nix-home/nki-personal-do/nextcloud.nix

{ lib, pkgs, config, ... }:
with lib;
let
  user = "nextcloud";
  host = "cloud.dtth.ch";
  port = 61155;

  secrets = config.sops.secrets;
in
{
  sops.secrets."nextcloud/admin-password" = { owner = user; };
  sops.secrets."nextcloud/minio-secret-key" = { owner = user; key = "minio-secret-key"; };
  # database
  cloud.postgresql.databases = [ user ];
  # traefik
  cloud.traefik.hosts.nextcloud = {
    inherit port host;
  };
  systemd.services.nextcloud.requires = [ "postgresql.service" ];
  services.nextcloud = {
    enable = true;
    hostName = host;
    package = pkgs.nextcloud26;
    enableBrokenCiphersForSSE = false;

    home = "/mnt/data/nextcloud";
    https = true;
    database.createLocally = false;

    extraApps = with pkgs.nextcloud26Packages.apps; {
      inherit calendar contacts deck forms groupfolders news tasks;
      sociallogin = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.4.3/release.tar.gz";
        sha256 = "sha256-ZKwtF9j9WFIk3MZgng9DmN00A73S2Rb4qbehL9adaZo=";
      };
    };

    config = {
      # Database
      dbtype = "pgsql";
      dbname = user;
      dbuser = user;
      dbhost = "/run/postgresql";
      # User
      adminuser = "nki";
      adminpassFile = secrets."nextcloud/admin-password".path;
      # General
      overwriteProtocol = "https";
      defaultPhoneRegion = "VN";

      objectstore.s3 = {
        enable = true;
        bucket = "nextcloud-dtth";
        autocreate = true;
        key = "minio";
        secretFile = config.sops.secrets."nextcloud/minio-secret-key".path;
        hostname = "s3.dtth.ch";
        port = 443;
        useSsl = true;
        usePathStyle = true;
        region = "us-east-1";
      };
    };
  };
  services.nginx.virtualHosts.${host}.listen = [{ inherit port; addr = "127.0.0.1"; }];
}
Deploy nextcloud 2023-05-15 11:56:39 +00:00			`{ lib, pkgs, config, ... }:`
			`with lib;`
			`let`
			`user = "nextcloud";`
			`host = "cloud.dtth.ch";`
			`port = 61155;`

			`secrets = config.sops.secrets;`
			`in`
			`{`
			`sops.secrets."nextcloud/admin-password" = { owner = user; };`
			`sops.secrets."nextcloud/minio-secret-key" = { owner = user; key = "minio-secret-key"; };`
			`# database`
			`cloud.postgresql.databases = [ user ];`
			`# traefik`
			`cloud.traefik.hosts.nextcloud = {`
			`inherit port host;`
			`};`
Add postgresql dep to most stuff that needs it 2023-09-17 10:56:31 +00:00			`systemd.services.nextcloud.requires = [ "postgresql.service" ];`
Deploy nextcloud 2023-05-15 11:56:39 +00:00			`services.nextcloud = {`
			`enable = true;`
			`hostName = host;`
			`package = pkgs.nextcloud26;`
			`enableBrokenCiphersForSSE = false;`

Rename where data is mounted 2023-05-18 23:02:22 +00:00			`home = "/mnt/data/nextcloud";`
Deploy nextcloud 2023-05-15 11:56:39 +00:00			`https = true;`
			`database.createLocally = false;`

			`extraApps = with pkgs.nextcloud26Packages.apps; {`
			`inherit calendar contacts deck forms groupfolders news tasks;`
			`sociallogin = pkgs.fetchNextcloudApp rec {`
			`url = "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.4.3/release.tar.gz";`
			`sha256 = "sha256-ZKwtF9j9WFIk3MZgng9DmN00A73S2Rb4qbehL9adaZo=";`
			`};`
			`};`

			`config = {`
			`# Database`
			`dbtype = "pgsql";`
			`dbname = user;`
			`dbuser = user;`
			`dbhost = "/run/postgresql";`
			`# User`
			`adminuser = "nki";`
			`adminpassFile = secrets."nextcloud/admin-password".path;`
			`# General`
			`overwriteProtocol = "https";`
			`defaultPhoneRegion = "VN";`

			`objectstore.s3 = {`
			`enable = true;`
			`bucket = "nextcloud-dtth";`
			`autocreate = true;`
			`key = "minio";`
			`secretFile = config.sops.secrets."nextcloud/minio-secret-key".path;`
			`hostname = "s3.dtth.ch";`
			`port = 443;`
			`useSsl = true;`
			`usePathStyle = true;`
			`region = "us-east-1";`
			`};`
			`};`
			`};`
			`services.nginx.virtualHosts.${host}.listen = [{ inherit port; addr = "127.0.0.1"; }];`
			`}`