2024-02-02 13:45:05 +01:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
inputs,
|
|
|
|
lib,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}:
|
2022-11-05 14:35:26 +01:00
|
|
|
let
|
2023-06-05 15:46:01 +02:00
|
|
|
cfg = config.services.az-nextcloud;
|
2023-12-28 23:33:39 +01:00
|
|
|
cronService = "${config.virtualisation.oci-containers.backend}-cron";
|
2022-11-05 14:35:26 +01:00
|
|
|
nextcloudEnvironment = {
|
|
|
|
MYSQL_DATABASE = "nextcloud";
|
|
|
|
MYSQL_USER = "nextcloud";
|
|
|
|
MYSQL_HOST = "172.17.0.1";
|
2024-02-02 13:45:05 +01:00
|
|
|
NEXTCLOUD_TRUSTED_DOMAINS = "${cfg.domain} ${config.networking.hostName}.2li.local 10.7.89.103";
|
2022-11-05 14:35:26 +01:00
|
|
|
REDIS_HOST = "redis";
|
|
|
|
SMTP_HOST = "mail.infomaniak.com";
|
|
|
|
SMTP_SECURE = "ssl";
|
|
|
|
SMTP_PORT = "465";
|
|
|
|
};
|
2022-11-05 16:09:17 +01:00
|
|
|
networkName = "nextcloud";
|
2023-03-06 14:25:35 +01:00
|
|
|
# https://github.com/Nebucatnetzer/nextcloud-smb
|
2024-02-02 13:45:05 +01:00
|
|
|
nextcloudImage = "ghcr.io/nebucatnetzer/nextcloud-smb/nextcloud-smb:28.0.1@sha256:2fc015f2844e44e861099474927696244ddb59bcfb3fc7b693468a30543a211e";
|
|
|
|
nextcloudService = "${config.virtualisation.oci-containers.backend}-nextcloud";
|
2023-12-28 23:01:50 +01:00
|
|
|
volumePath = "/mnt/server-data/nextcloud";
|
2024-02-02 13:45:05 +01:00
|
|
|
in
|
|
|
|
{
|
2023-06-05 15:46:01 +02:00
|
|
|
options = {
|
2024-02-02 13:45:05 +01:00
|
|
|
services.az-nextcloud.enable = lib.mkEnableOption "Enable Nextcloud running in a container.";
|
2023-06-05 15:46:01 +02:00
|
|
|
services.az-nextcloud.domain = lib.mkOption {
|
|
|
|
type = lib.types.str;
|
|
|
|
description = "The domain Nextcloud is being run from.";
|
2022-11-12 13:52:34 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2023-06-05 15:46:01 +02:00
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
age.secrets.nextcloudEnv.file = "${inputs.self}/scrts/nextcloud_env.age";
|
2023-05-29 17:10:15 +02:00
|
|
|
|
2023-12-28 23:01:50 +01:00
|
|
|
fileSystems."${volumePath}" = {
|
|
|
|
device = "10.7.89.108:server_data/nextcloud/data";
|
|
|
|
fsType = "nfs";
|
2024-02-02 13:45:05 +01:00
|
|
|
options = [
|
|
|
|
"hard"
|
|
|
|
"noatime"
|
|
|
|
"rw"
|
|
|
|
];
|
2023-12-28 23:01:50 +01:00
|
|
|
};
|
2023-06-05 15:46:01 +02:00
|
|
|
services = {
|
2023-06-05 15:58:28 +02:00
|
|
|
az-acme-base.enable = true;
|
2023-06-05 15:46:01 +02:00
|
|
|
az-docker.enable = true;
|
|
|
|
az-mariadb-for-containers.enable = true;
|
|
|
|
mysql.settings = {
|
|
|
|
mysqld = {
|
|
|
|
innodb_file_per_table = 1;
|
|
|
|
innodb_buffer_pool_size = "2G";
|
|
|
|
read_rnd_buffer_size = "4M";
|
|
|
|
sort_buffer_size = "4M";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
nginx = {
|
|
|
|
appendHttpConfig = ''
|
|
|
|
# Allow embedding from same domain
|
|
|
|
add_header X-Frame-Options SAMEORIGIN;
|
|
|
|
'';
|
|
|
|
clientMaxBodySize = "20G";
|
|
|
|
virtualHosts."${cfg.domain}" = {
|
|
|
|
