mirror of
https://github.com/Death916/nixconfig.git
synced 2026-04-10 02:54:39 -07:00
qbit config
This commit is contained in:
death916
parent
336297ee15
commit
cf4ed25374
2 changed files with 41 additions and 23 deletions
|
|
@ -1,5 +1,10 @@
|
|||
# ~/nixconfig/modules/nextcloud-setup.nix
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
nextcloudExternalDomain = "cloud.death916.xyz"; # Domain used by NPM
|
||||
|
|
@ -20,11 +25,15 @@ in
|
|||
{
|
||||
# --- PostgreSQL & Redis setup ... (as before) ---
|
||||
services.postgresql = {
|
||||
enable = true; package = pkgs.postgresql_14; ensureDatabases = [ "nextcloud" ];
|
||||
enable = true;
|
||||
package = pkgs.postgresql_14;
|
||||
ensureDatabases = [ "nextcloud" ];
|
||||
ensureUsers = [ { name = "nextcloud"; } ];
|
||||
};
|
||||
services.redis.servers.nextcloud = {
|
||||
enable = true; user = "nextcloud"; unixSocket = "/run/redis-nextcloud/redis.sock";
|
||||
enable = true;
|
||||
user = "nextcloud";
|
||||
unixSocket = "/run/redis-nextcloud/redis.sock";
|
||||
port = 0;
|
||||
};
|
||||
systemd.tmpfiles.rules = [ "d /run/redis-nextcloud 0750 nextcloud nextcloud - -" ];
|
||||
|
|
@ -33,40 +42,44 @@ in
|
|||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud31; # Verify this version
|
||||
|
||||
|
||||
# For the path through NPM, hostName should match the external domain.
|
||||
# For direct Tailscale access, users will use the Tailscale IP/MagicDNS name.
|
||||
hostName = nextcloudExternalDomain;
|
||||
|
||||
hostName = nextcloudExternalDomain;
|
||||
|
||||
https = false; # NPM handles HTTPS. Nextcloud serves HTTP internally.
|
||||
datadir = nextcloudDataPath;
|
||||
maxUploadSize = "2G";
|
||||
|
||||
config = {
|
||||
dbtype = "pgsql"; dbuser = "nextcloud"; dbhost = "/run/postgresql";
|
||||
dbname = "nextcloud"; dbpassFile = dbPassFilePath;
|
||||
adminuser = "death916"; adminpassFile = adminPassFilePath;
|
||||
dbtype = "pgsql";
|
||||
dbuser = "nextcloud";
|
||||
dbhost = "/run/postgresql";
|
||||
dbname = "nextcloud";
|
||||
dbpassFile = dbPassFilePath;
|
||||
adminuser = "death916";
|
||||
adminpassFile = adminPassFilePath;
|
||||
};
|
||||
|
||||
settings = {
|
||||
# --- Trusted Domains: CRITICAL ---
|
||||
# Add all ways Nextcloud will be accessed.
|
||||
trusted_domains = [
|
||||
nextcloudExternalDomain # For access via NPM
|
||||
homelabTailscaleIP # For direct access via Tailscale IP
|
||||
homelabMagicDNSName # For direct access via Tailscale MagicDNS name
|
||||
nextcloudExternalDomain # For access via NPM
|
||||
homelabTailscaleIP # For direct access via Tailscale IP
|
||||
homelabMagicDNSName # For direct access via Tailscale MagicDNS name
|
||||
# "localhost" # If you run occ commands directly on homelab
|
||||
];
|
||||
|
||||
|
||||
# --- Trusted Proxies: For NPM path ---
|
||||
trusted_proxies = [ nginxProxyManagerTailscaleIP ];
|
||||
trusted_proxies = [ nginxProxyManagerTailscaleIP ];
|
||||
|
||||
# --- Overwrite Parameters: Primarily for the NPM path ---
|
||||
# These tell Nextcloud how it looks when accessed via NPM (HTTPS, external domain).
|
||||
# When accessed directly via Tailscale IP/MagicDNS name over HTTP, these *might*
|
||||
# cause Nextcloud to generate HTTPS links, which could be an issue if you haven't
|
||||
# set up HTTPS directly on the homelab Tailscale interface.
|
||||
overwriteprotocol = "https";
|
||||
overwriteprotocol = "https";
|
||||
overwritehost = nextcloudExternalDomain;
|
||||
"overwrite.cli.url" = "https://${nextcloudExternalDomain}"; # For occ commands
|
||||
|
||||
|
|
@ -81,15 +94,21 @@ in
|
|||
"memcache.distributed" = "\\OC\\Memcache\\Redis";
|
||||
"memcache.locking" = "\\OC\\Memcache\\Redis";
|
||||
filelocking.enabled = true;
|
||||
redis = { host = "/run/redis-nextcloud/redis.sock"; port = 0; };
|
||||
redis = {
|
||||
host = "/run/redis-nextcloud/redis.sock";
|
||||
port = 0;
|
||||
};
|
||||
};
|
||||
|
||||
caching.redis = true;
|
||||
phpOptions = lib.mkForce { "memory_limit" = "2G"; };
|
||||
|
||||
caching.redis = true;
|
||||
phpOptions = lib.mkForce { "memory_limit" = "4G"; };
|
||||
};
|
||||
|
||||
users.users.nextcloud = { isSystemUser = true; group = "nextcloud"; };
|
||||
users.groups.nextcloud = {};
|
||||
users.users.nextcloud = {
|
||||
isSystemUser = true;
|
||||
group = "nextcloud";
|
||||
};
|
||||
users.groups.nextcloud = { };
|
||||
|
||||
# Firewall on homelab:
|
||||
# Allows NPM (and direct Tailscale clients) to connect to Nextcloud's internal HTTP port.
|
||||
|
|
@ -97,4 +116,3 @@ in
|
|||
# this is mainly for Tailscale access.
|
||||
networking.firewall.allowedTCPPorts = [ internalNextcloudHttpPort ]; # Port 80
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -186,7 +186,7 @@
|
|||
|
||||
services.qbittorrent = {
|
||||
enable = true;
|
||||
dataDir = "/media/storage/media/downloads";
|
||||
dataDir = "/storage/services/qbittorrent/config";
|
||||
|
||||
user = "qbittorrent";
|
||||
group = "qbittorrent";
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue