nixos-selfhost/nextcloud.nix

{ self, config, lib, pkgs, ... }: 
let 
domain = "cloud.sondell.org";
nextcloud = pkgs.nextcloud28;
in
{

  environment.systemPackages = [
    nextcloud
  ];
  systemd.timers."nextcloud-db-backup" = {
    wantedBy = [ "timers.target" ];
      timerConfig = {
        # OnBootSec = "5m";
        # OnUnitActiveSec = "5m";
        OnCalendar="*-*-* 2:00:00";
        Unit = "nextcloud-db-backup.service";
      };
  };

  systemd.services."nextcloud-db-backup" = {
    script = with pkgs; ''
      set -eu
      date=$(date --iso-8601)
      ${postgresql}/bin/pg_dump "nextcloud" | ${openssh}/bin/ssh -i /etc/nixos/.secrets/tulpan Glenn@nas "cat - > back/nextcloud/sqldump/$date.sql" 
    '';
    serviceConfig = {
      Type = "oneshot";
      User = "postgres";
    };
  };

  
  services = {
    restic.backups = {
      "nextcloud" = {
        passwordFile = "/etc/nixos/.secrets/restic_pw";
        repository = "sftp:Glenn@nas:/home/back/nextcloud/restic-repo";
        paths = [
          "/pool/var/lib/nextcloud"
        ];
        user = "sondell";
        timerConfig.OnCalendar = "02:05";
        pruneOpts = [
          "--keep-daily 10"
          "--keep-weekly 5"
          "--keep-monthly 12"
          "--keep-yearly 75"
        ];
      };
    };

  
    nginx.virtualHosts = {
      ${domain} = {
        forceSSL = true;
        enableACME = true;
        # Use DNS Challenege.
        # acmeRoot = null;
      };
    };
    postgresql.enable = true;
    # 
    nextcloud = {
      enable = true;
      hostName = domain;
      # Need to manually increment with every major upgrade.
      package = nextcloud;
      # Let NixOS install and configure the database automatically.
      database.createLocally = true;
      # Increase the maximum file upload size.
      datadir="/pool/var/lib/nextcloud";
      
      maxUploadSize = "16G";
      https = true;
      autoUpdateApps.enable = true;
      extraAppsEnable = true;
      # Let NixOS install and configure Redis caching automatically.
      configureRedis = true;
      settings = {
        maintenance_window_start = 1;
      };
      extraOptions = {
       #  redis = {
       #     # host = "/run/redis/redis.sock";
       #     port = 0;
       #     dbindex = 0;
       #     password = "secret";
       #     timeout = 1.5;
       # };
      };
      extraApps = with config.services.nextcloud.package.packages.apps; {
        # List of apps we want to install and are already packaged in
        # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
        inherit mail calendar contacts notes onlyoffice tasks cookbook;
      };
      config = {
        overwriteProtocol = "https";
        defaultPhoneRegion = "SE";
        dbtype = "pgsql";
        adminuser = "admin";
        adminpassFile = "/etc/nixos/.secrets/nextadminpw";
      };
      # Suggested by Nextcloud's health check.
      phpOptions."opcache.interned_strings_buffer" = "16";
    };
    # Nightly database backups.
    # postgresqlBackup = {
    #   enable = true;
    #   startAt = "*-*-* 01:15:00";
    # };
  };
  services.onlyoffice = {
    enable = true;
    port = 8123;
    hostname = "office.sondell.org";
  };
  services.nginx.virtualHosts."office.sondell.org" = {
    forceSSL = true;
    enableACME = true;
  #   locations."/".proxyPass = "http://12:8123";
  };
}