{ config, pkgs, ... }: { services.nextcloud = { enable = true; hostName = "cloud.kabtop.de"; https = true; package = pkgs.nextcloud27; enableBrokenCiphersForSSE = false; database.createLocally = false; logType = "file"; caching = { redis = true; apcu = false; }; extraOptions = { logfile = "nextcloud.log"; redis = { host = "/run/redis-nextcloud/redis.sock"; port = 0; }; "memcache.local" = "\\OC\\Memcache\\Redis"; "memcache.distributed" = "\\OC\\Memcache\\Redis"; "memcache.locking" = "\\OC\\Memcache\\Redis"; }; config = { dbtype = "pgsql"; dbuser = "nextcloud"; dbhost = "localhost"; dbname = "nextclouddb"; adminuser = "kabbone"; adminpassFile = config.age.secrets."services/nextcloud/adminpassFile".path; dbpassFile = config.age.secrets."services/nextcloud/dbpassFile".path; overwriteProtocol = "https"; defaultPhoneRegion = "DE"; }; phpOptions = { "opcache.interned_strings_buffer" = "16"; }; #autoUpdateApps.enable = true; }; services.redis.servers.nextcloud = { enable = true; user = "nextcloud"; port = 0; }; services.nginx = { enable = true; virtualHosts = { "${config.services.nextcloud.hostName}" = { enableACME = true; forceSSL = true; }; }; }; age.secrets."services/nextcloud/dbpassFile" = { file = ../../../secrets/services/nextcloud/dbpassFile.age; owner = "nextcloud"; }; age.secrets."services/nextcloud/adminpassFile" = { file = ../../../secrets/services/nextcloud/adminpassFile.age; owner = "nextcloud"; }; systemd.services."nextcloud-setup" = { requires = ["postgresql.service"]; after = ["postgresql.service"]; }; }