{ config, lib, pkgs, ... }: { options = { server.cloud.nextcloud = { enable = lib.mkEnableOption "enable nextcloud"; port = lib.mkOption { default = 8009; description = "nextcloud port"; }; public = lib.mkEnableOption "make nextcloud public"; subdomain = lib.mkOption { default = "nextcloud"; description = "nextcloud subdomain"; }; }; }; config = { services = { nextcloud = { enable = config.server.cloud.nextcloud.enable; configureRedis = true; package = pkgs.nextcloud33; hostName = "nextcloud-net"; config = { dbtype = "pgsql"; dbuser = "nextcloud"; dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself dbname = "nextcloud"; adminpassFile = "/home/marty/secrets/nextcloud"; adminuser = "admin"; }; settings = { trusted_proxies = [ "localhost" "127.0.0.1" "${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" config.networking.hostName ]; trusted_domains = [ "${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" config.networking.hostName ]; skeletondirectory = ""; preview_ffmpeg_path = "${pkgs.ffmpeg}/bin/ffmpeg"; log_type = "file"; logfile = "nextcloud.log"; loglevel = 0; }; }; postgresql = { enable = true; ensureDatabases = [ "nextcloud" ]; ensureUsers = [ { name = "nextcloud"; ensureDBOwnership = true; } ]; }; nginx = { virtualHosts = { "nextcloud-net".listen = [ { addr = "0.0.0.0"; port = config.server.cloud.nextcloud.port; } ]; "${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" = if config.server.cloud.nextcloud.public then { enableACME = true; forceSSL = true; locations."/" = { proxyPass = "http://127.0.0.1:${toString config.server.cloud.nextcloud.port}"; }; } else { }; }; }; }; systemd.services."nextcloud-setup" = { requires = [ "postgresql.service" ]; after = [ "postgresql.service" ]; }; }; }