OpenVolt/nyxtumops
1
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
alpha
nyxtumops/domains/openvolt.tk/services/nextcloud.nix
Jacob Hrbek 8cc1197dda Alpha release on request 
Signed-off-by: Jacob Hrbek <kreyren@fsfe.org>
2021-09-05 08:02:09 +02:00

66 lines
2.2 KiB
Nix
Raw Permalink Blame History

# REF(Krey): How to set up Nextcloud on NixOS https://jacobneplokh.com/how-to-setup-nextcloud-on-nixos/
# REF(KREY): NixOS manual on nextcloud https://nixos.org/manual/nixos/stable/index.html#module-services-nextcloud
# lib.mkIf config.services.nextcloud.enable
{ config, lib, ... }: lib.mkIf config.services.nextcloud.enable {
services.nextcloud = {
hostName = "nextcloud" + config.networking.fqdn;
https = true;
# FIXME-QA(Krey): implement logic that adjusts the value based on our available storage
# WARN-BUG(Krey): This has to be above 512M (https://github.com/NixOS/nixpkgs/issues/136552)
maxUploadSize = "512M";
config = {
# NOTE(Krey): Force nextcloud to use https
overwriteProtocol = "https";
adminuser = "admin";
# Nextcloud PostegreSQL database configuration, recommended over using SQLite
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
};
autoUpdateApps.startAt = "05:00:00";
};
# DND-SECURITY(Krey): These have to have a secret handling
services.nextcloud.config.adminpass = "Heeyay";
services.nextcloud.config.dbpass = "Heeyay";
# Enable postgresql if nextcloud needs it
# FIXME(Krey): Figure out why is this not working
# services.postgresql.enable = if(config.service.nextcloud.config.dbtype == "pgsql")
# then true
# else false;
services.postgresql.enable = true;
services.postgresql = {
ensureDatabases = [ "nextcloud" ];
ensureUsers = [{
name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}];
};
# Web server handling
## Nginx
### FIXME-QA(Krey): Add compatibility for other web servers
### FIXME-CONTRIB(Krey): Establish better handling for the webservers in upstream
services.nextcloud.nginx.enable = if(config.services.nginx.enable == true)
then true
else false;
services.nginx = lib.mkIf config.services.nginx.enable {
virtualHosts = {
"${config.services.nextcloud.hostName}" = {
forceSSL = true;
enableACME = true;
};
};
};
# ensure that postgres is running *before* running the setup
systemd.services."nextcloud-setup" = {
requires = ["postgresql.service"];
after = ["postgresql.service"];
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}
Reference in New Issue View Git Blame Copy Permalink