nixos-selfhost/nextcloud.nix

{ self, config, lib, pkgs, ... }: 
let domain = "cloud.sondell.org";
in
{
  # Based on https://carjorvaz.com/posts/the-holy-grail-nextcloud-setup-made-easy-by-nixos/
  # security.acme = {
  #   acceptTerms = true;
  #   defaults = {
  #     email = "glennpub@proton.me";
  #     dnsProvider = "cloudflare";
  # #     # location of your CLOUDFLARE_DNS_API_TOKEN=[value]
  # #     # https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#EnvironmentFile=
  #     environmentFile = "/REPLACE/WITH/YOUR/PATH";
  #   };
  # };

  services = {
    nginx.virtualHosts = {
      ${domain} = {
        # forceSSL = true;
        # enableACME = true;
        # Use DNS Challenege.
        # acmeRoot = null;
      };
    };
    postgresql.enable = true;
    # 
    nextcloud = {
      enable = true;
      hostName = domain;
      # Need to manually increment with every major upgrade.
      package = pkgs.nextcloud28;
      # Let NixOS install and configure the database automatically.
      database.createLocally = true;
      # Let NixOS install and configure Redis caching automatically.
      configureRedis = true;
      # Increase the maximum file upload size.
      maxUploadSize = "16G";
      https = true;
      autoUpdateApps.enable = true;
      extraAppsEnable = true;
      extraOptions = {
        redis = {
           # host = "/run/redis/redis.sock";
           port = 0;
           dbindex = 0;
           password = "secret";
           timeout = 1.5;
       };
      };
      extraApps = with config.services.nextcloud.package.packages.apps; {
        # List of apps we want to install and are already packaged in
        # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
        inherit mail calendar contacts notes onlyoffice tasks cookbook;
      };
      config = {
        overwriteProtocol = "https";
        # defaultPhoneRegion = "US";
        dbtype = "pgsql";
        adminuser = "admin";
        adminpassFile = "/etc/nixos/.secrets/nextadminpw";
      };
      # Suggested by Nextcloud's health check.
      phpOptions."opcache.interned_strings_buffer" = "16";
    };
    # Nightly database backups.
    # postgresqlBackup = {
    #   enable = true;
    #   startAt = "*-*-* 01:15:00";
    # };
  };
}