feat: add nextcloud module

This commit is contained in:
Michael Thomas 2024-09-22 15:01:31 -04:00
parent b4f42c62ce
commit f78d27890f
5 changed files with 86 additions and 0 deletions

View File

@ -52,6 +52,7 @@
programs.zsh.enable = true;
my.services.mealie.enable = true;
my.services.nextcloud.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.michael = {

View File

@ -4,5 +4,6 @@
./homepage-dashboard
./homer
./mealie
./nextcloud
];
}

View File

@ -0,0 +1,75 @@
{
pkgs,
config,
lib,
...
}:
with lib; let
cfg = config.my.services.nextcloud;
in {
options.my.services.nextcloud = {
enable = mkEnableOption "Nextcloud";
port = mkOption {
type = types.port;
default = 9090;
example = 8080;
description = "HTTP port for the Nextcloud service.";
};
};
config = mkIf cfg.enable {
services.nextcloud = {
enable = true;
package = pkgs.nextcloud29;
hostName = "cloud.thomasfmly.org";
phpExtraExtensions = ext: with ext; [smbclient];
database.createLocally = true;
configureRedis = true;
maxUploadSize = "16G";
autoUpdateApps.enable = true;
extraAppsEnable = true;
# https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
extraApps = with config.services.nextcloud.package.packages.apps; {
inherit calendar notes user_oidc;
};
config = {
dbtype = "pgsql";
adminuser = "michael";
adminpassFile = config.age.secrets.nextcloudAdminpass.path;
};
settings = {
# Proxy Settings
overwriteprotocol = "https";
trusted_proxies = ["192.168.1.10"];
# Configuration Settings
default_phone_region = "US";
maintenance_window_start = 1;
};
phpOptions = {
"opcache.interned_strings_buffer" = "23";
};
};
age.secrets.nextcloudAdminpass = {
file = ../../../secrets/nextcloud-adminpass.age;
owner = "nextcloud";
group = "nextcloud";
};
services.nginx.virtualHosts."${config.services.nextcloud.hostName}".listen = [
{
addr = "0.0.0.0";
inherit (cfg) port;
}
];
networking.firewall.allowedTCPPorts = [cfg.port];
};
}

View File

@ -0,0 +1,5 @@
age-encryption.org/v1
-> ssh-ed25519 i7RvuQ u1hd5hpz806coGWHakeN1DWxlP4UVHjbGujV8ovBBT4
ls2NRxp2+ZckbiVvMdmF7iy2nfDnTPYiDozuaZGXIX0
--- j2NNFLVnUmZsSdCTLLtzCONlsT1qG7PyXuX0fZcTNJw
ŠÊB<01>xe[ˆ0~¡^<5E>…£Rå¦ÑØlH·sÑ·I]ZìãD„j¤A5åáð_0ê

View File

@ -1,6 +1,7 @@
let
venus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKlbfu7ApeF0khvdzMSWfDaunI+5zy/BboN7qEE4jWd2 root@venus";
oracle = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ0vHE/b6tKk6I6DwEemIF5VdS/JBXW8eiYIBmnbv5LI root@oracle";
nova = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHF7Ga+asH6tWbi0K49Arg3Ov5S+dLHWrT62MkPEJid root@nova";
# systems = [system1];
in {
# Venus
@ -11,4 +12,7 @@ in {
# Oracle
"wireguard-oracle.age".publicKeys = [oracle];
# Nova
"nextcloud-adminpass.age".publicKeys = [nova];
}