Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / 2ca6ccd8796707dd8231ce578da9183153b8632f / . / modules / nextcloud.nix
blob: 52ab02988d5902ad0166495b37952d9484f01f2f [file] [log] [blame]
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]1{config, pkgs, lib, ...}: {
2 sops.secrets.clicks_nextcloud_db_password = {
3 mode = lib.mkForce "0440";
4 group = lib.mkForce "nextcloud";
5 };
6
7 users.users.nextcloud = {
8 isSystemUser = true;
9 createHome = true;
10 home = "/var/lib/nextcloud";
11 group = config.users.groups.nextcloud.name;
12 shell = pkgs.bashInteractive;
13 };
14 users.groups.nextcloud = {};
15
16
17 services.nextcloud.enable = true;
18 services.nextcloud.config.adminpassFile = config.sops.secrets.nextcloud_admin_password.path;
Skyler Grey2ca6ccd2023-10-14 22:56:43 +0000[diff] [blame^]19 services.nextcloud.hostName = "nextcloud.clicks.codes";
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]20 services.nextcloud.package = pkgs.nextcloud27;
21 services.nextcloud.poolSettings = {
22 pm = "dynamic";
23 "pm.max_children" = "32";
24 "pm.max_requests" = "500";
25 "pm.max_spare_servers" = "4";
26 "pm.min_spare_servers" = "2";
27 "pm.start_servers" = "2";
28 "listen.owner" = config.users.users.nextcloud.name;
29 "listen.group" = config.users.users.nextcloud.group;
30 };
31
32 services.nextcloud.config = {
33 dbtype = "pgsql";
34 dbport = config.services.postgresql.port;
35 dbpassFile = config.sops.secrets.clicks_nextcloud_db_password.path;
36 dbname = "nextcloud";
37 dbhost = "localhost";
38 extraTrustedDomains = [ "nextcloud.clicks.codes" "docs.clicks.codes" ];
39 };
40
Skyler Grey8bbc6162023-10-10 23:50:18 +0000[diff] [blame]41 services.nextcloud.extraOptions = {
Skyler Grey9ae213d2023-10-10 23:43:29 +0000[diff] [blame]42 social_login_auto_redirect = true;
43 };
44
Skyler Grey13420dc2023-10-10 22:23:26 +0000[diff] [blame]45 services.nextcloud.extraApps = {
46 sociallogin = pkgs.fetchNextcloudApp {
47 url = "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.5.3/release.tar.gz";
48 sha256 = "sha256-96/wtK7t23fXVRcntDONjgb5bYtZuaNZzbvQCa5Gsj4=";
49 };
Skyler Grey2ca6ccd2023-10-14 22:56:43 +0000[diff] [blame^]50 richdocumentscode = pkgs.fetchNextcloudApp {
51 url = "redacted";
52 sha256 = "sha256-XYtjBZCIQ6+PL3BNLSZfJTgLLpOyphzR5HOAwI7bWx0=";
53 };
54 richdocuments = pkgs.fetchNextcloudApp {
55 url = "https://github.com/nextcloud-releases/richdocuments/releases/download/v8.2.0/richdocuments-v8.2.0.tar.gz";
56 sha256 = "sha256-PKw7FXSWvden2+6XjnUDOvbTF71slgeTF/ktS/l2+Dk=";
57 };
Skyler Grey13420dc2023-10-10 22:23:26 +0000[diff] [blame]58 };
59
Skyler Grey09c5cda2023-10-09 07:10:10 +0000[diff] [blame]60 sops.secrets.nextcloud_admin_password = {
61 mode = "0600";
62 owner = config.users.users.nextcloud.name;
63 group = config.users.users.nextcloud.group;
64 sopsFile = ../secrets/nextcloud.json;
65 format = "json";
66 };
Skyler Grey13420dc2023-10-10 22:23:26 +0000[diff] [blame]67}