nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
6157666be9f32e971df4af3be3b11c864237290a
dotfiles/system-modules/nx2site/nextcloud.nix
Lennart J. Kurzweg (Nx2) 6ab89d09b7 email smtp2go&google relay 2
2026-05-04 03:30:43 +02:00

108 lines
3.9 KiB
Nix
Raw Blame History

{ config, pkgs, ... }@all: with all; let
user = "nextcloud";
in {
sops.secrets = let ss = { owner = user; group = user; mode = "600"; }; in {
"nx2site/nextcloud/admin_pass" = ss;
"nx2site/nextcloud/db_pass" = ss;
"nx2site/nextcloud/lennart_pass" = ss;
"nx2site/nextcloud/daniel_pass" = ss;
"nx2site/nextcloud/diane_pass" = ss;
"nx2site/nextcloud/georg_pass" = ss;
"nx2site/nextcloud/tessa_pass" = ss;
"nx2site/smtp2go/nextcloud_api_key" = ss;
};
users.users."${user}" = {
isSystemUser = true;
isNormalUser = false;
group = user;
};
# users.groups."${user}" = {};
users.groups.nextcloud.members = [ "nextcloud" config.services.nginx.user ];
services.nextcloud = {
enable = true;
hostName = "n.${hyper.domain}";
# Need to manually increment with every major upgrade.
package = pkgs.nextcloud33;
# Let NixOS install and configure the database automatically.
# database.createLocally = false;
# Let NixOS install and configure Redis caching automatically.
configureRedis = true;
# Increase the maximum file upload size.
maxUploadSize = "16G";
https = true;
# autoUpdateApps.enable = true;
appstoreEnable = false;
extraAppsEnable = true;
extraApps = with config.services.nextcloud.package.packages.apps; {
inherit calendar contacts notes tasks;
};
settings = {
overwriteProtocol = "https";
default_phone_region = "DE";
# # local
# "mail_smtpmode" = "smtp";
# "mail_smtphost" = "127.0.0.1";
# "mail_smtpport" = 2525;
# "mail_from_address" = "nextcloud";
# "mail_domain" = hyper.domain;
# "mail_smtpsecure" = ""; # = STARTTLS
"mail_smtpmode" = "smtp";
"mail_smtphost" = "mail-eu.smtp2go.com";
"mail_smtpport" = 2525;
"mail_from_address" = "nextcloud";
"mail_domain" = hyper.domain;
"mail_smtpsecure" = ""; # = STARTTLS
"mail_smtpauth" = true;
"mail_smtpauthtype" = "LOGIN";
"mail_smtpname" = "nextcloud@${hyper.domain}";
};
secrets."mail_smtppassword" = config.sops.secrets."nx2site/smtp2go/nextcloud_api_key".path;
# secrets.settings."mail_smtppassword" = config.sops.secrets."nx2site/maddy/nextcloud_password".path;
config = {
adminpassFile = config.sops.secrets."nx2site/nextcloud/admin_pass".path;
dbtype = "pgsql";
adminuser = "nextcloud";
# dbhost = "localhost:5432";
dbhost = "/run/postgresql";
dbname = "nextcloud";
dbuser = "nextcloud";
dbpassFile = config.sops.secrets."nx2site/nextcloud/db_pass".path;
};
phpOptions = {
"memory_limit" = pkgs.lib.mkForce "2G";
"opcache.interned_strings_buffer" = "16";
};
};
systemd.services.nextcloud-ensure-users = let
users = pkgs.lib.mergeAttrsList (pkgs.lib.map (name: {
"${name}" = {
email = "${name}@nx2.site";
passwordFile = config.sops.secrets."nx2site/nextcloud/${name}_pass".path;
};
}) [ "lennart" "daniel" "diane" "georg" "tessa" ]);
in {
enable = true;
script = let occ = "${config.services.nextcloud.occ}/bin/nextcloud-occ"; in /* bash */ ''
${pkgs.lib.optionalString (users != {}) ''
${pkgs.lib.concatStringsSep "\n" (pkgs.lib.mapAttrsToList (name: cfg: ''
if ${occ} user:info "${name}" | grep "user not found"; then
export OC_PASS="$(cat ${pkgs.lib.escapeShellArg cfg.passwordFile})"
${occ} user:add --password-from-env "${name}"
fi
${pkgs.lib.optionalString (cfg.email != null) ''
${occ} user:setting "${name}" settings email "${cfg.email}"
''}
'') users)}
''}
'';
wantedBy = [ "multi-user.target" ];
after = [ "nextcloud-setup.service" ];
};
services.phpfpm.pools.nextcloud.settings = pkgs.lib.mkIf config.services.nextcloud.enable {
"listen.owner" = config.services.nginx.user;
"listen.group" = config.services.nginx.group;
};
}
Reference in New Issue View Git Blame Copy Permalink