Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / 45489981b685fdf0bd22d90b58ae2946e6b3ed9a / . / modules / common / nextcloud.nix
blob: e98c5f465903eae6e4d46e2a8e27fd6d24503ffe [file] [log] [blame]
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]1{ config, pkgs, lib, ... }: {
2 sops.secrets.clicks_nextcloud_db_password = {
3 mode = lib.mkForce "0440";
4 group = lib.mkForce "nextcloud";
5 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]6
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]7 users.users.nextcloud = {
8 isSystemUser = true;
9 createHome = true;
10 home = "/var/lib/nextcloud";
11 group = config.users.groups.nextcloud.name;
12 shell = pkgs.bashInteractive;
13 };
14 users.groups.nextcloud = { };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]15
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]16 services.nextcloud.enable = true;
Skyler Grey4259e932023-10-21 21:37:03 +0000[diff] [blame]17 services.nextcloud.https = true;
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]18 services.nextcloud.config.adminpassFile =
19 config.sops.secrets.nextcloud_admin_password.path;
20 services.nextcloud.hostName = "nextcloud.clicks.codes";
Skyler Grey4259e932023-10-21 21:37:03 +0000[diff] [blame]21 services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
22 enableACME = true;
23 forceSSL = true;
24 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]25 services.nextcloud.package = pkgs.nextcloud27;
26 services.nextcloud.poolSettings = {
27 pm = "dynamic";
28 "pm.max_children" = "32";
29 "pm.max_requests" = "500";
30 "pm.max_spare_servers" = "4";
31 "pm.min_spare_servers" = "2";
32 "pm.start_servers" = "2";
33 "listen.owner" = config.users.users.nextcloud.name;
34 "listen.group" = config.users.users.nextcloud.group;
35 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]36
Skyler Grey619aa3c2023-11-21 20:28:50 +0000[diff] [blame]37 services.nextcloud.phpOptions."opcache.interned_strings_buffer" = "32";
38
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]39 services.nextcloud.config = {
40 dbtype = "pgsql";
41 dbport = config.services.postgresql.port;
42 dbpassFile = config.sops.secrets.clicks_nextcloud_db_password.path;
43 dbname = "nextcloud";
44 dbhost = "localhost";
Skyler Grey4259e932023-10-21 21:37:03 +0000[diff] [blame]45 extraTrustedDomains = [ "cloud.clicks.codes" "docs.clicks.codes" ];
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]46 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]47
Skyler Grey619aa3c2023-11-21 20:28:50 +0000[diff] [blame]48 services.nextcloud.extraOptions = {
49 social_login_auto_redirect = true;
50 default_phone_region = "US";
51 "overwrite.cli.url" = "https://nextcloud.clicks.codes";
52 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]53
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]54 services.nextcloud.extraApps = {
55 sociallogin = pkgs.fetchNextcloudApp {
56 url =
57 "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.5.3/release.tar.gz";
58 sha256 = "sha256-96/wtK7t23fXVRcntDONjgb5bYtZuaNZzbvQCa5Gsj4=";
Skyler Grey9ae213d2023-10-10 23:43:29 +0000[diff] [blame]59 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]60 richdocuments = pkgs.fetchNextcloudApp {
