nixos-config/modules/services/server/nextcloud.nix


{ config, pkgs, ... }:
{
    environment.systemPackages = with pkgs; [           # Default packages install system-wide
      appimage-run
    ];

    services.nextcloud = {
        enable = true;
        hostName = "cloud.kabtop.de";
        https = true;
        package = pkgs.nextcloud27;
        database.createLocally = false;
        logType = "file";
        caching = {
            redis = true;
            apcu = false;
        };
        extraOptions = {
            logfile = "nextcloud.log";
            redis = {
                host = "/run/redis-nextcloud/redis.sock";
                port = 0;
            };
            "memcache.local" = "\\OC\\Memcache\\Redis";
            "memcache.distributed" = "\\OC\\Memcache\\Redis";
            "memcache.locking" = "\\OC\\Memcache\\Redis";
        };
        config = {
            dbtype = "pgsql";
            dbuser = "nextcloud";
            dbhost = "localhost";
            dbname = "nextclouddb";
            adminuser = "kabbone"; 
            adminpassFile = config.age.secrets."services/nextcloud/adminpassFile".path;
            dbpassFile = config.age.secrets."services/nextcloud/dbpassFile".path;
            overwriteProtocol = "https";
            defaultPhoneRegion = "DE";
        };
        phpOptions = {
            "opcache.interned_strings_buffer" = "16";
        };
    #autoUpdateApps.enable = true;
    };

    services.onlyoffice = {
        enable = true;
        hostname = "localhost";
        postgresName = "onlyoffice";
        postgresHost = "localhost";
        postgresUser = "onlyoffice";
        postgresPasswordFile = config.age.secrets."services/nextcloud/onlyofficedb".path;
    };

    services.redis = {
        vmOverCommit = true;
        servers.nextcloud = {
            enable = true;
            user = "nextcloud";
            port = 0;
        };
    };

    services.nginx = {
      enable = true;
      virtualHosts = {
        "${config.services.nextcloud.hostName}" = {
          enableACME = true;
          forceSSL = true;
        };
        "${config.services.onlyoffice.hostname}".listen = [ {
            addr = "127.0.0.1"; port = 8080;
        } ];
      };
    };

    age.secrets."services/nextcloud/dbpassFile" = {
        file = ../../../secrets/services/nextcloud/dbpassFile.age;
        owner = "nextcloud";
    };
    age.secrets."services/nextcloud/adminpassFile" = {
        file = ../../../secrets/services/nextcloud/adminpassFile.age;
        owner = "nextcloud";
    };
    age.secrets."services/nextcloud/onlyofficedb" = {
        file = ../../../secrets/services/nextcloud/onlyofficedb.age;
        owner = "onlyoffice";
    };

    systemd.services."nextcloud-setup" = {
        requires = ["postgresql.service"];
        after = ["postgresql.service"];
    };

    security.acme.defaults.email = "webmaster@kabtop.de";
    security.acme.defaults.webroot = "/var/lib/acme/acme-challenge";
    security.acme.acceptTerms = true;

}
services: initial nextcloud 2022-12-11 18:35:42 +01:00
services: nextcloud fix https acme 2023-01-03 16:57:39 +01:00			`{ config, pkgs, ... }:`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`{`
server: nextcloud: add appimage for CODE 2023-08-27 19:04:20 +02:00			`environment.systemPackages = with pkgs; [ # Default packages install system-wide`
			`appimage-run`
			`];`

