Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
436903543bd49e9dc41439a1cc949e8152130d91
nixos/hosts/web-arm/modules/nextcloud/default.nix

95 lines
3.1 KiB
Nix
Raw Blame History

{ pkgs, config, ... }:
let
nextcloud30 = pkgs.nextcloud30.overrideAttrs (oldAttrs: {
src = pkgs.fetchurl {
url = "https://download.nextcloud.com/server/releases/nextcloud-30.0.2.tar.bz2";
sha256 = "sha256-kpu4BF6WIW/iKmXc1mJ55b17oauynZm/QB1CO2RqRF8=";
};
});
in
{
sops.secrets.nextcloud-adminpass.owner = "nextcloud";
sops.secrets.nextcloud-secrets.owner = "nextcloud";
sops.secrets.nextcloud-smb-credentials.owner = "nextcloud";
services.nextcloud = {
enable = true;
hostName = "nextcloud.cloonar.com";
https = true;
package = pkgs.nextcloud31;
# Instead of using pkgs.nextcloud27Packages.apps,
# we'll reference the package version specified above
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar contacts deck groupfolders mail richdocuments tasks;
oidc_login = pkgs.fetchNextcloudApp rec {
url = "https://github.com/pulsejet/nextcloud-oidc-login/releases/download/v3.1.1/oidc_login.tar.gz";
sha256 = "sha256-b/tKk+y+ZypCHGNDtunDua2msYD6/TzA0haoC0k85F4=";
license = "gpl3";
};
};
autoUpdateApps.enable = true;
extraAppsEnable = true;
database.createLocally = true;
caching.apcu = true;
configureRedis = true;
phpOptions."opcache.interned_strings_buffer" = "23";
config = {
adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
dbtype = "mysql";
};
secretFile = config.sops.secrets.nextcloud-secrets.path;
settings = {
log_type = "errorlog";
allow_user_to_change_display_name = false;
maintenance_window_start = 1;
lost_password_link = "disabled";
oidc_login_provider_url = "https://auth.cloonar.com";
oidc_login_client_id = "nextcloud";
oidc_login_button_text = "Log in with Authelia";
oidc_login_auto_redirect = false;
oidc_login_proxy_ldap = true;
oidc_login_attributes = {
id = "preferred_username";
name = "name";
mail = "email";
groups = "groups";
ldap_uid = "email";
};
oidc_login_scope = "openid profile email groups";
default_phone_region = "AT";
};
};
environment.systemPackages = [ pkgs.cifs-utils ];
fileSystems."/var/lib/nextcloud/data" = {
device = "//u149513.your-backup.de/u149513-sub4/";
fsType = "cifs";
options = let
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users,file_mode=0770,dir_mode=0770";
in ["${automount_opts},credentials=${config.sops.secrets.nextcloud-smb-credentials.path},uid=983,gid=964"];
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
};
services.mysql = {
ensureUsers = [
{
name = "nextcloud";
ensurePermissions = {
"nextcloud.*" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = [ "nextcloud" ];
};
services.mysqlBackup.databases = [ "nextcloud" ];
}
Reference in New Issue View Git Blame Copy Permalink