nixos-config/services/nextcloud.nix

87 lines
1.8 KiB
Nix
Raw Normal View History

2021-03-23 19:31:59 +01:00
{ lib, config, pkgs, ... }:
# TODO: setup prometheus exporter
let
cfg = config.my.services.nextcloud;
my = config.my;
domain = config.networking.domain;
dbName = "nextcloud";
in
{
options.my.services.nextcloud = {
enable = lib.mkEnableOption "NextCloud";
};
config = lib.mkIf cfg.enable {
services.postgresql = {
enable = true;
ensureDatabases = [ dbName ];
ensureUsers = [
{
name = "nextcloud";
ensurePermissions = {
"DATABASE ${dbName}" = "ALL PRIVILEGES";
};
}
];
};
# not handled by module
systemd.services.nextcloud-setup= {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
2021-03-23 19:31:59 +01:00
services.postgresqlBackup = {
databases = [ dbName ];
};
services.nextcloud = {
enable = true;
hostName = "cloud.${domain}";
https = true;
package = pkgs.nextcloud21;
maxUploadSize = "1G";
config = {
overwriteProtocol = "https";
defaultPhoneRegion = "FR";
dbtype = "pgsql";
dbuser = "nextcloud";
dbname = dbName;
dbhost = "/run/postgresql";
adminuser = my.secrets.nextcloud-admin-user;
adminpass = my.secrets.nextcloud-admin-pass;
};
};
services.nginx = {
virtualHosts = {
"cloud.${domain}" = {
forceSSL = true;
useACMEHost = domain;
2021-03-23 19:31:59 +01:00
};
};
};
my.services.restic-backup = let
nextcloudHome = config.services.nextcloud.home;
in lib.mkIf cfg.enable {
paths = [ nextcloudHome ];
2021-03-24 19:37:00 +01:00
exclude = [
# borg can fail if *.part files disappear during backup
"${nextcloudHome}/data/*/uploads"
2021-03-24 19:37:00 +01:00
# image previews can take up a lot of space
"${nextcloudHome}/data/appdata_*/preview"
2021-03-24 19:37:00 +01:00
];
2021-03-23 19:31:59 +01:00
};
};
}