nixos-config/modules/services/server/nextcloud.nix


{ config, pkgs, ... }:
{
    environment.systemPackages = with pkgs; [           # Default packages install system-wide
      appimage-run
    ];

    services.nextcloud = {
        enable = true;
        hostName = "cloud.kabtop.de";
        https = true;
        package = pkgs.nextcloud29;
        database.createLocally = false;
        notify_push.enable = true;
        caching = {
            redis = true;
            apcu = false;
        };
        settings = {
            log_type = "file";
            logfile = "nextcloud.log";
            overwriteprotocol = "https";
            default_phone_region = "DE";

            redis = {
                host = "/run/redis-nextcloud/redis.sock";
                port = 0;
            };
            "memcache.local" = "\\OC\\Memcache\\Redis";
            "memcache.distributed" = "\\OC\\Memcache\\Redis";
            "memcache.locking" = "\\OC\\Memcache\\Redis";
            "maintenance_window_start" = "1";
        };
        config = {
            dbtype = "pgsql";
            dbuser = "nextcloud";
            dbhost = "localhost";
            dbname = "nextclouddb";
            adminuser = "kabbone"; 
            adminpassFile = config.age.secrets."services/nextcloud/adminpassFile".path;
            dbpassFile = config.age.secrets."services/nextcloud/dbpassFile".path;
        };
        phpOptions = {
            "opcache.interned_strings_buffer" = "16";
        };
    #autoUpdateApps.enable = true;
    };

    services.onlyoffice = {
        enable = true;
        hostname = "docs.cloud.kabtop.de";
        postgresName = "onlyoffice";
        postgresHost = "localhost";
        postgresUser = "onlyoffice";
        postgresPasswordFile = config.age.secrets."services/nextcloud/onlyofficedb".path;
        jwtSecretFile = config.age.secrets."services/nextcloud/onlyofficejwt".path;
    };

    services.redis = {
        vmOverCommit = true;
        servers.nextcloud = {
            enable = true;
            user = "nextcloud";
            port = 0;
        };
    };

    services.nginx = {
      enable = true;
      virtualHosts = {
        "${config.services.nextcloud.hostName}" = {
          enableACME = true;
          forceSSL = true;
        };
        "${config.services.onlyoffice.hostname}" = {
            enableACME = true;
            forceSSL = true;
        };
      };
    };

    age.secrets."services/nextcloud/dbpassFile" = {
        file = ../../../secrets/services/nextcloud/dbpassFile.age;
        owner = "nextcloud";
    };
    age.secrets."services/nextcloud/adminpassFile" = {
        file = ../../../secrets/services/nextcloud/adminpassFile.age;
        owner = "nextcloud";
    };
    age.secrets."services/nextcloud/onlyofficedb" = {
        file = ../../../secrets/services/nextcloud/onlyofficedb.age;
        owner = "onlyoffice";
    };
    age.secrets."services/nextcloud/onlyofficejwt" = {
        file = ../../../secrets/services/nextcloud/onlyofficejwt.age;
        owner = "onlyoffice";
    };

    systemd.services."nextcloud-setup" = {
        requires = ["postgresql.service"];
        after = ["postgresql.service"];
    };

    security.acme.defaults.email = "webmaster@kabtop.de";
    security.acme.defaults.webroot = "/var/lib/acme/acme-challenge";
    security.acme.acceptTerms = true;

}
services: initial nextcloud 2022-12-11 18:35:42 +01:00
services: nextcloud fix https acme 2023-01-03 16:57:39 +01:00			`{ config, pkgs, ... }:`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`{`
server: nextcloud: add appimage for CODE 2023-08-27 19:04:20 +02:00			`environment.systemPackages = with pkgs; [ # Default packages install system-wide`
			`appimage-run`
			`];`

