blob: f32cdff6b6a675686cffabdced32f7696245f0c0 [file] [log] [blame]
Skyler Greyfe1740c2023-10-21 01:24:18 +00001{ config, pkgs, lib, ... }: {
2 sops.secrets.clicks_nextcloud_db_password = {
3 mode = lib.mkForce "0440";
4 group = lib.mkForce "nextcloud";
5 };
Skyler Grey09c5cda2023-10-09 07:10:10 +00006
Skyler Greyfe1740c2023-10-21 01:24:18 +00007 users.users.nextcloud = {
8 isSystemUser = true;
9 createHome = true;
10 home = "/var/lib/nextcloud";
11 group = config.users.groups.nextcloud.name;
12 shell = pkgs.bashInteractive;
13 };
14 users.groups.nextcloud = { };
Skyler Grey09c5cda2023-10-09 07:10:10 +000015
Skyler Greyfe1740c2023-10-21 01:24:18 +000016 services.nextcloud.enable = true;
Skyler Grey4259e932023-10-21 21:37:03 +000017 services.nextcloud.https = true;
Skyler Greyfe1740c2023-10-21 01:24:18 +000018 services.nextcloud.config.adminpassFile =
19 config.sops.secrets.nextcloud_admin_password.path;
20 services.nextcloud.hostName = "nextcloud.clicks.codes";
Skyler Grey4259e932023-10-21 21:37:03 +000021 services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
22 enableACME = true;
23 forceSSL = true;
24 };
Skyler Greyfe1740c2023-10-21 01:24:18 +000025 services.nextcloud.package = pkgs.nextcloud27;
26 services.nextcloud.poolSettings = {
27 pm = "dynamic";
28 "pm.max_children" = "32";
29 "pm.max_requests" = "500";
30 "pm.max_spare_servers" = "4";
31 "pm.min_spare_servers" = "2";
32 "pm.start_servers" = "2";
33 "listen.owner" = config.users.users.nextcloud.name;
34 "listen.group" = config.users.users.nextcloud.group;
35 };
Skyler Grey09c5cda2023-10-09 07:10:10 +000036
Skyler Grey619aa3c2023-11-21 20:28:50 +000037 services.nextcloud.phpOptions."opcache.interned_strings_buffer" = "32";
38
Skyler Greyfe1740c2023-10-21 01:24:18 +000039 services.nextcloud.config = {
40 dbtype = "pgsql";
41 dbport = config.services.postgresql.port;
42 dbpassFile = config.sops.secrets.clicks_nextcloud_db_password.path;
43 dbname = "nextcloud";
44 dbhost = "localhost";
Skyler Grey4259e932023-10-21 21:37:03 +000045 extraTrustedDomains = [ "cloud.clicks.codes" "docs.clicks.codes" ];
Skyler Greyfe1740c2023-10-21 01:24:18 +000046 };
Skyler Grey09c5cda2023-10-09 07:10:10 +000047
Skyler Grey619aa3c2023-11-21 20:28:50 +000048 services.nextcloud.extraOptions = {
49 social_login_auto_redirect = true;
50 default_phone_region = "US";
51 "overwrite.cli.url" = "https://nextcloud.clicks.codes";
52 };
Skyler Grey09c5cda2023-10-09 07:10:10 +000053
Skyler Greyfe1740c2023-10-21 01:24:18 +000054 services.nextcloud.extraApps = {
55 sociallogin = pkgs.fetchNextcloudApp {
56 url =
57 "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.5.3/release.tar.gz";
58 sha256 = "sha256-96/wtK7t23fXVRcntDONjgb5bYtZuaNZzbvQCa5Gsj4=";
Skyler Grey9ae213d2023-10-10 23:43:29 +000059 };
