; + }; + hostname = lib.mkOption { + type = lib.types.str; + description = "The nextcloud hostname (fqdn)"; + }; + adminpassFile = lib.mkOption { + type = lib.types.path; + description = "The age encrypted admin password file"; + }; + }; + config = lib.mkIf cfg.enable { + vhack = { + nginx.enable = true; + postgresql.enable = true; + persist.directories = [ + "/var/lib/nextcloud" + ]; + }; + age.secrets = { + adminpassFile = { + file = cfg.adminpassFile; + mode = "0700"; + owner = "nextcloud"; + group = "nextcloud"; + }; + }; + + services = { + nextcloud = { + enable = true; + configureRedis = true; + config = { + adminuser = "admin"; + adminpassFile = config.age.secrets.adminpassFile.path; + dbname = "nextcloud"; + dbuser = "nextcloud"; + dbtype = "pgsql"; + }; + database.createLocally = true; + hostName = cfg.hostname; + https = true; + maxUploadSize = "5G"; + package = cfg.package; + settings = { + default_phone_region = "DE"; + }; + }; + nginx.virtualHosts.${cfg.hostname} = { + forceSSL = true; + enableACME = true; + }; + }; + users = { + users = { + "nextcloud".uid = config.vhack.constants.ids.uids.nextcloud; + "redis-nextcloud".uid = config.vhack.constants.ids.uids.redis-nextcloud; + }; + groups = { + "nextcloud".gid = config.vhack.constants.ids.gids.nextcloud; + "redis-nextcloud".gid = config.vhack.constants.ids.gids.redis-nextcloud; + }; + }; + }; +} |