services: initial nextcloud 2022-12-11 18:35:42 +01:00			`services.nextcloud = {`
			`enable = true;`
services: nextcloud change dns 2023-01-06 19:30:22 +01:00			`hostName = "cloud.kabtop.de";`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`https = true;`
server: services: nextcloud: rework for new structure 2024-06-08 14:48:57 +02:00			`package = pkgs.nextcloud29;`
server: nextcloud: disable manage database locally 2023-05-07 14:38:15 +02:00			`database.createLocally = false;`
server: services: nextcloud: rework for new structure 2024-06-08 14:48:57 +02:00			`notify_push.enable = true;`
server: nextcloud: enable redis for nextcloud 2023-05-13 11:07:29 +02:00			`caching = {`
			`redis = true;`
			`apcu = false;`
			`};`
server: services: nextcloud: rework for new structure 2024-06-08 14:48:57 +02:00			`settings = {`
			`log_type = "file";`
server: nextcloud: enable fail2ban 2023-06-04 15:03:12 +02:00			`logfile = "nextcloud.log";`
server: services: nextcloud: rework for new structure 2024-06-08 14:48:57 +02:00			`overwriteprotocol = "https";`
			`default_phone_region = "DE";`
server: services: nextcloud add maintenance window 2024-06-08 16:04:00 +02:00
server: nextcloud: enable redis for nextcloud 2023-05-13 11:07:29 +02:00			`redis = {`
			`host = "/run/redis-nextcloud/redis.sock";`
			`port = 0;`
			`};`
			`"memcache.local" = "\\OC\\Memcache\\Redis";`
			`"memcache.distributed" = "\\OC\\Memcache\\Redis";`
			`"memcache.locking" = "\\OC\\Memcache\\Redis";`
server: services: nextcloud add maintenance window 2024-06-08 16:04:00 +02:00			`"maintenance_window_start" = "1";`
server: nextcloud: enable redis for nextcloud 2023-05-13 11:07:29 +02:00			`};`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`config = {`
			`dbtype = "pgsql";`
			`dbuser = "nextcloud";`
			`dbhost = "localhost";`
			`dbname = "nextclouddb";`
			`adminuser = "kabbone";`
server: add secrets to nextcloud and postgresql 2022-12-27 09:25:23 +01:00			`adminpassFile = config.age.secrets."services/nextcloud/adminpassFile".path;`
			`dbpassFile = config.age.secrets."services/nextcloud/dbpassFile".path;`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`};`
services: nextcloud increase opcache.interned_strings_buffer 2023-01-03 16:14:25 +01:00			`phpOptions = {`
			`"opcache.interned_strings_buffer" = "16";`
			`};`
services: work on initial nextcloud 2022-12-31 19:02:57 +01:00			`#autoUpdateApps.enable = true;`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`};`

hosts: server: enable onlyoffice 2024-01-13 11:52:57 +01:00			`services.onlyoffice = {`
			`enable = true;`
add token for onlyoffice 2024-02-18 13:50:50 +01:00			`hostname = "docs.cloud.kabtop.de";`
server: disable jitsi, add acme to nextcloud, add office 2024-02-12 12:25:27 +01:00			`postgresName = "onlyoffice";`
hosts: server: enable postgres for onlyoffice 2024-01-13 12:25:14 +01:00			`postgresHost = "localhost";`
			`postgresUser = "onlyoffice";`
			`postgresPasswordFile = config.age.secrets."services/nextcloud/onlyofficedb".path;`
add token for onlyoffice 2024-02-18 13:50:50 +01:00			`jwtSecretFile = config.age.secrets."services/nextcloud/onlyofficejwt".path;`
hosts: server: enable onlyoffice 2024-01-13 11:52:57 +01:00			`};`

hosts: server: redis adjustments fix 2024-01-06 11:37:25 +01:00			`services.redis = {`
hosts: server: turn and redis adjustments 2023-12-29 10:19:20 +01:00			`vmOverCommit = true;`
hosts: server: redis adjustments fix 2024-01-06 11:37:25 +01:00			`servers.nextcloud = {`
			`enable = true;`
			`user = "nextcloud";`
			`port = 0;`
			`};`
server: nextcloud: enable redis for nextcloud 2023-05-13 11:07:29 +02:00			`};`

services: nextcloud fix https acme 2023-01-03 16:57:39 +01:00			`services.nginx = {`
			`enable = true;`
			`virtualHosts = {`
			`"${config.services.nextcloud.hostName}" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`};`
server: services: onlyoffice changes 2024-10-05 10:31:29 +02:00			`"${config.services.onlyoffice.hostname}" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`};`
services: nextcloud fix https acme 2023-01-03 16:57:39 +01:00			`};`
			`};`

server: add secrets to nextcloud and postgresql 2022-12-27 09:25:23 +01:00			`age.secrets."services/nextcloud/dbpassFile" = {`
			`file = ../../../secrets/services/nextcloud/dbpassFile.age;`
			`owner = "nextcloud";`
			`};`
			`age.secrets."services/nextcloud/adminpassFile" = {`
			`file = ../../../secrets/services/nextcloud/adminpassFile.age;`
			`owner = "nextcloud";`
			`};`
hosts: server: enable postgres for onlyoffice 2024-01-13 12:25:14 +01:00			`age.secrets."services/nextcloud/onlyofficedb" = {`
			`file = ../../../secrets/services/nextcloud/onlyofficedb.age;`
			`owner = "onlyoffice";`
			`};`
add token for onlyoffice 2024-02-18 13:50:50 +01:00			`age.secrets."services/nextcloud/onlyofficejwt" = {`
			`file = ../../../secrets/services/nextcloud/onlyofficejwt.age;`
			`owner = "onlyoffice";`
			`};`
server: add secrets to nextcloud and postgresql 2022-12-27 09:25:23 +01:00
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`systemd.services."nextcloud-setup" = {`
			`requires = ["postgresql.service"];`
			`after = ["postgresql.service"];`
			`};`
server: disable jitsi, add acme to nextcloud, add office 2024-02-12 12:25:27 +01:00
			`security.acme.defaults.email = "webmaster@kabtop.de";`
			`security.acme.defaults.webroot = "/var/lib/acme/acme-challenge";`
			`security.acme.acceptTerms = true;`

services: initial nextcloud 2022-12-11 18:35:42 +01:00			`}`