services: initial nextcloud 2022-12-11 18:35:42 +01:00			`services.nextcloud = {`
			`enable = true;`
services: nextcloud change dns 2023-01-06 19:30:22 +01:00			`hostName = "cloud.kabtop.de";`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`https = true;`
server: nextcloud: update to 27 2023-07-29 16:18:11 +02:00			`package = pkgs.nextcloud27;`
server: nextcloud: disable manage database locally 2023-05-07 14:38:15 +02:00			`database.createLocally = false;`
server: nextcloud: enable fail2ban 2023-06-04 15:03:12 +02:00			`logType = "file";`
server: nextcloud: enable redis for nextcloud 2023-05-13 11:07:29 +02:00			`caching = {`
			`redis = true;`
			`apcu = false;`
			`};`
			`extraOptions = {`
server: nextcloud: enable fail2ban 2023-06-04 15:03:12 +02:00			`logfile = "nextcloud.log";`
server: nextcloud: enable redis for nextcloud 2023-05-13 11:07:29 +02:00			`redis = {`
			`host = "/run/redis-nextcloud/redis.sock";`
			`port = 0;`
			`};`
			`"memcache.local" = "\\OC\\Memcache\\Redis";`
			`"memcache.distributed" = "\\OC\\Memcache\\Redis";`
			`"memcache.locking" = "\\OC\\Memcache\\Redis";`
			`};`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`config = {`
			`dbtype = "pgsql";`
			`dbuser = "nextcloud";`
			`dbhost = "localhost";`
			`dbname = "nextclouddb";`
			`adminuser = "kabbone";`
server: add secrets to nextcloud and postgresql 2022-12-27 09:25:23 +01:00			`adminpassFile = config.age.secrets."services/nextcloud/adminpassFile".path;`
			`dbpassFile = config.age.secrets."services/nextcloud/dbpassFile".path;`
services: work on initial nextcloud 2022-12-31 19:02:57 +01:00			`overwriteProtocol = "https";`
			`defaultPhoneRegion = "DE";`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`};`
services: nextcloud increase opcache.interned_strings_buffer 2023-01-03 16:14:25 +01:00			`phpOptions = {`
			`"opcache.interned_strings_buffer" = "16";`
			`};`
services: work on initial nextcloud 2022-12-31 19:02:57 +01:00			`#autoUpdateApps.enable = true;`
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`};`

hosts: server: enable onlyoffice 2024-01-13 11:52:57 +01:00			`services.onlyoffice = {`
			`enable = true;`
			`hostname = "localhost";`
server: disable jitsi, add acme to nextcloud, add office 2024-02-12 12:25:27 +01:00			`postgresName = "onlyoffice";`
hosts: server: enable postgres for onlyoffice 2024-01-13 12:25:14 +01:00			`postgresHost = "localhost";`
			`postgresUser = "onlyoffice";`
			`postgresPasswordFile = config.age.secrets."services/nextcloud/onlyofficedb".path;`
hosts: server: enable onlyoffice 2024-01-13 11:52:57 +01:00			`};`

hosts: server: redis adjustments fix 2024-01-06 11:37:25 +01:00			`services.redis = {`
hosts: server: turn and redis adjustments 2023-12-29 10:19:20 +01:00			`vmOverCommit = true;`
hosts: server: redis adjustments fix 2024-01-06 11:37:25 +01:00			`servers.nextcloud = {`
			`enable = true;`
			`user = "nextcloud";`
			`port = 0;`
			`};`
server: nextcloud: enable redis for nextcloud 2023-05-13 11:07:29 +02:00			`};`

services: nextcloud fix https acme 2023-01-03 16:57:39 +01:00			`services.nginx = {`
			`enable = true;`
			`virtualHosts = {`
			`"${config.services.nextcloud.hostName}" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`};`
hosts: server: enable onlyoffice 2024-01-13 11:52:57 +01:00			`"${config.services.onlyoffice.hostname}".listen = [ {`
			`addr = "127.0.0.1"; port = 8080;`
			`} ];`
services: nextcloud fix https acme 2023-01-03 16:57:39 +01:00			`};`
			`};`

server: add secrets to nextcloud and postgresql 2022-12-27 09:25:23 +01:00			`age.secrets."services/nextcloud/dbpassFile" = {`
			`file = ../../../secrets/services/nextcloud/dbpassFile.age;`
			`owner = "nextcloud";`
			`};`
			`age.secrets."services/nextcloud/adminpassFile" = {`
			`file = ../../../secrets/services/nextcloud/adminpassFile.age;`
			`owner = "nextcloud";`
			`};`
hosts: server: enable postgres for onlyoffice 2024-01-13 12:25:14 +01:00			`age.secrets."services/nextcloud/onlyofficedb" = {`
			`file = ../../../secrets/services/nextcloud/onlyofficedb.age;`
			`owner = "onlyoffice";`
			`};`
server: add secrets to nextcloud and postgresql 2022-12-27 09:25:23 +01:00
services: initial nextcloud 2022-12-11 18:35:42 +01:00			`systemd.services."nextcloud-setup" = {`
			`requires = ["postgresql.service"];`
			`after = ["postgresql.service"];`
			`};`
server: disable jitsi, add acme to nextcloud, add office 2024-02-12 12:25:27 +01:00
			`security.acme.defaults.email = "webmaster@kabtop.de";`
			`security.acme.defaults.webroot = "/var/lib/acme/acme-challenge";`
			`security.acme.acceptTerms = true;`

services: initial nextcloud 2022-12-11 18:35:42 +01:00			`}`