nixos-config/services/nextcloud.nix

94 lines
2 KiB
Nix

{ lib, config, pkgs, ... }:
# TODO: setup prometheus exporter
let
inherit (lib)
mkEnableOption
mkIf
;
cfg = config.my.services.nextcloud;
my = config.my;
domain = config.networking.domain;
dbName = "nextcloud";
in
{
options.my.services.nextcloud = {
enable = mkEnableOption "NextCloud";
};
config = mkIf cfg.enable {
services.postgresql = {
enable = true;
ensureDatabases = [ dbName ];
ensureUsers = [
{
name = "nextcloud";
ensurePermissions = {
"DATABASE ${dbName}" = "ALL PRIVILEGES";
};
}
];
};
# not handled by module
systemd.services.nextcloud-setup= {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
services.postgresqlBackup = {
databases = [ dbName ];
};
services.nextcloud = {
enable = true;
hostName = "cloud.${domain}";
https = true;
package = pkgs.nextcloud23;
maxUploadSize = "1G";
config = {
overwriteProtocol = "https";
defaultPhoneRegion = "FR";
dbtype = "pgsql";
dbuser = "nextcloud";
dbname = dbName;
dbhost = "/run/postgresql";
adminuser = my.secrets.nextcloud-admin-user;
adminpassFile = "${my.secrets.nextcloud-admin-pass}";
};
};
services.nginx = {
virtualHosts = {
"cloud.${domain}" = {
forceSSL = true;
useACMEHost = domain;
};
};
};
my.services.restic-backup = let
nextcloudHome = config.services.nextcloud.home;
in mkIf cfg.enable {
paths = [ nextcloudHome ];
exclude = [
# borg can fail if *.part files disappear during backup
"${nextcloudHome}/data/*/uploads"
# image previews can take up a lot of space
"${nextcloudHome}/data/appdata_*/preview"
# specific account for huge files I don't care about losing
"${nextcloudHome}/data/misc"
];
};
};
}