128 lines
3.3 KiB
Nix
128 lines
3.3 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
cfg = config.custom.nextcloud;
|
|
in
|
|
{
|
|
options.custom = {
|
|
nextcloud = {
|
|
enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
};
|
|
domain = lib.mkOption {
|
|
type = with lib.types; nullOr str;
|
|
default = null;
|
|
};
|
|
collabora = {
|
|
enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
};
|
|
domain = lib.mkOption {
|
|
type = with lib.types; nullOr str;
|
|
default = null;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable (
|
|
lib.mkMerge [
|
|
{
|
|
custom = {
|
|
nginxHttpsServer.enable = true;
|
|
certStoreClient.enable = true;
|
|
};
|
|
|
|
environment.persistence."/persist".directories = [
|
|
{
|
|
directory = config.services.nextcloud.home;
|
|
user = "nextcloud";
|
|
group = "nextcloud";
|
|
mode = "u=rwx,g=rx,o=";
|
|
}
|
|
];
|
|
sops.secrets.admin-pass.sopsFile = ../../secrets/nextcloud.yaml;
|
|
|
|
services = {
|
|
nextcloud = {
|
|
package = pkgs.nextcloud31;
|
|
enable = true;
|
|
hostName = cfg.domain;
|
|
autoUpdateApps.enable = true;
|
|
https = true;
|
|
maxUploadSize = "512M"; # Default
|
|
config = {
|
|
dbtype = "sqlite";
|
|
adminpassFile = config.sops.secrets.admin-pass.path;
|
|
};
|
|
settings = {
|
|
overwriteprotocol = "https";
|
|
default_phone_region = "FI";
|
|
maintenance_window_start = 1;
|
|
};
|
|
phpOptions = {
|
|
"opcache.interned_strings_buffer" = 32;
|
|
};
|
|
};
|
|
|
|
nginx.virtualHosts.${config.services.nextcloud.hostName} = { };
|
|
};
|
|
}
|
|
(
|
|
# Optional Collabora Client
|
|
lib.mkIf cfg.collabora.enable {
|
|
services = {
|
|
collabora-online = {
|
|
enable = true;
|
|
port = 9980; # default
|
|
settings = {
|
|
ssl = {
|
|
enable = false;
|
|
termination = true;
|
|
};
|
|
|
|
net = {
|
|
listen = "loopback";
|
|
post_allow.host = [
|
|
"127.0.0.1"
|
|
"::1"
|
|
];
|
|
};
|
|
|
|
storage.wopi = {
|
|
"@allow" = true;
|
|
host = [ config.services.nextcloud.hostName ] ++ config.services.nextcloud.settings.trusted_domains;
|
|
};
|
|
|
|
server_name = cfg.collabora.domain;
|
|
};
|
|
};
|
|
|
|
nginx.virtualHosts.${config.services.collabora-online.settings.server_name} = {
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString config.services.collabora-online.port}";
|
|
proxyWebsockets = true; # collabora uses websockets
|
|
};
|
|
};
|
|
|
|
nextcloud = {
|
|
appstoreEnable = true;
|
|
extraAppsEnable = true;
|
|
extraApps = with config.services.nextcloud.package.packages.apps; {
|
|
inherit
|
|
richdocuments
|
|
;
|
|
};
|
|
};
|
|
};
|
|
}
|
|
)
|
|
]
|
|
);
|
|
}
|