From 0abeadc533e524c2d2787982270d6305b7492405 Mon Sep 17 00:00:00 2001 From: Fabian Hauser Date: Fri, 21 Mar 2025 19:50:44 +0200 Subject: [PATCH] Move nextcloud to nixos-modules --- SUMMARY.md | 2 +- defaults/nextcloud/default.nix | 99 ------------- .../lindberg-nextcloud/applications/cloud.nix | 21 --- .../applications/default.nix | 10 +- .../cloud}/README.md | 0 nixos-modules/cloud/default.nix | 134 ++++++++++++++++++ 6 files changed, 141 insertions(+), 125 deletions(-) delete mode 100644 defaults/nextcloud/default.nix delete mode 100644 nixos-configurations/lindberg-nextcloud/applications/cloud.nix rename {defaults/nextcloud => nixos-modules/cloud}/README.md (100%) create mode 100644 nixos-modules/cloud/default.nix diff --git a/SUMMARY.md b/SUMMARY.md index e1304e8..11fabb0 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -17,7 +17,7 @@ - [E-mail](email.md) - [Git CI Runner](nixos-modules/git-ci-runner/README.md) - [Git Hosting](nixos-modules/git/README.md) -- [Nextcloud](defaults/nextcloud/README.md) +- [Nextcloud](nixos-modules/cloud/README.md) - [Nix Caches](nixos-configurations/lindberg-build/applications/README.md) - [Static Pages](nixos-modules/static-page/README.md) - [VPN](nixos-modules/vpn-server/README.md) diff --git a/defaults/nextcloud/default.nix b/defaults/nextcloud/default.nix deleted file mode 100644 index 3d43d43..0000000 --- a/defaults/nextcloud/default.nix +++ /dev/null @@ -1,99 +0,0 @@ -# Default configuration for hosts -{ - config, - lib, - pkgs, - ... -}: - -{ - - sops.secrets."nextcloud/admin" = with config.users.users.nextcloud; { - inherit group; - owner = name; - }; - - services.postgresql.enable = true; - qois.backup-client.includePaths = [ config.services.nextcloud.home ]; - - services.nextcloud = { - enable = true; - https = true; - webfinger = true; - maxUploadSize = "10G"; - - database.createLocally = true; - - config = { - adminpassFile = config.sops.secrets."nextcloud/admin".path; - adminuser = "root"; - dbtype = "pgsql"; - }; - - appstoreEnable = false; - extraApps = { - inherit (config.services.nextcloud.package.passthru.packages.apps) - calendar - contacts - deck - groupfolders - maps - memories - music - news - notes - notify_push - tasks - twofactor_webauthn - ; - }; - - phpOptions = { - "opcache.interned_strings_buffer" = "23"; - }; - - poolSettings = { - "pm" = "dynamic"; - "pm.max_children" = "256"; - "pm.max_requests" = "500"; - "pm.max_spare_servers" = "16"; - "pm.min_spare_servers" = "2"; - "pm.start_servers" = "8"; - }; - - configureRedis = true; - caching.redis = true; - - notify_push = { - enable = true; - bendDomainToLocalhost = true; - }; - - settings = { - log_type = "syslog"; - syslog_tag = "nextcloud"; - "memories.exiftool" = "${lib.getExe pkgs.exiftool}"; - "memories.vod.ffmpeg" = "${lib.getExe pkgs.ffmpeg-headless}"; - "memories.vod.ffprobe" = "${pkgs.ffmpeg-headless}/bin/ffprobe"; - preview_ffmpeg_path = "${lib.getExe pkgs.ffmpeg-headless}"; - mail_smtpmode = "sendmail"; - mail_domain = "qo.is"; - }; - }; - - services.phpfpm.pools.nextcloud.settings = { - "pm.max_children" = lib.mkForce "256"; - "pm.max_spare_servers" = lib.mkForce "16"; - "pm.start_servers" = lib.mkForce "8"; - }; - - users.users.nextcloud.extraGroups = [ "postdrop" ]; - - systemd.services.nextcloud-cron = { - path = [ pkgs.perl ]; - }; - - environment.systemPackages = with pkgs; [ - nodejs # required for Recognize - ]; -} diff --git a/nixos-configurations/lindberg-nextcloud/applications/cloud.nix b/nixos-configurations/lindberg-nextcloud/applications/cloud.nix deleted file mode 100644 index 8e6b4ff..0000000 --- a/nixos-configurations/lindberg-nextcloud/applications/cloud.