kalipso/infrastructure
1
1
Fork 1
Code Issues 43 Pull Requests 2 Actions Projects 2 Releases Wiki Activity
Files
b3e93349d17de0c1445e21e0c62443850188520f
infrastructure/machines/nextcloud/configuration.nix
kalipso a79afe7dea
All checks were successful
Check flake syntax / flake-check (push) Successful in 8m7s
Details
[nextcloud] enable postgresql backup 
if we need to restore from backup this is necessary since db state from
zfs snapshots might be corrupted
2025-12-10 10:38:27 +01:00

83 lines
2.1 KiB
Nix
Raw Blame History

{ config, self, lib, pkgs, ... }:
with lib;
{
sops.defaultSopsFile = ./secrets.yaml;
sops.secrets = {
nextcloudAdminPass = {
owner = "nextcloud";
group = "nextcloud";
};
};
networking = {
hostName = mkDefault "nextcloud";
useDHCP = false;
};
imports = [
self.nixosModules.malobeo.metrics
../modules/malobeo_user.nix
../modules/sshd.nix
../modules/minimal_tools.nix
../modules/autoupdate.nix
];
malobeo.metrics = {
enable = true;
enablePromtail = true;
logNginx = true;
lokiHost = "10.0.0.14";
};
services.postgresqlBackup = {
enable = true;
};
services.nextcloud = {
enable = true;
package = pkgs.nextcloud31;
hostName = "cloud.malobeo.org";
config.adminpassFile = config.sops.secrets.nextcloudAdminPass.path;
maxUploadSize = "10G";
datadir = "/data/services/nextcloud/";
database.createLocally = true;
config.dbtype = "pgsql";
configureRedis = true;
caching = {
redis = true;
apcu = true;
};
extraAppsEnable = true;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) contacts calendar polls registration collectives forms;
appointments = pkgs.fetchNextcloudApp {
sha256 = "sha256-ls1rLnsX7U9wo2WkEtzhrvliTcWUl6LWXolE/9etJ78=";
url = "https://github.com/SergeyMosin/Appointments/raw/refs/tags/v2.4.3/build/artifacts/appstore/appointments.tar.gz";
license = "agpl3Plus";
};
deck = pkgs.fetchNextcloudApp {
sha256 = "sha256-1sqDmJpM9SffMY2aaxwzqntdjdcUaRySyaUDv9VHuiE=";
url = "https://link.storjshare.io/raw/jw7pf6gct34j3pcqvlq6ddasvdwq/mal/deck.tar.gz";
license = "agpl3Plus";
};
};
settings = {
trusted_domains = ["10.0.0.13"];
trusted_proxies = [ "10.0.0.1" ];
"maintenance_window_start" = "1";
"default_phone_region" = "DE";
};
phpOptions = {
"realpath_cache_size" = "0";
"opcache.interned_strings_buffer" = "32";
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
system.stateVersion = "22.11"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink