nixos-conf/services/nextcloud.nix

54 lines
1.3 KiB
Nix

{
config,
pkgs,
lib,
...
}:
{
imports = [ ./cert-store-client.nix ];
options.custom.nextcloud_domain = lib.mkOption {
type = lib.types.str;
description = "Domain used by Nextcloud";
};
config = {
networking.firewall.allowedTCPPorts = [ 443 ];
services = {
nextcloud = {
package = pkgs.nextcloud31;
enable = true;
hostName = config.custom.nextcloud_domain;
autoUpdateApps.enable = true;
https = true;
maxUploadSize = "512M"; # Default
config = {
adminpassFile = "/var/lib/nextcloud/adminpass";
};
settings = {
overwriteprotocol = "https";
default_phone_region = "FI";
maintenance_window_start = 1;
};
phpOptions = {
"opcache.interned_strings_buffer" = 32;
};
};
nginx = {
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedTlsSettings = true;
recommendedProxySettings = true;
virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
kTLS = true;
sslCertificate = "/mnt/acme/fullchain.pem";
sslCertificateKey = "/mnt/acme/key.pem";
};
};
};
};
}