modules/server/nextcloud.nix at main

my terrible dotfiles
nix-config / modules / server / nextcloud.nix
at main 114 lines 2.9 kB view raw
wrap content
  1{
  2  pkgs,
  3  config,
  4  lib,
  5  ...
  6}:
  7{
  8  sops = {
  9    secrets = {
 10      "nc/adminPass" = {
 11        owner = "nextcloud";
 12        group = "nextcloud";
 13      };
 14      "nc/id" = { };
 15      "nc/passSalt" = { };
 16      "nc/secret" = { };
 17      "nc/smtpHost" = { };
 18      "nc/smtpPass" = { };
 19      "nc/smtpUser" = { };
 20    };
 21    templates.nc-secrets = {
 22      owner = "nextcloud";
 23      group = "nextcloud";
 24      content = builtins.toJSON {
 25        instanceid = config.sops.placeholder."nc/id";
 26        passwordsalt = config.sops.placeholder."nc/passSalt";
 27        secret = config.sops.placeholder."nc/secret";
 28        mail_domain = "auri.ee";
 29        mail_from_address = "nc";
 30        mail_smtpsecure = "ssl";
 31        mail_smtpauth = true;
 32        mail_smtphost = config.sops.placeholder."nc/smtpHost";
 33        mail_smtpname = config.sops.placeholder."nc/smtpUser";
 34        mail_smtppassword = config.sops.placeholder."nc/smtpPass";
 35        mail_smtpport = 465;
 36      };
 37    };
 38  };
 39
 40  services.nextcloud = {
 41    enable = true;
 42    enableImagemagick = true;
 43    package = pkgs.nextcloud33;
 44    https = true;
 45    appstoreEnable = true;
 46    autoUpdateApps.enable = true;
 47    extraApps = {
 48      inherit (config.services.nextcloud.package.packages.apps)
 49        contacts
 50        calendar
 51        tasks
 52        deck
 53        ;
 54    };
 55    extraAppsEnable = true;
 56    configureRedis = true;
 57    hostName = "files.auri.ee";
 58    maxUploadSize = "10G";
 59    phpOptions = {
 60      "opcache.interned_strings_buffer" = "27";
 61    };
 62    poolSettings = {
 63      "pm" = "dynamic";
 64      "pm.max_children" = "201";
 65      "pm.start_servers" = "50";
 66      "pm.min_spare_servers" = "50";
 67      "pm.max_spare_servers" = "150";
 68    };
 69    caching = {
 70      apcu = true;
 71      redis = true;
 72    };
 73    database.createLocally = true;
 74    config = {
 75      adminpassFile = config.sops.secrets."nc/adminPass".path;
 76      adminuser = "me@auri.ee";
 77      dbtype = "pgsql";
 78    };
 79    settings = {
 80      default_phone_region = "AU";
 81      enable_previews = true;
 82      preview_max_memory = -1;
 83      preview_max_x = 4096;
 84      preview_max_y = 4096;
 85      preview_concurrency_new = 4;
 86      preview_concurrency = 8;
 87      enabledPreviewProviders = [
 88        "OC\\Preview\\Movie"
 89        "OC\\Preview\\PNG"
 90        "OC\\Preview\\JPEG"
 91        "OC\\Preview\\GIF"
 92        "OC\\Preview\\BMP"
 93        "OC\\Preview\\XBitmap"
 94        "OC\\Preview\\HEIC"
 95        "OC\\Preview\\MP4"
 96        "OC\\Preview\\TXT"
 97        "OC\\Preview\\MarkDown"
 98        "OC\\Preview\\PDF"
 99      ];
100      maintenance_window_start = 23;
101    };
102    secretFile = config.sops.templates."nc-secrets".path;
103  };
104
105  forest.nginxHosts = [
106    (lib.mkIf config.services.nextcloud.enable {
107      "${config.services.nextcloud.hostName}" = {
108        onlySSL = true;
109        useACMEHost = "auri.ee";
110        http2 = true;
111      };
112    })
113  ];
114}