57 lines
1.2 KiB
Nix
57 lines
1.2 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
age.secrets = {
|
|
"services/nextcloud/admin-password".owner = "nextcloud";
|
|
"services/nextcloud/s3-secret".owner = "nextcloud";
|
|
};
|
|
|
|
services.nextcloud = {
|
|
enable = true;
|
|
package = pkgs.nextcloud29;
|
|
|
|
hostName = "cloud.winston.sh";
|
|
https = true;
|
|
|
|
phpOptions = {
|
|
"opcache.interned_strings_buffer" = "23";
|
|
};
|
|
|
|
extraApps = {
|
|
inherit
|
|
(config.services.nextcloud.package.packages.apps)
|
|
end_to_end_encryption
|
|
previewgenerator
|
|
twofactor_webauthn
|
|
;
|
|
};
|
|
extraAppsEnable = true;
|
|
|
|
config = {
|
|
adminpassFile = config.age.secrets."services/nextcloud/admin-password".path;
|
|
objectstore.s3 = {
|
|
enable = true;
|
|
|
|
# use `s3.winston.sh/bucket` istead of `bucket.s3.winston.sh`
|
|
usePathStyle = true;
|
|
|
|
hostname = "s3.winston.sh";
|
|
useSsl = true;
|
|
region = "eu-central-1";
|
|
bucket = "nextcloud";
|
|
autocreate = false;
|
|
|
|
key = "nextcloud";
|
|
secretFile = config.age.secrets."services/nextcloud/s3-secret".path;
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
|
|
forceSSL = true;
|
|
enableACME = false;
|
|
useACMEHost = "winston.sh";
|
|
};
|
|
}
|