jonas/.hive
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first working nc setup

Browse Source
This commit is contained in:
Jonas Röger 2025-04-03 14:52:56 +02:00
parent 77fbd2f0b4
commit 2257a6dff8
2 changed files with 58 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/harbor/configuration.nix
View File

@ -36,7 +36,8 @@
}; };
services.nextcloud-instance.enable = true; services.nextcloud-instance.enable = true;
services.nextcloud-instance.instanceFQDN = "replace.me"; services.nextcloud-instance.ssl = false;
services.nextcloud-instance.instanceFQDN = "replace-me";
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;

66
modules/services/nextcloud-instance.nix
View File

@ -14,29 +14,75 @@ in {
example = "nextcloud.example.com"; example = "nextcloud.example.com";
description = "Fully qualified domain name of the Nextcloud instance"; description = "Fully qualified domain name of the Nextcloud instance";
}; };
ssl = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Use SSL and auto-update certificates";
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.etc."nc-admin-pass.txt".text = "replace-me-with-a-sops-secret"; environment.etc."nc-admin-pass.txt".text = "replace-me-with-a-sops-secret";
services.nextcloud = { services.nextcloud = {
# Instance
enable = true; enable = true;
hostName = cfg.instanceFQDN; hostName = cfg.instanceFQDN;
https = false; https = cfg.ssl;
config.dbtype = "mysql"; configureRedis = true;
# DB
config.dbtype = "pgsql";
config.dbhost = "/run/postgresql";
config.adminpassFile = "/etc/nc-admin-pass.txt"; # FIXME: sops config.adminpassFile = "/etc/nc-admin-pass.txt"; # FIXME: sops
#Mail
settings = {
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
};
# Apps
extraAppsEnable = true;
extraApps = {
inherit
(config.services.nextcloud.package.packages.apps)
calendar
contacts
maps
tasks
;
drop_account = pkgs.fetchNextcloudApp {
sha256 = "sha256-AAWAR5i8moGlyGMaNqJwQPqPAHqWvIf4mvZ4U0dfg/A=";
url = "https://packages.framasoft.org/projects/nextcloud-apps/drop-account/drop_account-2.7.1.tar.gz";
license = "agpl3Only";
};
};
}; };
services.nginx.virtualHosts.${cfg.instanceFQDN}.listen = [ # SSL setup
{ services.nginx.virtualHosts.${cfg.instanceFQDN} = lib.mkIf cfg.ssl {
port = 8080; forceSSL = true;
addr = "0.0.0.0"; enableACME = true;
} };
]; security.acme = lib.mkIf cfg.ssl {
acceptTerms = true;
certs = {
${cfg.instanceFQDN}.email = "jonas.roeger+acme@gmail.com";
};
};
services.mysql = { # DB setup
services.postgresql = {
enable = true; enable = true;
package = pkgs.mariadb; ensureDatabases = ["nextcloud"];
ensureUsers = [
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
}; };
}; };
} }