nixos-config/config/services/nextcloud.nix

{
  pkgs,
  config,
  ...
}: {
  services.nextcloud = {
    appstoreEnable = true;
    caching.redis = true;
    config = {
      adminpassFile = config.sops.secrets."services/nextcloud/adminpass".path;
      adminuser = "darkkirb";
      dbhost = "/run/postgresql";
      dbname = "nextcloud";
      dbtype = "pgsql";
      dbuser = "nextcloud";
      defaultPhoneRegion = "DE";
      objectstore.s3 = {
        autocreate = false;
        bucket = "nextcloud-chir-rs";
        enable = true;
        hostname = "ams1.vultrobjects.com";
        key = "X86D3HKJ3Y92IASK0XIG";
        secretFile = config.sops.secrets."services/nextcloud/s3".path;
        usePathStyle = true;
        useSsl = true;
      };
      overwriteProtocol = "https";
    };
    enable = true;
    enableImagemagick = true;
    extraAppsEnable = true;
    extraOptions = {
      redis = {
        host = config.services.redis.servers.nextcloud.unixSocket;
        port = 0;
        dbindex = 0;
      };
    };
    hostName = "cloud.chir.rs";
    https = true;
    package = pkgs.nextcloud28;
    phpOptions = {
      "opcache.save_comments" = "1";
      "opcache.validate_timestamps" = "0";
      "opcache.jit" = "1255";
      "opcache.jit_buffer_size" = "128M";
    };
    poolSettings = {
      pm = "dynamic";
      "pm.max_children" = 460;
      "pm.start_servers" = 4;
      "pm.min_spare_servers" = 4;
      "pm.max_spare_servers" = 64;
    };
    webfinger = true;
  };
  sops.secrets."services/nextcloud/adminpass".owner = "nextcloud";
  sops.secrets."services/nextcloud/s3".owner = "nextcloud";
  services.redis.servers.nextcloud = {
    enable = true;
    user = "nextcloud";
  };
  services.postgresql.ensureDatabases = ["nextcloud"];
  services.postgresql.ensureUsers = [
    {
      name = "nextcloud";
      ensurePermissions = {
        "DATABASE attic" = "ALL PRIVILEGES";
      };
    }
  ];
  services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
    listen = [
      {
        addr = "127.0.0.1";
        port = 13286;
      }
    ];
  };

  services.caddy.virtualHosts."cloud.chir.rs" = {
    useACMEHost = "chir.rs";
    logFormat = pkgs.lib.mkForce "";
    extraConfig = ''
      import baseConfig
      reverse_proxy {
          to http://127.0.0.1:13286
          header_up Host cloud.chir.rs
      }
    '';
  };
}
add nextcloud 2023-04-18 07:55:45 +00:00			`{`
			`pkgs,`
			`config,`
			`...`
			`}: {`
			`services.nextcloud = {`
format 2023-04-23 17:35:42 +00:00			`appstoreEnable = true;`
actually fix eval 2023-04-18 08:37:06 +00:00			`caching.redis = true;`
fix eval 2023-04-18 08:25:28 +00:00			`config = {`
			`adminpassFile = config.sops.secrets."services/nextcloud/adminpass".path;`
			`adminuser = "darkkirb";`
			`dbhost = "/run/postgresql";`
			`dbname = "nextcloud";`
			`dbtype = "pgsql";`
			`dbuser = "nextcloud";`
			`defaultPhoneRegion = "DE";`
			`objectstore.s3 = {`
… 2023-04-18 11:39:45 +00:00			`autocreate = false;`
fix eval 2023-04-18 08:25:28 +00:00			`bucket = "nextcloud-chir-rs";`
			`enable = true;`
update 2023-10-01 14:47:26 +00:00			`hostname = "ams1.vultrobjects.com";`
			`key = "X86D3HKJ3Y92IASK0XIG";`
fix eval 2023-04-18 08:25:28 +00:00			`secretFile = config.sops.secrets."services/nextcloud/s3".path;`
			`usePathStyle = true;`
			`useSsl = true;`
			`};`
			`overwriteProtocol = "https";`
add nextcloud 2023-04-18 07:55:45 +00:00			`};`
			`enable = true;`
			`enableImagemagick = true;`
			`extraAppsEnable = true;`
actually fix eval 2023-04-18 08:37:06 +00:00			`extraOptions = {`
add nextcloud 2023-04-18 07:55:45 +00:00			`redis = {`
			`host = config.services.redis.servers.nextcloud.unixSocket;`
			`port = 0;`
			`dbindex = 0;`
			`};`
			`};`
actually fix eval 2023-04-18 08:37:06 +00:00			`hostName = "cloud.chir.rs";`
add nextcloud 2023-04-18 07:55:45 +00:00			`https = true;`
update nextcloud 2023-12-22 17:00:14 +00:00			`package = pkgs.nextcloud28;`
add nextcloud 2023-04-18 07:55:45 +00:00			`phpOptions = {`
lol 2023-04-18 11:21:53 +00:00			`"opcache.save_comments" = "1";`
			`"opcache.validate_timestamps" = "0";`
			`"opcache.jit" = "1255";`
add nextcloud 2023-04-18 07:55:45 +00:00			`"opcache.jit_buffer_size" = "128M";`
			`};`
			`poolSettings = {`
fix php-fpm settings 2023-04-18 12:30:56 +00:00			`pm = "dynamic";`
add nextcloud 2023-04-18 07:55:45 +00:00			`"pm.max_children" = 460;`
fix php-fpm settings 2023-04-18 12:30:56 +00:00			`"pm.start_servers" = 4;`
			`"pm.min_spare_servers" = 4;`
			`"pm.max_spare_servers" = 64;`
add nextcloud 2023-04-18 07:55:45 +00:00			`};`
			`webfinger = true;`
			`};`
			`sops.secrets."services/nextcloud/adminpass".owner = "nextcloud";`
			`sops.secrets."services/nextcloud/s3".owner = "nextcloud";`
			`services.redis.servers.nextcloud = {`
			`enable = true;`
			`user = "nextcloud";`
			`};`
			`services.postgresql.ensureDatabases = ["nextcloud"];`
			`services.postgresql.ensureUsers = [`
			`{`
			`name = "nextcloud";`
			`ensurePermissions = {`
Revert "switch away from attic" This reverts commit 429c1784f2f201b9e8b16ac2a6c55985a8506a7d. 2023-12-18 09:14:07 +00:00			`"DATABASE attic" = "ALL PRIVILEGES";`
add nextcloud 2023-04-18 07:55:45 +00:00			`};`
			`}`
			`];`
			`services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {`
			`listen = [`
			`{`
make it work finally 2023-04-18 11:34:53 +00:00			`addr = "127.0.0.1";`
add nextcloud 2023-04-18 07:55:45 +00:00			`port = 13286;`
			`}`
			`];`
			`};`

			`services.caddy.virtualHosts."cloud.chir.rs" = {`
			`useACMEHost = "chir.rs";`
			`logFormat = pkgs.lib.mkForce "";`
			`extraConfig = ''`
			`import baseConfig`
			`reverse_proxy {`
			`to http://127.0.0.1:13286`
fix caddy host header 2023-04-18 12:33:12 +00:00			`header_up Host cloud.chir.rs`
add nextcloud 2023-04-18 07:55:45 +00:00			`}`
			`'';`
			`};`
			`}`