Compare commits
4 Commits
c381580cca
...
6f5f70f439
| Author | SHA1 | Date | |
|---|---|---|---|
|
6f5f70f439 | ||
|
|
d40175d4a5 | ||
|
|
34eba60193 | ||
|
|
57230a32c3 |
@@ -1,4 +1,4 @@
|
||||
{ pkgs, inputs, lib, host, ... }:
|
||||
{ pkgs, inputs, host, ... }:
|
||||
{
|
||||
imports = ([
|
||||
inputs.sops-nix.nixosModules.sops
|
||||
@@ -43,6 +43,8 @@
|
||||
./system-modules/postgres.nix
|
||||
./system-modules/nx2site/proxy.nix
|
||||
./system-modules/nx2site/gitea.nix
|
||||
./system-modules/nx2site/radicale.nix
|
||||
# ./system-modules/nx2site/nextcloud.nix
|
||||
./system-modules/nx2site/vaultwarden.nix
|
||||
./system-modules/nx2site/paperless.nix
|
||||
] else []);
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -118,6 +118,7 @@ in
|
||||
efiSupport = true;
|
||||
};
|
||||
};
|
||||
kernelPackages = pkgs-unstable.linuxPackages_6_11;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
26
system-modules/nx2site/nextcloud.nix
Normal file
26
system-modules/nx2site/nextcloud.nix
Normal file
@@ -0,0 +1,26 @@
|
||||
{ config, domain, ... }:
|
||||
{
|
||||
sops.secrets = {
|
||||
"nx2site/nextcloud/admin-pass" = { owner = "nextcloud"; };
|
||||
"nx2site/nextcloud/db-pass" = { owner = "nextcloud"; };
|
||||
# "nx2site/nextcloud/users-pass/nx2" = { owner = "nextcloud"; };
|
||||
};
|
||||
|
||||
services = {
|
||||
nextcloud = {
|
||||
enable = true;
|
||||
hostName = "nc.${domain}";
|
||||
https = true;
|
||||
configureRedis = true;
|
||||
config = {
|
||||
adminpassFile = config.sops.secrets."nx2site/nextcloud/admin-pass".path;
|
||||
adminuser = "nx2";
|
||||
|
||||
dbtype = "pgsql";
|
||||
# dbhost = config.services.postgresql.settings.port; # using usix socket
|
||||
dbname = "nextcloud";
|
||||
dbpassFile = config.sops.secrets."nx2site/nextcloud/db-pass".path;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -136,6 +136,13 @@
|
||||
listen = dl;
|
||||
locations = { "/" = { proxyPass = "http://127.0.0.1:8441"; }; };
|
||||
};
|
||||
"dav.${domain}" = lib.mkIf config.services.radicale.enable (vh // {
|
||||
listen = dl;
|
||||
locations = { "/" = { proxyPass = "http://127.0.0.1:5232"; }; };
|
||||
});
|
||||
"nc.${domain}" = vh // {
|
||||
# directly to nc
|
||||
};
|
||||
"~^(.*).${domain}$" = {
|
||||
listen = dl;
|
||||
root = "/var/nginx/webroot";
|
||||
|
||||
@@ -1,14 +1,23 @@
|
||||
{ config, domain, ... }:
|
||||
{
|
||||
sops.secrets = {
|
||||
"nx2site/radicale-htpasswd" = {};
|
||||
"nx2site/radicale-htpasswd" = {
|
||||
owner = "radicale";
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
radicale = {
|
||||
# is run by user radicale
|
||||
enable = true;
|
||||
settings = {
|
||||
server.hosts = let
|
||||
port = builtins.toString 5232;
|
||||
in [ "192.168.178.32:${port}" ];
|
||||
in [
|
||||
"0.0.0.0:${port}"
|
||||
"${domain}:${port}"
|
||||
# "192.168.178.32:${port}"
|
||||
];
|
||||
auth = {
|
||||
type = "htpasswd";
|
||||
htpasswd_filename = config.sops.secrets."nx2site/radicale-htpasswd".path;
|
||||
@@ -16,4 +25,5 @@
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -26,6 +26,7 @@
|
||||
ensureDatabases = [
|
||||
"gitea"
|
||||
"vaultwarden"
|
||||
"nextcloud"
|
||||
];
|
||||
settings = {
|
||||
port = 5432; # default
|
||||
@@ -44,6 +45,10 @@
|
||||
name = "vaultwarden";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
{
|
||||
name = "nextcloud";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
};
|
||||
postgresqlBackup = {
|
||||
|
||||
@@ -20,6 +20,8 @@
|
||||
"nginx"
|
||||
"adbusers"
|
||||
"postgres"
|
||||
"radicale"
|
||||
"nextcloud"
|
||||
];
|
||||
useDefaultShell = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
|
||||
Reference in New Issue
Block a user