Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
d8db7df64ee19cb7061544c37799f8342695eaf8
nixos/hosts/web.social-grow.tech/modules/nextcloud/default.nix

109 lines
3.7 KiB
Nix
Raw Blame History

{ pkgs, config, ... }:
let
domain = config.networking.domain;
in {
imports = [
./ldap.nix
];
sops.secrets.nextcloud-smb-credentials = {};
sops.secrets.nextcloud-adminpass.owner = "nextcloud";
sops.secrets.nextcloud-secrets.owner = "nextcloud";
services.nextcloud = {
enable = true;
hostName = "cloud.${domain}";
https = true;
package = pkgs.nextcloud29;
# Instead of using pkgs.nextcloud27Packages.apps,
# we'll reference the package version specified above
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar contacts deck forms groupfolders richdocuments;
oidc_login = pkgs.fetchNextcloudApp rec {
url = "https://github.com/pulsejet/nextcloud-oidc-login/releases/download/v3.1.1/oidc_login.tar.gz";
sha256 = "sha256-EVHDDFtz92lZviuTqr+St7agfBWok83HpfuL6DFCoTE=";
license = "gpl3";
};
guests = pkgs.fetchNextcloudApp rec {
url = "https://github.com/nextcloud-releases/guests/releases/download/v4.0.0/guests-v4.0.0.tar.gz";
sha256 = "sha256-dM2BmckOGZpcFDVs2oYVDqPafyBtLFB3ZCcsnOflteM=";
license = "gpl3";
};
files_accesscontrol = pkgs.fetchNextcloudApp rec {
url = "https://github.com/nextcloud/files_accesscontrol/archive/refs/tags/v1.20.1.tar.gz";
sha256 = "sha256-3vcnXiLsmUnt3GiF8H9Mw8jOwAmIn1cqr13SBgvdm+g=";
license = "gpl3";
};
appointments = pkgs.fetchNextcloudApp rec {
url = "https://github.com/SergeyMosin/Appointments/raw/refs/tags/v2.1.12/build/artifacts/appstore/appointments.tar.gz";
sha256 = "sha256-hMLimaBz5RBRzkEwpWJ9ZUrNY0oRTbPeYFCvH8hl1YE=";
license = "gpl3";
};
};
autoUpdateApps.enable = true;
extraAppsEnable = true;
database.createLocally = true;
caching.apcu = true;
configureRedis = true;
phpOptions."opcache.interned_strings_buffer" = "23";
config = {
adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
dbtype = "mysql";
};
secretFile = config.sops.secrets.nextcloud-secrets.path;
settings = {
log_type = "file";
log_level = 0;
allow_user_to_change_display_name = false;
maintenance_window_start = 1;
lost_password_link = "disabled";
sharing.enable_share_mail = true;
oidc_login_provider_url = "https://auth.${domain}";
oidc_login_client_id = "nextcloud";
oidc_login_button_text = "Log in with Authelia";
oidc_login_auto_redirect = false;
oidc_login_proxy_ldap = true;
oidc_login_attributes = {
id = "preferred_username";
name = "name";
mail = "email";
groups = "groups";
ldap_uid = "email";
};
oidc_login_scope = "openid profile email groups";
default_phone_region = "AT";
};
};
environment.systemPackages = [ pkgs.cifs-utils ];
fileSystems."/var/lib/nextcloud/data" = {
device = "//u428777.your-storagebox.de/u428777-sub2/";
fsType = "cifs";
options = let
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users,file_mode=0770,dir_mode=0770";
in ["${automount_opts},credentials=${config.sops.secrets.nextcloud-smb-credentials.path},uid=992,gid=992"];
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
};
services.mysql = {
ensureUsers = [
{
name = "nextcloud";
ensurePermissions = {
"nextcloud.*" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = [ "nextcloud" ];
};
services.mysqlBackup.databases = [ "nextcloud" ];
}
Reference in New Issue View Git Blame Copy Permalink