nixos-conf/nextcloud.nix

# Nextcloud instance
{ config, pkgs, ... }:
{
  networking.firewall.allowedTCPPorts = [
    80
    443
  ];
  networking.firewall.allowedUDPPorts = [ 443 ];

  services.nextcloud = {
    package = pkgs.nextcloud29;
    enable = true;
    hostName = "nextcloud.vsinerva.fi";
    autoUpdateApps.enable = true;
    https = true;
    maxUploadSize = "10G";
    config = {
      adminpassFile = "/var/lib/nextcloud/adminpass";
    };
    settings = {
      overwriteprotocol = "https";
    };
  };

  services.nginx.virtualHosts = {
    ${config.services.nextcloud.hostName} = {
      forceSSL = true;
      kTLS = true;
      sslCertificate = "/var/lib/nextcloud/nextcloud_fullchain.pem";
      sslCertificateKey = "/var/lib/nextcloud/nextcloud_privkey.pem";
      locations = {
        "/".proxyWebsockets = true;
        "~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/)" =
          { };
      };
    };
  };
}
Init 2024-05-23 13:39:48 +03:00			`# Nextcloud instance`
			`{ config, pkgs, ... }:`
			`{`
Format every file 2024-06-02 16:18:19 +03:00			`networking.firewall.allowedTCPPorts = [`
			`80`
			`443`
			`];`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`networking.firewall.allowedUDPPorts = [ 443 ];`
Init 2024-05-23 13:39:48 +03:00
Auto-indent every file 2024-06-02 05:53:39 +03:00			`services.nextcloud = {`
			`package = pkgs.nextcloud29;`
			`enable = true;`
			`hostName = "nextcloud.vsinerva.fi";`
			`autoUpdateApps.enable = true;`
			`https = true;`
			`maxUploadSize = "10G";`
			`config = {`
			`adminpassFile = "/var/lib/nextcloud/adminpass";`
			`};`
			`settings = {`
			`overwriteprotocol = "https";`
			`};`
			`};`
Init 2024-05-23 13:39:48 +03:00
Format every file 2024-06-02 16:18:19 +03:00			`services.nginx.virtualHosts = {`
			`${config.services.nextcloud.hostName} = {`
			`forceSSL = true;`
			`kTLS = true;`
			`sslCertificate = "/var/lib/nextcloud/nextcloud_fullchain.pem";`
			`sslCertificateKey = "/var/lib/nextcloud/nextcloud_privkey.pem";`
			`locations = {`
			`"/".proxyWebsockets = true;`
			`"~ ^\/nextcloud\/(?:index\|remote\|public\|cron\|core\/ajax\/update\|status\|ocs\/v[12]\|updater\/.+\|oc[ms]-provider\/.+\|.+\/richdocumentscode\/proxy)\.php(?:$\|\/)" =`
			`{ };`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`};`
			`};`
Format every file 2024-06-02 16:18:19 +03:00			`};`
			`}`