54 lines
1.3 KiB
Nix
54 lines
1.3 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
imports = [ ./cert-store-client.nix ];
|
|
|
|
options.custom.nextcloud_domain = lib.mkOption {
|
|
type = lib.types.str;
|
|
description = "Domain used by Nextcloud";
|
|
};
|
|
|
|
config = {
|
|
networking.firewall.allowedTCPPorts = [ 443 ];
|
|
|
|
services = {
|
|
nextcloud = {
|
|
package = pkgs.nextcloud31;
|
|
enable = true;
|
|
hostName = config.custom.nextcloud_domain;
|
|
autoUpdateApps.enable = true;
|
|
https = true;
|
|
maxUploadSize = "512M"; # Default
|
|
config = {
|
|
adminpassFile = "/var/lib/nextcloud/adminpass";
|
|
};
|
|
settings = {
|
|
overwriteprotocol = "https";
|
|
default_phone_region = "FI";
|
|
maintenance_window_start = 1;
|
|
};
|
|
phpOptions = {
|
|
"opcache.interned_strings_buffer" = 32;
|
|
};
|
|
};
|
|
|
|
nginx = {
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedTlsSettings = true;
|
|
recommendedProxySettings = true;
|
|
|
|
virtualHosts.${config.services.nextcloud.hostName} = {
|
|
forceSSL = true;
|
|
kTLS = true;
|
|
sslCertificate = "/mnt/acme/fullchain.pem";
|
|
sslCertificateKey = "/mnt/acme/key.pem";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|