Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / 9781aec1f9c2245d6a529cef4aa84bc12fd22c5c / . / modules / common / nextcloud.nix
blob: 84cf6597e10dd6f89aec3337eb0f182bea827023 [file] [log] [blame]
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]1{ config, pkgs, lib, ... }: {
2 sops.secrets.clicks_nextcloud_db_password = {
3 mode = lib.mkForce "0440";
4 group = lib.mkForce "nextcloud";
5 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]6
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]7 users.users.nextcloud = {
8 isSystemUser = true;
9 createHome = true;
10 home = "/var/lib/nextcloud";
11 group = config.users.groups.nextcloud.name;
12 shell = pkgs.bashInteractive;
13 };
14 users.groups.nextcloud = { };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]15
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]16 services.nextcloud.enable = true;
Skyler Grey4259e932023-10-21 21:37:03 +0000[diff] [blame]17 services.nextcloud.https = true;
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]18 services.nextcloud.config.adminpassFile =
19 config.sops.secrets.nextcloud_admin_password.path;
20 services.nextcloud.hostName = "nextcloud.clicks.codes";
Skyler Grey4259e932023-10-21 21:37:03 +0000[diff] [blame]21 services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
22 enableACME = true;
23 forceSSL = true;
24 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]25 services.nextcloud.package = pkgs.nextcloud27;
26 services.nextcloud.poolSettings = {
27 pm = "dynamic";
28 "pm.max_children" = "32";
29 "pm.max_requests" = "500";
30 "pm.max_spare_servers" = "4";
31 "pm.min_spare_servers" = "2";
32 "pm.start_servers" = "2";
33 "listen.owner" = config.users.users.nextcloud.name;
34 "listen.group" = config.users.users.nextcloud.group;
35 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]36
Skyler Grey619aa3c2023-11-21 20:28:50 +0000[diff] [blame]37 services.nextcloud.phpOptions."opcache.interned_strings_buffer" = "32";
38
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]39 services.nextcloud.config = {
40 dbtype = "pgsql";
Skyler Grey896e9282023-12-22 23:49:10 +0000[diff] [blame]41 dbhost = "/run/postgresql";
Skyler Grey4259e932023-10-21 21:37:03 +0000[diff] [blame]42 extraTrustedDomains = [ "cloud.clicks.codes" "docs.clicks.codes" ];
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]43 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]44
Skyler Grey619aa3c2023-11-21 20:28:50 +0000[diff] [blame]45 services.nextcloud.extraOptions = {
Skyler Grey896e9282023-12-22 23:49:10 +0000[diff] [blame]46 loglevel = 3;
Skyler Grey619aa3c2023-11-21 20:28:50 +0000[diff] [blame]47 social_login_auto_redirect = true;
48 default_phone_region = "US";
49 "overwrite.cli.url" = "https://nextcloud.clicks.codes";
50 };
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]51
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]52 services.nextcloud.notify_push.enable = false;
53 services.nextcloud.configureRedis = true;
54
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]55 services.nextcloud.extraApps = {
56 sociallogin = pkgs.fetchNextcloudApp {
57 url =
58 "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.5.3/release.tar.gz";
59 sha256 = "sha256-96/wtK7t23fXVRcntDONjgb5bYtZuaNZzbvQCa5Gsj4=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]60 license = "agpl3Only";
Skyler Grey9ae213d2023-10-10 23:43:29 +0000[diff] [blame]61 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]62 richdocuments = pkgs.fetchNextcloudApp {
63 url =
64 "https://github.com/nextcloud-releases/richdocuments/releases/download/v8.2.0/richdocuments-v8.2.0.tar.gz";
65 sha256 = "sha256-PKw7FXSWvden2+6XjnUDOvbTF71slgeTF/ktS/l2+Dk=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]66 license = "agpl3Only";
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]67 };
Skyler Greya0f44522023-10-24 17:40:40 +0000[diff] [blame]68 calendar = pkgs.fetchNextcloudApp {
69 url =
70 "https://github.com/nextcloud-releases/calendar/releases/download/v4.5.2/calendar-v4.5.2.tar.gz";
71 sha256 = "sha256-n7GjgAyw2SLoZTEfakmI3IllWUk6o1MF89Zt3WGhR6A=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]72 license = "agpl3Only";
