summaryrefslogtreecommitdiff
path: root/modules/nixfiles/nextcloud.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixfiles/nextcloud.nix')
-rw-r--r--modules/nixfiles/nextcloud.nix133
1 files changed, 133 insertions, 0 deletions
diff --git a/modules/nixfiles/nextcloud.nix b/modules/nixfiles/nextcloud.nix
new file mode 100644
index 0000000..d63f824
--- /dev/null
+++ b/modules/nixfiles/nextcloud.nix
@@ -0,0 +1,133 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+with lib; let
+ cfg = config.nixfiles.modules.nextcloud;
+in {
+ options.nixfiles.modules.nextcloud = {
+ enable = mkEnableOption "Whether to enable Nextcloud.";
+
+ domain = mkOption {
+ description = "Domain name sans protocol scheme.";
+ type = with types; str;
+ default = "nextcloud.${config.networking.domain}";
+ };
+ };
+
+ config = mkIf cfg.enable {
+ nixfiles.modules = {
+ nginx = {
+ enable = true;
+ virtualHosts.${cfg.domain} = {};
+ };
+ postgresql.enable = true;
+ };
+
+ services = let
+ db = "nextcloud";
+ in {
+ nextcloud = mkMerge [
+ {
+ enable = true;
+ package = pkgs.nextcloud23;
+
+ hostName = cfg.domain;
+
+ appstoreEnable = false;
+
+ config = {
+ adminpassFile = null; # This needs to be set as secret.
+
+ dbtype = "pgsql";
+ dbhost = "/run/postgresql";
+ dbuser = db;
+ dbname = db;
+
+ defaultPhoneRegion = "RU";
+ };
+
+ extraApps = let
+ mkNextcloudApp = {
+ name,
+ version,
+ sha256,
+ }:
+ pkgs.fetchNextcloudApp {
+ inherit name version sha256;
+ url = "https://github.com/nextcloud/${name}/archive/refs/tags/v${version}.tar.gz";
+ };
+ in {
+ contacts = mkNextcloudApp {
+ name = "contacts";
+ version = "4.0.1";
+ sha256 = "sha256-dXKsG8KmlUojeY5dUn/XsMD3KaSh4QcZFOGDdcqlSvE=";
+ };
+ calendar = mkNextcloudApp {
+ name = "calendar";
+ version = "3.0.5";
+ sha256 = "sha256-aKUKm7fWJQxOWwma56Tv+GGIo+p0n30Nhoyt4XoxsjI=";
+ };
+ files_rightclick = mkNextcloudApp {
+ name = "files_rightclick";
+ version = "23.0.1";
+ sha256 = "sha256-VYODzkvvGrtpyRoug/8UPKhAgfCx1ltP1JdGPiB/lts=";
+ };
+ unsplash = mkNextcloudApp {
+ name = "unsplash";
+ version = "1.2.4";
+ sha256 = "sha256-KGSkBOrNu0nK0YvAPYaxEL/kZNoJQD1oBV2aUBxh6cI=";
+ };
+ previewgenerator = mkNextcloudApp {
+ name = "previewgenerator";
+ version = "3.4.1";
+ sha256 = "sha256-IUdj0xWt5zHxQoiMv1bYyYTzekuOFrsRIe530QOwC/w=";
+ };
+ bruteforcesettings = mkNextcloudApp {
+ name = "bruteforcesettings";
+ version = "2.3.0";
+ sha256 = "sha256-J7ujmiPaw8GI7vDfVPXEum2XAMWvahciP8C6iXgckdE=";
+ };
+ };
+ }
+ (mkIf config.nixfiles.modules.acme.enable {
+ https = true;
+ config.overwriteProtocol = "https";
+ })
+ ];
+
+ postgresql = {
+ ensureDatabases = [db];
+ ensureUsers = [
+ {
+ name = db;
+ ensurePermissions."DATABASE \"${db}\"" = "ALL PRIVILEGES";
+ }
+ ];
+ };
+ };
+
+ systemd = {
+ services = {
+ nextcloud-setup.after = ["network-online.target" "postgresql.service"];
+
+ nextcloud-preview-generate-cron.serviceConfig = {
+ Type = "oneshot";
+ User = "nextcloud";
+ ExecStart = "${config.services.nextcloud.occ}/bin/nextcloud-occ preview:pre-generate";
+ };
+ };
+
+ timers.nextcloud-preview-generate = {
+ wantedBy = ["timers.target"];
+ timerConfig = {
+ OnBootSec = "15m";
+ OnUnitActiveSec = "15m";
+ Unit = "nextcloud-preview-generate-cron.service";
+ };
+ };
+ };
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-20 02:56:01 +0000