Added nextcloud module
This commit is contained in:
parent
89da451d18
commit
d6bf38b497
|
@ -60,6 +60,8 @@ in {
|
|||
};
|
||||
|
||||
networking.firewall = {
|
||||
# TODO: Remove this here and leave it up to systems to decide to enable
|
||||
# the firewall
|
||||
enable = true;
|
||||
allowedTCPPorts = [
|
||||
# Plain DNS
|
||||
|
|
46
modules/services/nextcoud/default.nix
Normal file
46
modules/services/nextcoud/default.nix
Normal file
|
@ -0,0 +1,46 @@
|
|||
{
|
||||
options,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
format,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
cfg = config.aa.services.nextcloud;
|
||||
in {
|
||||
options.aa.services.nextcloud = with types; {
|
||||
enable = mkEnableOption "nextcloud";
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
age.secrets.nextcloud_admin = {
|
||||
file = ../../../secrets/nextcloud_admin.age;
|
||||
owner = "nextcloud";
|
||||
group = "nextcloud";
|
||||
};
|
||||
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud27;
|
||||
hostName = "nextcloud.kilonull.com";
|
||||
https = true;
|
||||
database.createLocally = true;
|
||||
# Arbitrary large size
|
||||
maxUploadSize = "16G";
|
||||
config = {
|
||||
dbtype = "pgsql";
|
||||
adminuser = "alejandro";
|
||||
adminpassFile = config.age.secrets.nextcloud_admin.path;
|
||||
};
|
||||
};
|
||||
|
||||
# nextcloud module configures nginx, just need to specify SSL stuffs here
|
||||
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "kilonull.com";
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [80 443];
|
||||
};
|
||||
}
|
9
secrets/nextcloud_admin.age
Normal file
9
secrets/nextcloud_admin.age
Normal file
|
@ -0,0 +1,9 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 Yk7ehg jGTbLdX/9pfr1mMPZQMfutxjJx82h+fbLR7Aun7b31A
|
||||
pt/Mf1YRNF9PM5HWuz3dC24P9F6n190Nm7zVH/Rz48U
|
||||
-> piv-p256 UIEGzg A+roQyuPNOR0XX+rOn9sgtN7ja6j5h7v0zXQavvj91YH
|
||||
2uhjJwrcMjidT5MRaAL9fLtSGd6+Km4K8FOvQukyhSQ
|
||||
-> o-grease ~&WP )T+8
|
||||
I2ZtPacZkO2VeFhzPEkvZDdXFg
|
||||
--- tGKnzyOnnKkdQKcQxEBx0OltPyhndHDxnveNE07HUTg
|
||||
ª‹ÅœÉ˸*õŽ§¯ <ùÙ\ž´\J0ðÑWašB0u\§Åt¡ØãÞ°Š´m<C2B4>ÛptÕI<C395>=ûN<0C>ÇpŠ
|
|
@ -5,4 +5,5 @@ let
|
|||
machines.node = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETLBnc8kJokmFiA28BaSYpeE7flY1W0SM5C1pWv/tOv";
|
||||
in {
|
||||
"cf_dns_kilonull.age".publicKeys = [users.me machines.node];
|
||||
"nextcloud_admin.age".publicKeys = [users.me machines.node];
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@
|
|||
};
|
||||
services.openssh.enable = true;
|
||||
services.adguardhome.enable = true;
|
||||
services.nextcloud.enable = true;
|
||||
|
||||
system.zfs.enable = true;
|
||||
system.monitoring.enable = true;
|
||||
|
|
Loading…
Reference in a new issue