feat: add nextcloud module
This commit is contained in:
parent
b4f42c62ce
commit
f78d27890f
@ -52,6 +52,7 @@
|
||||
programs.zsh.enable = true;
|
||||
|
||||
my.services.mealie.enable = true;
|
||||
my.services.nextcloud.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.michael = {
|
||||
|
@ -4,5 +4,6 @@
|
||||
./homepage-dashboard
|
||||
./homer
|
||||
./mealie
|
||||
./nextcloud
|
||||
];
|
||||
}
|
||||
|
75
modules/services/nextcloud/default.nix
Normal file
75
modules/services/nextcloud/default.nix
Normal file
@ -0,0 +1,75 @@
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
cfg = config.my.services.nextcloud;
|
||||
in {
|
||||
options.my.services.nextcloud = {
|
||||
enable = mkEnableOption "Nextcloud";
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 9090;
|
||||
example = 8080;
|
||||
description = "HTTP port for the Nextcloud service.";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud29;
|
||||
hostName = "cloud.thomasfmly.org";
|
||||
phpExtraExtensions = ext: with ext; [smbclient];
|
||||
|
||||
database.createLocally = true;
|
||||
configureRedis = true;
|
||||
|
||||
maxUploadSize = "16G";
|
||||
|
||||
autoUpdateApps.enable = true;
|
||||
extraAppsEnable = true;
|
||||
# https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
|
||||
extraApps = with config.services.nextcloud.package.packages.apps; {
|
||||
inherit calendar notes user_oidc;
|
||||
};
|
||||
|
||||
config = {
|
||||
dbtype = "pgsql";
|
||||
adminuser = "michael";
|
||||
adminpassFile = config.age.secrets.nextcloudAdminpass.path;
|
||||
};
|
||||
|
||||
settings = {
|
||||
# Proxy Settings
|
||||
overwriteprotocol = "https";
|
||||
trusted_proxies = ["192.168.1.10"];
|
||||
|
||||
# Configuration Settings
|
||||
default_phone_region = "US";
|
||||
maintenance_window_start = 1;
|
||||
};
|
||||
|
||||
phpOptions = {
|
||||
"opcache.interned_strings_buffer" = "23";
|
||||
};
|
||||
};
|
||||
|
||||
age.secrets.nextcloudAdminpass = {
|
||||
file = ../../../secrets/nextcloud-adminpass.age;
|
||||
owner = "nextcloud";
|
||||
group = "nextcloud";
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."${config.services.nextcloud.hostName}".listen = [
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
inherit (cfg) port;
|
||||
}
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [cfg.port];
|
||||
};
|
||||
}
|
5
secrets/nextcloud-adminpass.age
Normal file
5
secrets/nextcloud-adminpass.age
Normal file
@ -0,0 +1,5 @@
|
||||
age-encryption.org/v1
|
||||
-> ssh-ed25519 i7RvuQ u1hd5hpz806coGWHakeN1DWxlP4UVHjbGujV8ovBBT4
|
||||
ls2NRxp2+ZckbiVvMdmF7iy2nfDnTPYiDozuaZGXIX0
|
||||
--- j2NNFLVnUmZsSdCTLLtzCONlsT1qG7PyXuX0fZcTNJw
|
||||
ŠÊB<01>xe[ˆ0~¡^<5E>…£Rå¦ÑØlH·sÑ·I]ZìãD„j¤A5‹åáð_0ê
|
@ -1,6 +1,7 @@
|
||||
let
|
||||
venus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKlbfu7ApeF0khvdzMSWfDaunI+5zy/BboN7qEE4jWd2 root@venus";
|
||||
oracle = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ0vHE/b6tKk6I6DwEemIF5VdS/JBXW8eiYIBmnbv5LI root@oracle";
|
||||
nova = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHF7Ga+asH6tWbi0K49Arg3Ov5S+dLHWrT62MkPEJid root@nova";
|
||||
# systems = [system1];
|
||||
in {
|
||||
# Venus
|
||||
@ -11,4 +12,7 @@ in {
|
||||
|
||||
# Oracle
|
||||
"wireguard-oracle.age".publicKeys = [oracle];
|
||||
|
||||
# Nova
|
||||
"nextcloud-adminpass.age".publicKeys = [nova];
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user