Skyler Greyfe1740c2023-10-21 01:24:18 +000060 richdocumentscode = pkgs.fetchNextcloudApp {
Skyler Greybcb46d32023-11-10 20:48:38 +000061 url = "https://github.com/CollaboraOnline/richdocumentscode/releases/download/23.5.503/richdocumentscode.tar.gz";
62 sha256 = "sha256-5BEN2YXRsMy+zyBBO0KLRMCkTOGv1RdPp1xcDFRNr2I=";
Skyler Greyfe1740c2023-10-21 01:24:18 +000063 };
64 richdocuments = pkgs.fetchNextcloudApp {
65 url =
66 "https://github.com/nextcloud-releases/richdocuments/releases/download/v8.2.0/richdocuments-v8.2.0.tar.gz";
67 sha256 = "sha256-PKw7FXSWvden2+6XjnUDOvbTF71slgeTF/ktS/l2+Dk=";
68 };
Skyler Greya0f44522023-10-24 17:40:40 +000069 calendar = pkgs.fetchNextcloudApp {
70 url =
71 "https://github.com/nextcloud-releases/calendar/releases/download/v4.5.2/calendar-v4.5.2.tar.gz";
72 sha256 = "sha256-n7GjgAyw2SLoZTEfakmI3IllWUk6o1MF89Zt3WGhR6A=";
73 };
74 contacts = pkgs.fetchNextcloudApp {
75 url =
76 "https://github.com/nextcloud-releases/contacts/releases/download/v5.4.2/contacts-v5.4.2.tar.gz";
77 sha256 = "sha256-IkKHJ3MY/UPZqa4H86WGOEOypffMIHyJ9WvMqkq/4t8=";
78 };
Skyler Grey1a0117e2023-11-01 10:00:40 +000079 tasks = pkgs.fetchNextcloudApp {
80 url =
81 "https://github.com/nextcloud/tasks/releases/download/v0.15.0/tasks.tar.gz";
82 sha256 = "sha256-zMMqtEWiXmhB1C2IeWk8hgP7eacaXLkT7Tgi4NK6PCg=";
83 };
84 appointments = pkgs.fetchNextcloudApp {
85 url =
86 "https://github.com/SergeyMosin/Appointments/raw/v1.15.4/build/artifacts/appstore/appointments.tar.gz";
87 sha256 = "sha256-2Oo7MJBPiBUBf4kti4or5nX+QiXT1Tkw3KowUGCj67E=";
88 };
Skyler Grey0b140a82023-11-07 19:26:13 +000089 mail = pkgs.fetchNextcloudApp {
90 url =
91 "https://github.com/nextcloud-releases/mail/releases/download/v3.4.4/mail-v3.4.4.tar.gz";
92 sha256 = "sha256-2+EUVjeFW0mrnR23aU5UHZtGjqpDE11qHXu6PWhUTCs=";
93 };
94 spreed = pkgs.fetchNextcloudApp { # nextcloud talk
95 url =
96 "https://github.com/nextcloud-releases/spreed/releases/download/v17.1.2/spreed-v17.1.2.tar.gz";
97 sha256 = "sha256-OvZD/k1t4MAJ/BXbHzli6+V/bsgzE6iZQGrC9cG3b8E=";
98 };
99 notes = pkgs.fetchNextcloudApp {
100 url =
101 "https://github.com/nextcloud-releases/notes/releases/download/v4.8.1/notes.tar.gz";
102 sha256 = "sha256-7GkTGyGTvtDbZsq/zOdbBE7xh6DZO183W6I5XX1ekbw=";
103 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000104 };
Skyler Grey9ae213d2023-10-10 23:43:29 +0000105
Skyler Greyfe1740c2023-10-21 01:24:18 +0000106 sops.secrets.nextcloud_admin_password = {
107 mode = "0600";
108 owner = config.users.users.nextcloud.name;
109 group = config.users.users.nextcloud.group;
Samuel Shuertf68685d2023-10-28 20:07:56 -0400110 sopsFile = ../../secrets/nextcloud.json;
Skyler Greyfe1740c2023-10-21 01:24:18 +0000111 format = "json";
112 };
Skyler Grey13420dc2023-10-10 22:23:26 +0000113}