Skyler Greya0f44522023-10-24 17:40:40 +0000[diff] [blame]73 };
74 contacts = pkgs.fetchNextcloudApp {
75 url =
76 "https://github.com/nextcloud-releases/contacts/releases/download/v5.4.2/contacts-v5.4.2.tar.gz";
77 sha256 = "sha256-IkKHJ3MY/UPZqa4H86WGOEOypffMIHyJ9WvMqkq/4t8=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]78 license = "agpl3Only";
Skyler Greya0f44522023-10-24 17:40:40 +0000[diff] [blame]79 };
Skyler Grey1a0117e2023-11-01 10:00:40 +0000[diff] [blame]80 tasks = pkgs.fetchNextcloudApp {
81 url =
82 "https://github.com/nextcloud/tasks/releases/download/v0.15.0/tasks.tar.gz";
83 sha256 = "sha256-zMMqtEWiXmhB1C2IeWk8hgP7eacaXLkT7Tgi4NK6PCg=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]84 license = "agpl3Only";
Skyler Grey1a0117e2023-11-01 10:00:40 +0000[diff] [blame]85 };
86 appointments = pkgs.fetchNextcloudApp {
87 url =
88 "https://github.com/SergeyMosin/Appointments/raw/v1.15.4/build/artifacts/appstore/appointments.tar.gz";
89 sha256 = "sha256-2Oo7MJBPiBUBf4kti4or5nX+QiXT1Tkw3KowUGCj67E=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]90 license = "agpl3Only";
Skyler Grey1a0117e2023-11-01 10:00:40 +0000[diff] [blame]91 };
Skyler Grey0b140a82023-11-07 19:26:13 +0000[diff] [blame]92 mail = pkgs.fetchNextcloudApp {
93 url =
94 "https://github.com/nextcloud-releases/mail/releases/download/v3.4.4/mail-v3.4.4.tar.gz";
95 sha256 = "sha256-2+EUVjeFW0mrnR23aU5UHZtGjqpDE11qHXu6PWhUTCs=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]96 license = "agpl3Only";
Skyler Grey0b140a82023-11-07 19:26:13 +0000[diff] [blame]97 };
98 spreed = pkgs.fetchNextcloudApp { # nextcloud talk
99 url =
100 "https://github.com/nextcloud-releases/spreed/releases/download/v17.1.2/spreed-v17.1.2.tar.gz";
101 sha256 = "sha256-OvZD/k1t4MAJ/BXbHzli6+V/bsgzE6iZQGrC9cG3b8E=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]102 license = "agpl3Only";
Skyler Grey0b140a82023-11-07 19:26:13 +0000[diff] [blame]103 };
104 notes = pkgs.fetchNextcloudApp {
105 url =
106 "https://github.com/nextcloud-releases/notes/releases/download/v4.8.1/notes.tar.gz";
107 sha256 = "sha256-7GkTGyGTvtDbZsq/zOdbBE7xh6DZO183W6I5XX1ekbw=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]108 license = "agpl3Only";
Skyler Grey0b140a82023-11-07 19:26:13 +0000[diff] [blame]109 };
Samuel Shuert578f6b52023-11-24 18:49:06 -0500[diff] [blame]110 files_3dmodelviewer = pkgs.fetchNextcloudApp {
111 url =
112 "https://github.com/WARP-LAB/files_3dmodelviewer/releases/download/v0.0.12/files_3dmodelviewer.tar.gz";
113 sha256 = "sha256-JKlHDB6VFUXv7V+TzWSgJeuvR2Z+oXGKFZgZtX2A9pA=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]114 license = "agpl3Only";
Samuel Shuert578f6b52023-11-24 18:49:06 -0500[diff] [blame]115 };
Samuel Shuert7e8f5722023-11-27 13:02:25 -0500[diff] [blame]116 external = pkgs.fetchNextcloudApp {
117 url =
118 "https://github.com/nextcloud-releases/external/releases/download/v5.2.1/external-v5.2.1.tar.gz";
119 sha256 = "sha256-X7eC8T8wSZGVwCQp6U/WxjMC7aIj39osgHotaUoRNSQ=";
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]120 license = "agpl3Only";
Samuel Shuert7e8f5722023-11-27 13:02:25 -0500[diff] [blame]121 };
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]122 };
Skyler Grey9ae213d2023-10-10 23:43:29 +0000[diff] [blame]123
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]124 sops.secrets.nextcloud_admin_password = {
125 mode = "0600";
126 owner = config.users.users.nextcloud.name;
127 group = config.users.users.nextcloud.group;
Samuel Shuertf68685d2023-10-28 20:07:56 -0400[diff] [blame]128 sopsFile = ../../secrets/nextcloud.json;
Skyler Greyfe1740c2023-10-21 01:24:18 +0000[diff] [blame]129 format = "json";
130 };
Skyler Grey7337ee52023-12-03 11:58:17 +0000[diff] [blame]131
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]132 systemd.services.nextcloud-setup.requires = [ "postgresql.service" ];
Skyler Grey7337ee52023-12-03 11:58:17 +0000[diff] [blame]133 systemd.services.nextcloud-cron.requires = [ "postgresql.service" ];
Skyler Grey915067d2023-12-03 13:46:53 +0000[diff] [blame]134 systemd.services.nextcloud-notify_push.requires = [ "postgresql.service" ];
Skyler Grey13420dc2023-10-10 22:23:26 +0000[diff] [blame]135}