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, pkgs, ... }: -let - host = "cloud.qo.is"; -in -{ - - imports = [ ../../../defaults/nextcloud ]; - - services.postgresql.enable = true; - - services.nextcloud = { - hostName = host; - package = pkgs.nextcloud30; - settings.default_phone_region = "CH"; - }; - services.nginx.virtualHosts."${host}" = { - forceSSL = true; - enableACME = true; - kTLS = true; - }; -} diff --git a/nixos-configurations/lindberg-nextcloud/applications/default.nix b/nixos-configurations/lindberg-nextcloud/applications/default.nix index d872c18..9ffe05c 100644 --- a/nixos-configurations/lindberg-nextcloud/applications/default.nix +++ b/nixos-configurations/lindberg-nextcloud/applications/default.nix @@ -1,7 +1,9 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { - - imports = [ ./cloud.nix ]; - qois.postgresql.package = pkgs.postgresql_14; + + qois.cloud = { + enable = true; + package = pkgs.nextcloud30; + }; } diff --git a/defaults/nextcloud/README.md b/nixos-modules/cloud/README.md similarity index 100% rename from defaults/nextcloud/README.md rename to nixos-modules/cloud/README.md diff --git a/nixos-modules/cloud/default.nix b/nixos-modules/cloud/default.nix new file mode 100644 index 0000000..243df13 --- /dev/null +++ b/nixos-modules/cloud/default.nix @@ -0,0 +1,134 @@ +# Default configuration for hosts +{ + config, + lib, + pkgs, + ... +}: + +let + cfg = config.qois.cloud; +in +with lib; +{ + options.qois.cloud = { + enable = mkEnableOption "Enable qois cloud service"; + + domain = mkOption { + type = types.str; + default = "cloud.qo.is"; + description = "Domain, under which the service is served."; + }; + + package = mkOption { + type = types.package; + description = "Which package to use for the Nextcloud instance."; + relatedPackages = [ + "nextcloud28" + "nextcloud29" + "nextcloud30" + ]; + }; + }; + + config = mkIf cfg.enable { + + services.nginx.virtualHosts."${cfg.domain}" = { + forceSSL = true; + enableACME = true; + kTLS = true; + }; + + sops.secrets."nextcloud/admin" = with config.users.users.nextcloud; { + inherit group; + owner = name; + }; + + services.postgresql.enable = true; + qois.backup-client.includePaths = [ config.services.nextcloud.home ]; + + services.nextcloud = { + inherit (cfg) package; + enable = true; + hostName = cfg.domain; + https = true; + webfinger = true; + maxUploadSize = "10G"; + + database.createLocally = true; + + config = { + adminpassFile = config.sops.secrets."nextcloud/admin".path; + adminuser = "root"; + dbtype = "pgsql"; + }; + + appstoreEnable = false; + extraApps = { + inherit (config.services.nextcloud.package.passthru.packages.apps) + calendar + contacts + deck + groupfolders + maps + memories + music + news + notes + notify_push + tasks + twofactor_webauthn + ; + }; + + phpOptions = { + "opcache.interned_strings_buffer" = "23"; + }; + + poolSettings = { + "pm" = "dynamic"; + "pm.max_children" = "256"; + "pm.max_requests" = "500"; + "pm.max_spare_servers" = "16"; + "pm.min_spare_servers" = "2"; + "pm.start_servers" = "8"; + }; + + configureRedis = true; + caching.redis = true; + + notify_push = { + enable = true; + bendDomainToLocalhost = true; + }; + + settings = { + log_type = "syslog"; + syslog_tag = "nextcloud"; + "memories.exiftool" = "${lib.getExe pkgs.exiftool}"; + "memories.vod.ffmpeg" = "${lib.getExe pkgs.ffmpeg-headless}"; + "memories.vod.ffprobe" = "${pkgs.ffmpeg-headless}/bin/ffprobe"; + preview_ffmpeg_path = "${lib.getExe pkgs.ffmpeg-headless}"; + mail_smtpmode = "sendmail"; + mail_domain = "qo.is"; + default_phone_region = "CH"; + }; + }; + + services.phpfpm.pools.nextcloud.settings = { + "pm.max_children" = lib.mkForce "256"; + "pm.max_spare_servers" = lib.mkForce "16"; + "pm.start_servers" = lib.mkForce "8"; + }; + + users.users.nextcloud.extraGroups = [ "postdrop" ]; + + systemd.services.nextcloud-cron = { + path = [ pkgs.perl ]; + }; + + environment.systemPackages = with pkgs; [ + nodejs # required for Recognize + ]; + }; +}