about summary refs log tree commit diff stats
path: root/modules/by-name
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--modules/by-name/co/constants/module.nix4
-rw-r--r--modules/by-name/ne/nextcloud/module.nix78
2 files changed, 82 insertions, 0 deletions
diff --git a/modules/by-name/co/constants/module.nix b/modules/by-name/co/constants/module.nix
index d601e70..7eaa8b4 100644
--- a/modules/by-name/co/constants/module.nix
+++ b/modules/by-name/co/constants/module.nix
@@ -44,6 +44,8 @@
       sshd = 331;
       systemd-oom = 332;
       nix-sync = 334;
+      nextcloud = 335;
+      redis-nextcloud = 336;
 
       # As per the NixOS file, the uids should not be greater or equal to 400;
     };
@@ -59,11 +61,13 @@
         mastodon
         matrix-synapse
         mautrix-whatsapp
+        nextcloud
         nix-sync
         nscd
         opendkim
         peertube
         redis-mastodon
+        redis-nextcloud
         redis-peertube
         redis-rspamd
         redis-stalwart-mail
diff --git a/modules/by-name/ne/nextcloud/module.nix b/modules/by-name/ne/nextcloud/module.nix
new file mode 100644
index 0000000..2e40970
--- /dev/null
+++ b/modules/by-name/ne/nextcloud/module.nix
@@ -0,0 +1,78 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  cfg = config.vhack.nextcloud;
+in {
+  options.vhack.nextcloud = {
+    enable = lib.mkEnableOption "a sophisticated nextcloud setup";
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.nextcloud31;
+      description = "The nextcloud package to use";
+    };
+    hostname = lib.mkOption {
+      type = lib.types.str;
+      description = "The nextcloud hostname (fqdn)";
+    };
+    adminpassFile = lib.mkOption {
+      type = lib.types.path;
+      description = "The age encrypted admin password file";
+    };
+  };
+  config = lib.mkIf cfg.enable {
+    vhack = {
+      nginx.enable = true;
+      postgresql.enable = true;
+      persist.directories = [
+        "/var/lib/nextcloud"
+      ];
+    };
+    age.secrets = {
+      adminpassFile = {
+        file = cfg.adminpassFile;
+        mode = "0700";
+        owner = "nextcloud";
+        group = "nextcloud";
+      };
+    };
+
+    services = {
+      nextcloud = {
+        enable = true;
+        configureRedis = true;
+        config = {
+          adminuser = "admin";
+          adminpassFile = config.age.secrets.adminpassFile.path;
+          dbname = "nextcloud";
+          dbuser = "nextcloud";
+          dbtype = "pgsql";
+        };
+        database.createLocally = true;
+        hostName = cfg.hostname;
+        https = true;
+        maxUploadSize = "5G";
+        package = cfg.package;
+        settings = {
+          default_phone_region = "DE";
+        };
+      };
+      nginx.virtualHosts.${cfg.hostname} = {
+        forceSSL = true;
+        enableACME = true;
+      };
+    };
+    users = {
+      users = {
+        "nextcloud".uid = config.vhack.constants.ids.uids.nextcloud;
+        "redis-nextcloud".uid = config.vhack.constants.ids.uids.redis-nextcloud;
+      };
+      groups = {
+        "nextcloud".gid = config.vhack.constants.ids.gids.nextcloud;
+        "redis-nextcloud".gid = config.vhack.constants.ids.gids.redis-nextcloud;
+      };
+    };
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-04-16 15:26:27 +0000