Configure nextcloud for montalin

2020-10-23 17:35:24 +00:00 · 2020-10-23 17:35:24 +00:00 · f9c7e0ed0c
commit f9c7e0ed0c
parent d5cb513227
6 changed files with 58 additions and 17 deletions
--- a/host/montalin/applications/cloud.nix
+++ b/host/montalin/applications/cloud.nix
@ -1,4 +1,6 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, ... }: let
  host = "chur.fh2.ch";
 in {
  imports = [
@ -6,7 +8,13 @@
  ];
  services.nextcloud = {
-    hostName = "cloud.qo.is";
+    #hostName = "cloud.qo.is";
    hostName = host;
    package = pkgs.nextcloud19;
  };
  services.nginx.virtualHosts."${host}" = {
    forceSSL = true;
    enableACME = true;
  };
 }
--- a/host/montalin/database.nix
+++ b/host/montalin/database.nix
@ -2,10 +2,15 @@
 {
  imports = [
    ../../role/database
  ];
  services.postgresql = {
-    #enable = true; # Required? Better in role?
+    ensureDatabases = [ "nextcloud" ];
-    package = pkgs.postgresql_12;
+    ensureUsers = [
     { name = "nextcloud";
       ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
     }
    ];
  };
  services.postgresqlBackup.enable = true; # TODO: Role?
 }
--- a/host/montalin/networking.nix
+++ b/host/montalin/networking.nix
@ -18,4 +18,6 @@
  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
  networking.firewall.allowedTCPPorts = [ 80 443 ];
 }
--- a/role/base/default.nix
+++ b/role/base/default.nix
@ -8,12 +8,13 @@
  boot.loader.timeout = 2;
  boot.tmpOnTmpfs = true;
-  i18n = {
+  console = {
-    consoleFont = "Lat2-Terminus16";
+    font = "Lat2-Terminus16";
-    consoleKeyMap = "sg-latin1";
+    keyMap = "sg-latin1";
    defaultLocale = "en_US.UTF-8";
  };
  i18n.defaultLocale = "en_US.UTF-8";
  environment.systemPackages = with pkgs; [
    wget
    curl
@ -89,4 +90,10 @@
    gitconfig.source = ./etc/gitconfig;
    vimrc.source = ./etc/vimrc;
  };
  security.acme = {
    acceptTerms = true;
    email = "sysadmin@qo.is";
  };
 }
--- a/role/database/default.nix
+++ b/role/database/default.nix
@ -0,0 +1,11 @@
 { config, pkgs, ... }:
 {
  services.postgresql = {
    enable = true;
    package = pkgs.postgresql_12;
  };
  services.postgresqlBackup.enable = true;
 }
--- a/role/nextcloud/default.nix
+++ b/role/nextcloud/default.nix
@ -2,15 +2,23 @@
 { config, lib, pkgs, ... }:
 {
-  services.nextcloud.config = {
+  services.nextcloud = {
    adminpassFile = "/secrets/nextcloud-admin"; # TODO
    adminuser = "root";
    dbtype = "pgsql";
    dbhost = "/run/postgresql";
    enable = true;
    https = true;
    maxUploadSize = "1G";
    nginx.enable = true;
    webfinger = true;
    nginx.enable = true;
    maxUploadSize = "1G";
    config = {
      adminpassFile = "/secrets/nextcloud-admin"; # TODO
      adminuser = "root";
      dbtype = "pgsql";
      dbhost = "/run/postgresql";
    };
  };
  systemd.services."nextcloud-setup" = {
    requires = ["postgresql.service"];
    after = ["postgresql.service"];
  };
 }