2024-05-23 13:39:48 +03:00
|
|
|
# Nextcloud instance
|
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
{
|
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
|
networking.firewall.allowedUDPPorts = [ 443 ];
|
|
|
|
|
|
|
|
|
|
services.nextcloud = {
|
2024-06-01 12:00:51 +03:00
|
|
|
package = pkgs.nextcloud29;
|
2024-05-23 13:39:48 +03:00
|
|
|
enable = true;
|
|
|
|
|
hostName = "nextcloud.vsinerva.fi";
|
|
|
|
|
autoUpdateApps.enable = true;
|
|
|
|
|
https = true;
|
|
|
|
|
maxUploadSize = "10G";
|
|
|
|
|
config = {
|
|
|
|
|
adminpassFile = "/var/lib/nextcloud/adminpass";
|
|
|
|
|
};
|
2024-06-01 12:11:24 +03:00
|
|
|
settings = {
|
|
|
|
|
overwriteprotocol = "https";
|
|
|
|
|
};
|
2024-05-23 13:39:48 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.nginx.virtualHosts =
|
|
|
|
|
{
|
|
|
|
|
${config.services.nextcloud.hostName} = {
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
kTLS = true;
|
|
|
|
|
sslCertificate = "/var/lib/nextcloud/nextcloud_fullchain.pem";
|
|
|
|
|
sslCertificateKey = "/var/lib/nextcloud/nextcloud_privkey.pem";
|
|
|
|
|
locations = {
|
|
|
|
|
"/".proxyWebsockets = true;
|
|
|
|
|
"~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/)" = {};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
