Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / fe1740cc76af3fa3b69df4d588a3112384700003 / . / modules / nextcloud.nix
blob: 197ad89b311e6f0e1ddfe68f41a9cd7760a96028 [file] [log] [blame]
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]1{ config, pkgs, lib, ... }: {
2 sops.secrets.clicks_nextcloud_db_password = {
3 mode = lib.mkForce "0440";
4 group = lib.mkForce "nextcloud";
5 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]6
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]7 users.users.nextcloud = {
8 isSystemUser = true;
9 createHome = true;
10 home = "/var/lib/nextcloud";
11 group = config.users.groups.nextcloud.name;
12 shell = pkgs.bashInteractive;
13 };
14 users.groups.nextcloud = { };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]15
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]16 services.nextcloud.enable = true;
17 services.nextcloud.config.adminpassFile =
18 config.sops.secrets.nextcloud_admin_password.path;
19 services.nextcloud.hostName = "nextcloud.clicks.codes";
20 services.nextcloud.package = pkgs.nextcloud27;
21 services.nextcloud.poolSettings = {
22 pm = "dynamic";
23 "pm.max_children" = "32";
24 "pm.max_requests" = "500";
25 "pm.max_spare_servers" = "4";
26 "pm.min_spare_servers" = "2";
27 "pm.start_servers" = "2";
28 "listen.owner" = config.users.users.nextcloud.name;
29 "listen.group" = config.users.users.nextcloud.group;
30 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]31
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]32 services.nextcloud.config = {
33 dbtype = "pgsql";
34 dbport = config.services.postgresql.port;
35 dbpassFile = config.sops.secrets.clicks_nextcloud_db_password.path;
36 dbname = "nextcloud";
37 dbhost = "localhost";
38 extraTrustedDomains = [ "nextcloud.clicks.codes" "docs.clicks.codes" ];
39 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]40
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]41 services.nextcloud.extraOptions = { social_login_auto_redirect = true; };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]42
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]43 services.nextcloud.extraApps = {
44 sociallogin = pkgs.fetchNextcloudApp {
45 url =
46 "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.5.3/release.tar.gz";
47 sha256 = "sha256-96/wtK7t23fXVRcntDONjgb5bYtZuaNZzbvQCa5Gsj4=";
Skyler Grey9ae213d2023-10-10 23:43:29 +0000[diff] [blame]48 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]49 richdocumentscode = pkgs.fetchNextcloudApp {
50 url = "redacted";
51 sha256 = "sha256-XYtjBZCIQ6+PL3BNLSZfJTgLLpOyphzR5HOAwI7bWx0=";
52 };
53 richdocuments = pkgs.fetchNextcloudApp {
54 url =
55 "https://github.com/nextcloud-releases/richdocuments/releases/download/v8.2.0/richdocuments-v8.2.0.tar.gz";
56 sha256 = "sha256-PKw7FXSWvden2+6XjnUDOvbTF71slgeTF/ktS/l2+Dk=";
57 };
58 };
Skyler Grey9ae213d2023-10-10 23:43:29 +0000[diff] [blame]59
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame^]60 sops.secrets.nextcloud_admin_password = {
61 mode = "0600";
62 owner = config.users.users.nextcloud.name;
63 group = config.users.users.nextcloud.group;
64 sopsFile = ../secrets/nextcloud.json;
65 format = "json";
66 };
Skyler Grey13420dc2023-10-10 22:23:26 +0000[diff] [blame]67}