death916/nixconfig
1
0
Fork 0
mirror of https://github.com/Death916/nixconfig.git synced 2026-04-10 02:54:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
nixconfig/modules/nextcloud-setup.nix
death916 e0ddb57588 domains
2025-05-12 11:52:26 +00:00

69 lines
2 KiB
Nix
Raw Blame History

# ~/nixconfig/nextcloud-local-setup.nix
{ config, pkgs, lib, ... }:
let
nextcloudInternalHostName = "homelab";
# Define the paths to your externally managed password files
adminPassFilePath = "/etc/nixos/secrets/nextcloud_admin_password";
dbPassFilePath = "/etc/nixos/secrets/nextcloud_db_password";
nextcloudDataPath = "/storage/nextcloud-data";
in
{
# --- PostgreSQL Database for Nextcloud ---
services.postgresql = {
enable = true;
package = pkgs.postgresql_14;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [ { name = "nextcloud"; } ];
};
# --- Redis for Nextcloud Caching and Locking ---
services.redis.servers.nextcloud = {
enable = true;
user = "nextcloud";
unixSocket = "/run/redis-nextcloud/redis.sock";
port = 0;
};
systemd.tmpfiles.rules = [
"d /run/redis-nextcloud 0750 nextcloud nextcloud - -"
];
# --- Nextcloud Service Configuration ---
services.nextcloud = {
enable = true;
package = pkgs.nextcloud31;
hostName = nextcloudInternalHostName;
https = false;
# port = 8080;
datadir = nextcloudDataPath;
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql";
dbname = "nextcloud";
dbpassFile = dbPassFilePath; # Points to your external file
#dataDir = nextcloudDataPath; # Points to your external data directory
adminuser = "death916";
adminpassFile = adminPassFilePath; # Points to your external file
trusted_domains = ["cloud.death916.xyz" "homelab"]
# overwriteprotocol = "http";
};
caching.redis = true;
settings = {
memcache.distributed = "\\OC\\Memcache\\Redis";
memcache.locking = "\\OC\\Memcache\\Redis";
filelocking.enabled = true;
redis = { host = "/run/redis-nextcloud/redis.sock"; port = 0; };
};
phpOptions = lib.mkForce { "memory_limit" = "2G"; };
};
users.users.nextcloud = { isSystemUser = true; group = "nextcloud"; };
users.groups.nextcloud = {};
networking.firewall.allowedTCPPorts = [ 8080 ];
}
Reference in a new issue View git blame Copy permalink