{ self, config, lib, pkgs, ... }: let domain = "cloud.sondell.org"; nextcloud = pkgs.nextcloud28; in { environment.systemPackages = [ nextcloud ]; systemd.timers."nextcloud-db-backup" = { wantedBy = [ "timers.target" ]; timerConfig = { # OnBootSec = "5m"; # OnUnitActiveSec = "5m"; OnCalendar="*-*-* 2:00:00"; Unit = "nextcloud-db-backup.service"; }; }; systemd.services."nextcloud-db-backup" = { script = with pkgs; '' set -eu ${postgresql}/bin/pg_dump "nextcloud" | ${openssh}/bin/ssh -i /etc/nixos/.secrets/tulpan Glenn@nas "cat - > back/nextcloud/latest.sql" ''; serviceConfig = { Type = "oneshot"; User = "postgres"; }; }; services = { restic.backups = { "diskstation423" = { passwordFile = "/etc/nixos/.secrets/restic_pw"; repository = "sftp:Glenn@nas:/home/back/nextcloud/restic-repo"; paths = [ "/pool/var/lib/nextcloud" ]; user = "sondell"; timerConfig.onCalendar = "02:05"; }; }; nginx.virtualHosts = { ${domain} = { forceSSL = true; enableACME = true; # Use DNS Challenege. # acmeRoot = null; }; }; postgresql.enable = true; # nextcloud = { enable = true; hostName = domain; # Need to manually increment with every major upgrade. package = nextcloud; # Let NixOS install and configure the database automatically. database.createLocally = true; # Increase the maximum file upload size. datadir="/pool/var/lib/nextcloud"; maxUploadSize = "16G"; https = true; autoUpdateApps.enable = true; extraAppsEnable = true; # Let NixOS install and configure Redis caching automatically. configureRedis = true; settings = { maintenance_window_start = 1; }; extraOptions = { # redis = { # # host = "/run/redis/redis.sock"; # port = 0; # dbindex = 0; # password = "secret"; # timeout = 1.5; # }; }; extraApps = with config.services.nextcloud.package.packages.apps; { # List of apps we want to install and are already packaged in # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json inherit mail calendar contacts notes onlyoffice tasks cookbook; }; config = { overwriteProtocol = "https"; defaultPhoneRegion = "SE"; dbtype = "pgsql"; adminuser = "admin"; adminpassFile = "/etc/nixos/.secrets/nextadminpw"; }; # Suggested by Nextcloud's health check. phpOptions."opcache.interned_strings_buffer" = "16"; }; # Nightly database backups. # postgresqlBackup = { # enable = true; # startAt = "*-*-* 01:15:00"; # }; }; services.onlyoffice = { enable = true; port = 8123; hostname = "office.sondell.org"; }; services.nginx.virtualHosts."office.sondell.org" = { forceSSL = true; enableACME = true; # locations."/".proxyPass = "http://12:8123"; }; }