2022-11-29 19:02:01 +01:00
|
|
|
# self-hosted cloud
|
2024-07-28 21:08:02 +02:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}:
|
2022-11-29 19:02:01 +01:00
|
|
|
let
|
|
|
|
|
cfg = config.my.services.nextcloud;
|
2023-11-07 23:13:51 +01:00
|
|
|
inherit (config.networking) domain;
|
2022-11-29 19:02:01 +01:00
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
options.my.services.nextcloud = with lib; {
|
|
|
|
|
enable = mkEnableOption "Nextcloud";
|
|
|
|
|
maxSize = mkOption {
|
|
|
|
|
type = types.str;
|
2023-04-02 12:16:21 +02:00
|
|
|
default = "10G";
|
2022-11-29 19:02:01 +01:00
|
|
|
example = "512M";
|
|
|
|
|
description = "Maximum file upload size";
|
|
|
|
|
};
|
|
|
|
|
admin = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
default = "felix";
|
|
|
|
|
example = "admin";
|
|
|
|
|
description = "Name of the admin user";
|
|
|
|
|
};
|
2024-06-01 18:45:02 +02:00
|
|
|
default_phone_region = mkOption {
|
2022-11-29 19:02:01 +01:00
|
|
|
type = types.str;
|
|
|
|
|
default = "DE";
|
|
|
|
|
example = "US";
|
|
|
|
|
description = "country codes for automatic phone-number ";
|
|
|
|
|
};
|
|
|
|
|
passwordFile = mkOption {
|
2022-12-04 18:07:21 +01:00
|
|
|
type = types.path;
|
2022-11-29 19:02:01 +01:00
|
|
|
example = "/var/lib/nextcloud/password.txt";
|
|
|
|
|
description = ''
|
|
|
|
|
Path to a file containing the admin's password, must be readable by
|
|
|
|
|
'nextcloud' user.
|
|
|
|
|
'';
|
|
|
|
|
};
|
2023-04-16 18:15:53 +02:00
|
|
|
|
|
|
|
|
exporterPasswordFile = mkOption {
|
|
|
|
|
type = types.path;
|
|
|
|
|
example = "/var/lib/nextcloud/password.txt";
|
|
|
|
|
description = ''
|
|
|
|
|
Path to a file containing the admin's password, must be readable by
|
|
|
|
|
'nextcloud' user.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
exporterPort = mkOption {
|
|
|
|
|
type = types.port;
|
|
|
|
|
default = 9205;
|
|
|
|
|
example = 8080;
|
|
|
|
|
description = "Internal port for the exporter";
|
|
|
|
|
};
|
2022-11-29 19:02:01 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = lib.mkIf cfg.enable {
|
2023-11-12 23:36:30 +01:00
|
|
|
services = {
|
|
|
|
|
nextcloud = {
|
|
|
|
|
enable = true;
|
2024-06-01 18:45:02 +02:00
|
|
|
package = pkgs.nextcloud29;
|
2023-11-12 23:36:30 +01:00
|
|
|
hostName = "cloud.${domain}";
|
|
|
|
|
maxUploadSize = cfg.maxSize;
|
|
|
|
|
autoUpdateApps.enable = true;
|
2024-06-01 18:45:02 +02:00
|
|
|
settings = {
|
|
|
|
|
inherit (cfg) default_phone_region;
|
|
|
|
|
overwriteprotocol = "https"; # nginx only allows SSL
|
|
|
|
|
};
|
2023-11-12 23:36:30 +01:00
|
|
|
config = {
|
|
|
|
|
adminuser = cfg.admin;
|
|
|
|
|
adminpassFile = cfg.passwordFile;
|
2022-11-29 19:02:01 +01:00
|
|
|
|
2023-11-12 23:36:30 +01:00
|
|
|
#dbtype = "pgsql";
|
|
|
|
|
#dbhost = "/run/postgresql";
|
2022-11-29 19:02:01 +01:00
|
