nextcloud
This commit is contained in:
parent
b159ff8c4b
commit
f537809a4b
5 changed files with 46 additions and 7 deletions
|
@ -11,6 +11,7 @@
|
|||
../common.nix
|
||||
./proxy.nix
|
||||
./vaultwarden.nix
|
||||
./nextcloud.nix
|
||||
];
|
||||
|
||||
jade = {
|
||||
|
|
37
schrottserver/nextcloud.nix
Normal file
37
schrottserver/nextcloud.nix
Normal file
|
@ -0,0 +1,37 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
config = {
|
||||
dbtype = "pgsql";
|
||||
dbuser = "nextcloud";
|
||||
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
|
||||
dbname = "nextcloud";
|
||||
adminpassFile = "${../secret-data/nextcloud-admin-pass}";
|
||||
adminuser = "root";
|
||||
};
|
||||
package = pkgs.nextcloud25;
|
||||
extraApps = with pkgs.nextcloud25Packages.apps; {
|
||||
inherit bookmarks calendar contacts deck keeweb mail news notes onlyoffice polls tasks twofactor_webauthn;
|
||||
};
|
||||
extraAppsEnable = true;
|
||||
hostName = "wolke.schrottkatze.de";
|
||||
https = true;
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureDatabases = [ "nextcloud" ];
|
||||
ensureUsers = [
|
||||
{ name = "nextcloud";
|
||||
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
# ensure that postgres is running *before* running the setup
|
||||
systemd.services."nextcloud-setup" = {
|
||||
requires = ["postgresql.service"];
|
||||
after = ["postgresql.service"];
|
||||
};
|
||||
}
|
|
@ -1,13 +1,10 @@
|
|||
{ inputs, config, pkgs, ... }:
|
||||
let
|
||||
domain = "schrottkatze.de";
|
||||
vaultwardenSubdomain = "vw";
|
||||
in {
|
||||
{
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "jade@schrottkatze.de";
|
||||
certs = {
|
||||
"${vaultwardenSubdomain}.${domain}" = {
|
||||
"vw.schrottkatze.de" = {
|
||||
group = "nginx";
|
||||
keyType = "rsa2048";
|
||||
};
|
||||
|
@ -23,7 +20,7 @@ in {
|
|||
recommendedTlsSettings = true;
|
||||
|
||||
virtualHosts = {
|
||||
"${vaultwardenSubdomain}.${domain}" = {
|
||||
"vw.schrottkatze.de" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
|
@ -39,6 +36,10 @@ in {
|
|||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
"wolke.schrottkatze.de" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
ROCKET_LOG = "debug";
|
||||
ENABLE_WAL = false;
|
||||
ADMIN_TOKEN = builtins.readFile ../secret-data/vaultwarden-admin-token;
|
||||
DOMAIN = "http://localhost";
|
||||
DOMAIN = "https://vw.schrottkatze.de";
|
||||
#SMTP_HOST = "mx.example.com";
|
||||
#SMTP_FROM = "bitwarden@example.com";
|
||||
#SMTP_FROM_NAME = "Bitwarden_RS";
|
||||
|
|
BIN
secret-data/nextcloud-admin-pass
Normal file
BIN
secret-data/nextcloud-admin-pass
Normal file
Binary file not shown.
Loading…
Reference in a new issue