nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles

Browse Source
This commit is contained in:
Lennart J. Kurzweg (Nx2)
2025-01-19 22:09:08 +01:00
parent 9612646c55 94559de7ae
commit 5e34285db2
12 changed files with 236 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
system-modules/nx2site/nextcloud.nix Normal file
View File

@@ -0,0 +1,26 @@
{ config, domain, ... }:
{
sops.secrets = {
"nx2site/nextcloud/admin-pass" = { owner = "nextcloud"; };
"nx2site/nextcloud/db-pass" = { owner = "nextcloud"; };
# "nx2site/nextcloud/users-pass/nx2" = { owner = "nextcloud"; };
};
services = {
nextcloud = {
enable = true;
hostName = "nc.${domain}";
https = true;
configureRedis = true;
config = {
adminpassFile = config.sops.secrets."nx2site/nextcloud/admin-pass".path;
adminuser = "nx2";
dbtype = "pgsql";
# dbhost = config.services.postgresql.settings.port; # using usix socket
dbname = "nextcloud";
dbpassFile = config.sops.secrets."nx2site/nextcloud/db-pass".path;
};
};
};
}

7
system-modules/nx2site/proxy.nix
View File

@@ -136,6 +136,13 @@
listen = dl;
locations = { "/" = { proxyPass = "http://127.0.0.1:8441"; }; };
};
"dav.${domain}" = lib.mkIf config.services.radicale.enable (vh // {
listen = dl;
locations = { "/" = { proxyPass = "http://127.0.0.1:5232"; }; };
});
"nc.${domain}" = vh // {
# directly to nc
};
"~^(.*).${domain}$" = {
listen = dl;
root = "/var/nginx/webroot";

26
system-modules/nx2site/radicale.nix
View File

@@ -1,18 +1,28 @@
{ config, domain, ... }:
{
sops.secrets = {
"nx2site/radicale-htpasswd" = {};
"nx2site/radicale-htpasswd" = {
owner = "radicale";
};
};
services = {
radicale = {
server.hosts = let
port = builtins.toString 5232;
in [ "192.168.178.32:${port}" ];
auth = {
type = "htpasswd";
htpasswd_filename = config.sops.secrets."nx2site/radicale-htpasswd".path;
htpasswd_encryption = "bcrypt";
# is run by user radicale
enable = true;
settings = {
server.hosts = let
port = builtins.toString 5232;
in [
"0.0.0.0:${port}"
"${domain}:${port}"
# "192.168.178.32:${port}"
];
auth = {
type = "htpasswd";
htpasswd_filename = config.sops.secrets."nx2site/radicale-htpasswd".path;
htpasswd_encryption = "bcrypt";
};
};
};
};