|
|
};
|
2023-11-12 23:36:30 +01:00
|
|
|
|
2024-06-01 18:45:02 +02:00
|
|
|
extraApps = with pkgs.nextcloud29Packages.apps; {
|
2024-07-28 21:08:02 +02:00
|
|
|
inherit
|
|
|
|
|
calendar
|
|
|
|
|
contacts
|
|
|
|
|
tasks
|
|
|
|
|
deck
|
|
|
|
|
;
|
2022-11-29 19:02:01 +01:00
|
|
|
};
|
2023-11-13 20:35:28 +01:00
|
|
|
extraAppsEnable = true;
|
2022-11-29 19:02:01 +01:00
|
|
|
};
|
|
|
|
|
|
2023-11-12 23:36:30 +01:00
|
|
|
#postgresql = {
|
|
|
|
|
# enable = true;
|
|
|
|
|
# ensureDatabases = [ "nextcloud" ];
|
|
|
|
|
# ensureUsers = [
|
|
|
|
|
# {
|
|
|
|
|
# name = "nextcloud";
|
|
|
|
|
# ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
|
|
|
|
|
# }
|
|
|
|
|
# ];
|
|
|
|
|
#};
|
|
|
|
|
|
|
|
|
|
# The service above configures the domain, no need for my wrapper
|
|
|
|
|
nginx.virtualHosts."cloud.${domain}" = {
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
useACMEHost = domain;
|
|
|
|
|
|
|
|
|
|
# so homer can get the online status
|
|
|
|
|
extraConfig = lib.optionalString config.my.services.homer.enable ''
|
|
|
|
|
add_header Access-Control-Allow-Origin https://${domain};
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
prometheus.exporters.nextcloud = {
|
|
|
|
|
enable = true;
|
|
|
|
|
url = "https://cloud.${domain}";
|
|
|
|
|
username = cfg.admin;
|
|
|
|
|
passwordFile = cfg.exporterPasswordFile;
|
|
|
|
|
port = cfg.exporterPort;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
prometheus.scrapeConfigs = [
|
|
|
|
|
{
|
|
|
|
|
job_name = "nextcloud";
|
|
|
|
|
static_configs = [
|
|
|
|
|
{
|
|
|
|
|
targets = [ "127.0.0.1:${toString cfg.exporterPort}" ];
|
|
|
|
|
labels = {
|
|
|
|
|
instance = config.networking.hostName;
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
grafana.provision = {
|
|
|
|
|
dashboards.settings.providers = [
|
|
|
|
|
{
|
|
|
|
|
name = "Nextcloud";
|
|
|
|
|
options.path = pkgs.grafana-dashboards.nextcloud;
|
|
|
|
|
disableDeletion = true;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
2022-11-29 19:02:01 +01:00
|
|
|
|
|
|
|
|
#systemd.services."nextcloud-setup" = {
|
|
|
|
|
# requires = [ "postgresql.service" ];
|
|
|
|
|
# after = [ "postgresql.service" ];
|
|
|
|
|
#};
|
|
|
|
|
|
2022-12-04 18:07:21 +01:00
|
|
|
my.services.backup = {
|
|
|
|
|
exclude = [
|
|
|
|
|
# image previews can take up a lot of space
|
|
|
|
|
"${config.services.nextcloud.home}/data/appdata_*/preview"
|
|
|
|
|
];
|
|
|
|
|
};
|
2022-11-29 19:02:01 +01:00
|
|
|
|
|
|
|
|
webapps.apps.nextcloud = {
|
|
|
|
|
dashboard = {
|
2022-12-25 12:20:20 +01:00
|
|
|
name = "Cloud";
|
2023-01-29 20:16:25 +01:00
|
|
|
category = "media";
|
2022-11-29 19:02:01 +01:00
|
|
|
icon = "cloud";
|
2023-11-12 20:39:44 +01:00
|
|
|
url = "https://cloud.${domain}/login";
|
2022-11-29 19:02:01 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
