mirror of
https://github.com/materusPL/nixos-config
synced 2026-07-02 12:46:42 +00:00
waffentrager: add nextcloud, config: remove private inputs
This commit is contained in:
@@ -7,10 +7,12 @@
|
||||
./mount-acme.nix
|
||||
./gitea.nix
|
||||
./nginx.nix
|
||||
./nextcloud.nix
|
||||
];
|
||||
waffentragerService.elements.enable = true;
|
||||
waffentragerService.postgresql.enable = true;
|
||||
waffentragerService.mount-acme.enable = true;
|
||||
waffentragerService.gitea.enable = true;
|
||||
waffentragerService.nginx.enable = true;
|
||||
waffentragerService.nextcloud.enable = true;
|
||||
}
|
||||
@@ -4,7 +4,7 @@
|
||||
options.waffentragerService.elements.path = lib.mkOption { default = "/var/lib/elements"; };
|
||||
options.waffentragerService.elements.uuid = lib.mkOption { default = "e32039c6-e98d-44b0-8e7d-120994bf7be1"; };
|
||||
options.waffentragerService.elements.postgresqlDir = lib.mkOption { default = "${config.waffentragerService.elements.path}/services/postgresql"; };
|
||||
|
||||
options.waffentragerService.elements.nextcloudDir = lib.mkOption { default = "${config.waffentragerService.elements.path}/services/nextcloud"; };
|
||||
config =
|
||||
let
|
||||
cfg = config.waffentragerService.elements;
|
||||
@@ -24,6 +24,9 @@
|
||||
'' + lib.optionalString config.waffentragerService.postgresql.enable ''
|
||||
mkdir -p ${cfg.postgresqlDir}/${config.waffentragerService.postgresql.version}
|
||||
chown -R postgres:postgres ${cfg.postgresqlDir}
|
||||
'' + lib.optionalString config.waffentragerService.nextcloud.enable ''
|
||||
mkdir -p ${cfg.nextcloudDir}
|
||||
chown -R nextcloud:nextcloud ${cfg.nextcloudDir}
|
||||
''
|
||||
|
||||
;
|
||||
|
||||
@@ -0,0 +1,59 @@
|
||||
{ materusArg, config, lib, pkgs, ... }:
|
||||
{
|
||||
options.waffentragerService.nextcloud.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable nextcloud";
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.waffentragerService.nextcloud;
|
||||
in
|
||||
lib.mkIf cfg.enable {
|
||||
waffentragerService.elements.enable = true;
|
||||
waffentragerService.postgresql.enable = true;
|
||||
waffentragerService.nginx.enable = true;
|
||||
|
||||
sops.secrets.nextcloud-adminpass.owner = config.users.users.nextcloud.name;
|
||||
sops.secrets.nextcloud-adminpass.group = config.users.users.nextcloud.group;
|
||||
|
||||
services.postgresql.ensureDatabases = [ "nextcloud" ];
|
||||
services.postgresql.ensureUsers = [{
|
||||
name = "nextcloud";
|
||||
ensureDBOwnership = true;
|
||||
}];
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
notify_push.enable = true;
|
||||
package = pkgs.nextcloud28;
|
||||
hostName = "waffentrager.materus.pl";
|
||||
home = config.waffentragerService.elements.nextcloudDir;
|
||||
config.adminuser = "master";
|
||||
config.adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
|
||||
config.dbtype = "pgsql";
|
||||
config.defaultPhoneRegion = "PL";
|
||||
config.trustedProxies = [ materusArg.ips.valkyrie materusArg.ips.wireguard.valkyrie materusArg.ips.wireguard.waffentrager ];
|
||||
extraAppsEnable = true;
|
||||
maxUploadSize = "4G";
|
||||
https = true;
|
||||
enableImagemagick = true;
|
||||
configureRedis = true;
|
||||
webfinger = true;
|
||||
appstoreEnable = true;
|
||||
database.createLocally = true;
|
||||
nginx.recommendedHttpHeaders = true;
|
||||
extraApps = { notify_push = pkgs.nextcloud28Packages.apps.notify_push; };
|
||||
extraOptions = {
|
||||
mail_smtpmode = "sendmail";
|
||||
mail_sendmailmode = "pipe";
|
||||
};
|
||||
};
|
||||
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
|
||||
addSSL = true;
|
||||
http2 = false;
|
||||
sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem";
|
||||
sslCertificateKey = "/var/lib/mnt_acme/materus.pl/key.pem";
|
||||
sslCertificate = "/var/lib/mnt_acme/materus.pl/fullchain.pem";
|
||||
extraConfig = ''
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user