mirror of
https://forge.katzen.cafe/schrottkatze/nix-configs.git
synced 2024-11-05 15:16:23 +01:00
nextcloud
This commit is contained in:
parent
b159ff8c4b
commit
f537809a4b
|
@ -11,6 +11,7 @@
|
||||||
../common.nix
|
../common.nix
|
||||||
./proxy.nix
|
./proxy.nix
|
||||||
./vaultwarden.nix
|
./vaultwarden.nix
|
||||||
|
./nextcloud.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
jade = {
|
jade = {
|
||||||
|
|
37
schrottserver/nextcloud.nix
Normal file
37
schrottserver/nextcloud.nix
Normal file
|
@ -0,0 +1,37 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.nextcloud = {
|
||||||
|
enable = true;
|
||||||
|
config = {
|
||||||
|
dbtype = "pgsql";
|
||||||
|
dbuser = "nextcloud";
|
||||||
|
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
|
||||||
|
dbname = "nextcloud";
|
||||||
|
adminpassFile = "${../secret-data/nextcloud-admin-pass}";
|
||||||
|
adminuser = "root";
|
||||||
|
};
|
||||||
|
package = pkgs.nextcloud25;
|
||||||
|
extraApps = with pkgs.nextcloud25Packages.apps; {
|
||||||
|
inherit bookmarks calendar contacts deck keeweb mail news notes onlyoffice polls tasks twofactor_webauthn;
|
||||||
|
};
|
||||||
|
extraAppsEnable = true;
|
||||||
|
hostName = "wolke.schrottkatze.de";
|
||||||
|
https = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.postgresql = {
|
||||||
|
enable = true;
|
||||||
|
ensureDatabases = [ "nextcloud" ];
|
||||||
|
ensureUsers = [
|
||||||
|
{ name = "nextcloud";
|
||||||
|
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# ensure that postgres is running *before* running the setup
|
||||||
|
systemd.services."nextcloud-setup" = {
|
||||||
|
requires = ["postgresql.service"];
|
||||||
|
after = ["postgresql.service"];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,13 +1,10 @@
|
||||||
{ inputs, config, pkgs, ... }:
|
{ inputs, config, pkgs, ... }:
|
||||||
let
|
{
|
||||||
domain = "schrottkatze.de";
|
|
||||||
vaultwardenSubdomain = "vw";
|
|
||||||
in {
|
|
||||||
security.acme = {
|
security.acme = {
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
defaults.email = "jade@schrottkatze.de";
|
defaults.email = "jade@schrottkatze.de";
|
||||||
certs = {
|
certs = {
|
||||||
"${vaultwardenSubdomain}.${domain}" = {
|
"vw.schrottkatze.de" = {
|
||||||
group = "nginx";
|
group = "nginx";
|
||||||
keyType = "rsa2048";
|
keyType = "rsa2048";
|
||||||
};
|
};
|
||||||
|
@ -23,7 +20,7 @@ in {
|
||||||
recommendedTlsSettings = true;
|
recommendedTlsSettings = true;
|
||||||
|
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"${vaultwardenSubdomain}.${domain}" = {
|
"vw.schrottkatze.de" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
|
@ -39,6 +36,10 @@ in {
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
"wolke.schrottkatze.de" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
ROCKET_LOG = "debug";
|
ROCKET_LOG = "debug";
|
||||||
ENABLE_WAL = false;
|
ENABLE_WAL = false;
|
||||||
ADMIN_TOKEN = builtins.readFile ../secret-data/vaultwarden-admin-token;
|
ADMIN_TOKEN = builtins.readFile ../secret-data/vaultwarden-admin-token;
|
||||||
DOMAIN = "http://localhost";
|
DOMAIN = "https://vw.schrottkatze.de";
|
||||||
#SMTP_HOST = "mx.example.com";
|
#SMTP_HOST = "mx.example.com";
|
||||||
#SMTP_FROM = "bitwarden@example.com";
|
#SMTP_FROM = "bitwarden@example.com";
|
||||||
#SMTP_FROM_NAME = "Bitwarden_RS";
|
#SMTP_FROM_NAME = "Bitwarden_RS";
|
||||||
|
|
BIN
secret-data/nextcloud-admin-pass
Normal file
BIN
secret-data/nextcloud-admin-pass
Normal file
Binary file not shown.
Loading…
Reference in a new issue