pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
nix/modules/services/nextcloud.nix
= 700bca41c3 random test
2025-01-19 15:11:59 +01:00

197 lines
5.1 KiB
Nix
Raw Blame History

{
lib,
config,
pkgs,
...
}:
let
cfg = config.my.services.nextcloud;
in
{
options.my.services.nextcloud = {
enable = lib.mkEnableOption "Enable Nextcloud module";
adminPasswordFile = lib.mkOption {
default = "";
type = lib.types.str;
description = ''
Path to the file containing the admin password for Nextcloud
'';
};
proxy = {
enable = lib.mkEnableOption "Set the proxy entry for this service";
domain = lib.mkOption {
default = "example.com";
type = lib.types.str;
description = ''
The domain where Caddy is reachable
'';
};
subdomain = lib.mkOption {
default = "nextcloud";
type = lib.types.str;
description = ''
The subdomain where Nextcloud is reachable
'';
};
officeSubdomain = lib.mkOption {
default = "office";
type = lib.types.str;
description = ''
The subdomain where Collabora Online is reachable
'';
};
host = lib.mkOption {
default = "localhost";
type = lib.types.str;
description = ''
host name where the download manager stack is running
'';
};
};
};
config = lib.mkMerge [
(lib.mkIf cfg.enable {
services = {
nextcloud = {
enable = true;
package = pkgs.nextcloud30;
hostName = "cloud.${cfg.proxy.domain}";
https = true;
nginx.recommendedHttpHeaders = true;
settings = {
overwriteProtocol = "https";
defaultPhoneRegion = "IT";
trusted_proxies = [ "192.168.1.150" ];
trusted_domains = [
"cloud.${cfg.proxy.domain}"
"nextcloud.internal"
];
maintenance_window_start = 1;
enabledPreviewProviders = [
"OC\\Preview\\BMP"
"OC\\Preview\\GIF"
"OC\\Preview\\JPEG"
"OC\\Preview\\Krita"
"OC\\Preview\\MarkDown"
"OC\\Preview\\MP3"
"OC\\Preview\\OpenDocument"
"OC\\Preview\\PNG"
"OC\\Preview\\TXT"
"OC\\Preview\\XBitmap"
"OC\\Preview\\HEIC"
"OC\\Preview\\Movie"
];
memories = {
exiftool = "${lib.getExe pkgs.exiftool}";
vod.ffmpeg = "${lib.getExe pkgs.ffmpeg-headless}";
vod.ffprobe = "${pkgs.ffmpeg-headless}/bin/ffprobe";
};
};
phpOptions = {
"opcache.interned_strings_buffer" = "64";
"opcache.memory_consumption" = "256";
};
config = {
dbtype = "pgsql";
adminuser = "admin";
adminpassFile = cfg.adminPasswordFile;
};
# Let NixOS install and configure the database automatically.
database.createLocally = true;
# Let NixOS install and configure Redis caching automatically.
configureRedis = true;
# Increase the maximum file upload size to avoid problems uploading videos.
maxUploadSize = "16G";
# Instead of using pkgs.nextcloudXXPackages.apps,
# we'll reference the package version specified above
autoUpdateApps.enable = true;
appstoreEnable = true;
extraAppsEnable = true;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps)
contacts
calendar
cookbook
cospend
memories
tasks
# onlyoffice
# oidc
richdocuments
;
};
};
collabora-online = {
enable = true;
settings = {
host = [
''127\.0\.0\.1''
];
storage.wopi."@allow" = true;
};
# hostname = "office.${cfg.proxy.domain}";
};
nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
forceSSL = false;
enableACME = false;
};
};
};
networking.firewall.allowedTCPPorts = [
80
config.services.collabora-online.port
];
environment.systemPackages = with pkgs; [
exiftool
ffmpeg
];
systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
})
(lib.mkIf cfg.proxy.enable {
services.caddy = with cfg.proxy; {
virtualHosts."${subdomain}.${domain}".extraConfig = ''
reverse_proxy http://${host}:80
import cloudflare_${domain}
'';
virtualHosts."${officeSubdomain}.${domain}".extraConfig = ''
import cloudflare_${domain}
reverse_proxy http://${host}:${toString config.services.collabora-online.port} {
# Required to circumvent bug of Onlyoffice loading mixed non-https content
header_up X-Forwarded-Proto https
}
'';
};
})
];
}
Reference in a new issue View git blame Copy permalink