61 url =
62 "https://github.com/nextcloud-releases/richdocuments/releases/download/v8.2.0/richdocuments-v8.2.0.tar.gz";
63 sha256 = "sha256-PKw7FXSWvden2+6XjnUDOvbTF71slgeTF/ktS/l2+Dk=";
64 };
Skyler Greya0f44522023-10-24 17:40:40 +0000[diff] [blame]65 calendar = pkgs.fetchNextcloudApp {
66 url =
67 "https://github.com/nextcloud-releases/calendar/releases/download/v4.5.2/calendar-v4.5.2.tar.gz";
68 sha256 = "sha256-n7GjgAyw2SLoZTEfakmI3IllWUk6o1MF89Zt3WGhR6A=";
69 };
70 contacts = pkgs.fetchNextcloudApp {
71 url =
72 "https://github.com/nextcloud-releases/contacts/releases/download/v5.4.2/contacts-v5.4.2.tar.gz";
73 sha256 = "sha256-IkKHJ3MY/UPZqa4H86WGOEOypffMIHyJ9WvMqkq/4t8=";
74 };
Skyler Grey1a0117e2023-11-01 10:00:40 +0000[diff] [blame]75 tasks = pkgs.fetchNextcloudApp {
76 url =
77 "https://github.com/nextcloud/tasks/releases/download/v0.15.0/tasks.tar.gz";
78 sha256 = "sha256-zMMqtEWiXmhB1C2IeWk8hgP7eacaXLkT7Tgi4NK6PCg=";
79 };
80 appointments = pkgs.fetchNextcloudApp {
81 url =
82 "https://github.com/SergeyMosin/Appointments/raw/v1.15.4/build/artifacts/appstore/appointments.tar.gz";
83 sha256 = "sha256-2Oo7MJBPiBUBf4kti4or5nX+QiXT1Tkw3KowUGCj67E=";
84 };
Skyler Grey0b140a82023-11-07 19:26:13 +0000[diff] [blame]85 mail = pkgs.fetchNextcloudApp {
86 url =
87 "https://github.com/nextcloud-releases/mail/releases/download/v3.4.4/mail-v3.4.4.tar.gz";
88 sha256 = "sha256-2+EUVjeFW0mrnR23aU5UHZtGjqpDE11qHXu6PWhUTCs=";
89 };
90 spreed = pkgs.fetchNextcloudApp { # nextcloud talk
91 url =
92 "https://github.com/nextcloud-releases/spreed/releases/download/v17.1.2/spreed-v17.1.2.tar.gz";
93 sha256 = "sha256-OvZD/k1t4MAJ/BXbHzli6+V/bsgzE6iZQGrC9cG3b8E=";
94 };
95 notes = pkgs.fetchNextcloudApp {
96 url =
97 "https://github.com/nextcloud-releases/notes/releases/download/v4.8.1/notes.tar.gz";
98 sha256 = "sha256-7GkTGyGTvtDbZsq/zOdbBE7xh6DZO183W6I5XX1ekbw=";
99 };
Samuel Shuert578f6b52023-11-24 18:49:06 -0500[diff] [blame]100 files_3dmodelviewer = pkgs.fetchNextcloudApp {
101 url =
102 "https://github.com/WARP-LAB/files_3dmodelviewer/releases/download/v0.0.12/files_3dmodelviewer.tar.gz";
103 sha256 = "sha256-JKlHDB6VFUXv7V+TzWSgJeuvR2Z+oXGKFZgZtX2A9pA=";
104 };
Samuel Shuert7e8f5722023-11-27 13:02:25 -0500[diff] [blame]105 external = pkgs.fetchNextcloudApp {
106 url =
107 "https://github.com/nextcloud-releases/external/releases/download/v5.2.1/external-v5.2.1.tar.gz";
108 sha256 = "sha256-X7eC8T8wSZGVwCQp6U/WxjMC7aIj39osgHotaUoRNSQ=";
109 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]110 };
Skyler Grey9ae213d2023-10-10 23:43:29 +0000[diff] [blame]111
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]112 sops.secrets.nextcloud_admin_password = {
113 mode = "0600";
114 owner = config.users.users.nextcloud.name;
115 group = config.users.users.nextcloud.group;
Samuel Shuertf68685d2023-10-28 20:07:56 -0400[diff] [blame]116 sopsFile = ../../secrets/nextcloud.json;
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]117 format = "json";
118 };
Skyler Grey7337ee52023-12-03 11:58:17 +0000[diff] [blame]119
120 systemd.services.nextcloud-cron.requires = [ "postgresql.service" ];
Skyler Grey13420dc2023-10-10 22:23:26 +0000[diff] [blame]121}