nixos-config/modules/services/server/nextcloud.nix

71 lines
2.0 KiB
Nix

{ config, pkgs, ... }:
{
services.nextcloud = {
enable = true;
hostName = "cloud.kabtop.de";
https = true;
package = pkgs.nextcloud26;
enableBrokenCiphersForSSE = false;
database.createLocally = false;
caching = {
redis = true;
apcu = false;
};
extraOptions = {
redis = {
host = "/run/redis-nextcloud/redis.sock";
port = 0;
};
"memcache.local" = "\\OC\\Memcache\\Redis";
"memcache.distributed" = "\\OC\\Memcache\\Redis";
"memcache.locking" = "\\OC\\Memcache\\Redis";
};
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "localhost";
dbname = "nextclouddb";
adminuser = "kabbone";
adminpassFile = config.age.secrets."services/nextcloud/adminpassFile".path;
dbpassFile = config.age.secrets."services/nextcloud/dbpassFile".path;
overwriteProtocol = "https";
defaultPhoneRegion = "DE";
};
phpOptions = {
"opcache.interned_strings_buffer" = "16";
};
#autoUpdateApps.enable = true;
};
services.redis.servers.nextcloud = {
enable = true;
user = "nextcloud";
port = 0;
};
services.nginx = {
enable = true;
virtualHosts = {
"${config.services.nextcloud.hostName}" = {
enableACME = true;
forceSSL = true;
};
};
};
age.secrets."services/nextcloud/dbpassFile" = {
file = ../../../secrets/services/nextcloud/dbpassFile.age;
owner = "nextcloud";
};
age.secrets."services/nextcloud/adminpassFile" = {
file = ../../../secrets/services/nextcloud/adminpassFile.age;
owner = "nextcloud";
};
systemd.services."nextcloud-setup" = {
requires = ["postgresql.service"];
after = ["postgresql.service"];
};
}