blob: 909fb307c3d3409c4689455f793633f7c2fc2447 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.modules.services.nextcloud;
in
{
options.modules.services.nextcloud = {
enable = mkEnableOption "Nextcloud instance";
domain = mkOption { type = types.str; };
realHost = mkOption { type = types.str; default = "nextcloud.${cfg.domain}"; };
ssl = {
enable = mkEnableOption "SSL for the instance";
acmeHost = mkOption {
type = types.nullOr types.str;
default = null;
description = "ACMEHost for the certificate";
};
};
secrets = {
admin-pass = mkOption { type = types.path; };
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.ssl.enable -> cfg.ssl.acmeHost != null;
message = "ssl.acmeHost must be set when enabling SSL";
}
];
services.nextcloud = {
enable = true;
package = pkgs.nextcloud28;
database.createLocally = true;
hostName = cfg.realHost;
nginx.recommendedHttpHeaders = true;
maxUploadSize = "512G";
https = cfg.ssl.enable;
home = "/smol/core/nextcloud";
enableImagemagick = true;
caching = {
apcu = true;
redis = true;
memcached = true;
};
configureRedis = true;
phpOptions = {
# Fix opcache "buffer is almost full"
"opcache.interned_strings_buffer" = 16;
"opcache.jit" = 1255;
"opcache.jit_buffer_size" = "128M";
max_execution_time = 3600;
max_input_time = 3600;
};
extraApps = with config.services.nextcloud.package.packages.apps; {
inherit
memories
contacts
calendar
tasks
bookmarks
deck
forms;
};
autoUpdateApps = {
enable = true;
startAt = "03:00";
};
extraOptions = {
# Required for Logging App to function
log_type = "file";
enabledPreviewProviders = [
''OC\Preview\Image'' # alias for png,jpeg,gif,bmp
''OC\Preview\HEIC''
''OC\Preview\TIFF''
''OC\Preview\Movie''
];
"memories.exiftool" = lib.getExe pkgs.exiftool;
"memories.ffmpeg_path" = lib.getExe' pkgs.ffmpeg-headless "ffmpeg";
"memories.ffprobe_path" = lib.getExe' pkgs.ffmpeg-headless "ffprobe";
"memories.vod.ffmpeg" = lib.getExe' pkgs.ffmpeg-headless "ffmpeg";
"memories.vod.ffprobe" = lib.getExe' pkgs.ffmpeg-headless "ffprobe";
};
config = {
dbtype = "pgsql";
adminuser = "admin";
adminpassFile = cfg.secrets.admin-pass;
};
};
services.nginx.virtualHosts.${cfg.realHost} = mkIf cfg.ssl.enable {
forceSSL = true;
useACMEHost = cfg.ssl.acmeHost;
};
services.postgresqlBackup.enable = true;
environment.persistence."/persist".directories = [
"/var/lib/postgresql"
"/var/backup/postgresql"
];
systemd.services.nextcloud-cron = {
path = with pkgs; [ perl ];
# preStart = "${pkgs.coreutils}/bin/chmod +x ${config.services.nextcloud.home}/store-apps/memories/bin-ext/*";
};
};
}
|