enableACME = true;
|
|
|
|
forceSSL = true;
|
|
|
|
locations."/" = {
|
|
|
|
proxyPass = "http://127.0.0.1:8080";
|
|
|
|
proxyWebsockets = true; # needed if you need to use WebSocket
|
|
|
|
};
|
|
|
|
extraConfig = ''
|
|
|
|
# Required for large downloads
|
|
|
|
proxy_buffering off;
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
2022-11-05 14:35:26 +01:00
|
|
|
};
|
2023-06-05 15:46:01 +02:00
|
|
|
|
|
|
|
virtualisation.oci-containers = {
|
|
|
|
backend = "docker";
|
|
|
|
containers."nextcloud" = {
|
|
|
|
image = nextcloudImage;
|
|
|
|
autoStart = true;
|
|
|
|
environment = nextcloudEnvironment;
|
|
|
|
environmentFiles = [ config.age.secrets.nextcloudEnv.path ];
|
|
|
|
volumes = [
|
2023-06-19 14:30:20 +02:00
|
|
|
"${inputs.self}/modules/services/nextcloud/custom-php.ini:/usr/local/etc/php/conf.d/zzz-custom.ini:ro"
|
2023-06-05 15:46:01 +02:00
|
|
|
"/etc/localtime:/etc/localtime:ro"
|
2024-01-15 15:03:43 +01:00
|
|
|
"${volumePath}:/var/www/html"
|
2023-06-05 15:46:01 +02:00
|
|
|
];
|
|
|
|
dependsOn = [ "redis" ];
|
|
|
|
extraOptions = [
|
|
|
|
"--add-host=host.docker.internal:host-gateway"
|
|
|
|
"--net=${networkName}"
|
|
|
|
"--log-opt=tag='nextcloud'"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
containers."nginx" = {
|
2024-01-15 16:07:31 +01:00
|
|
|
image = "nginx:1.25.3";
|
2023-06-05 15:46:01 +02:00
|
|
|
autoStart = true;
|
2024-01-01 13:14:24 +01:00
|
|
|
ports = [ "8080:80" ];
|
2023-06-05 15:46:01 +02:00
|
|
|
volumes = [
|
2023-06-19 14:30:20 +02:00
|
|
|
"${inputs.self}/modules/services/nextcloud/nginx.conf:/etc/nginx/nginx.conf:ro"
|
2023-06-05 15:46:01 +02:00
|
|
|
"/etc/localtime:/etc/localtime:ro"
|
2024-01-15 15:03:43 +01:00
|
|
|
"${volumePath}:/var/www/html"
|
2023-06-05 15:46:01 +02:00
|
|
|
];
|
2024-02-02 13:45:05 +01:00
|
|
|
extraOptions = [
|
|
|
|
"--net=${networkName}"
|
|
|
|
"--log-opt=tag='nextcloud-nginx'"
|
|
|
|
];
|
2023-06-05 15:46:01 +02:00
|
|
|
};
|
|
|
|
containers."cron" = {
|
|
|
|
image = nextcloudImage;
|
|
|
|
autoStart = true;
|
|
|
|
environment = nextcloudEnvironment;
|
|
|
|
environmentFiles = [ config.age.secrets.nextcloudEnv.path ];
|
|
|
|
entrypoint = "/cron.sh";
|
|
|
|
dependsOn = [ "redis" ];
|
2024-02-02 13:45:05 +01:00
|
|
|
volumes = [
|
|
|
|
"/etc/localtime:/etc/localtime:ro"
|
|
|
|
"${volumePath}:/var/www/html"
|
|
|
|
];
|
2023-06-05 15:46:01 +02:00
|
|
|
extraOptions = [
|
|
|
|
"--add-host=host.docker.internal:host-gateway"
|
|
|
|
"--net=nextcloud"
|
|
|
|
"--log-opt=tag='nextcloud-cron'"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
containers."redis" = {
|
|
|
|
image = "redis:alpine";
|
|
|
|
autoStart = true;
|
2024-01-15 16:07:21 +01:00
|
|
|
volumes = [ "/etc/localtime:/etc/localtime:ro" ];
|
2024-02-02 13:45:05 +01:00
|
|
|
extraOptions = [
|
|
|
|
"--net=${networkName}"
|
|
|
|
"--log-opt=tag='redis'"
|
|
|
|
];
|
2023-06-05 15:46:01 +02:00
|
|
|
};
|
2022-11-05 14:35:26 +01:00
|
|
|
};
|
2023-06-05 15:46:01 +02:00
|
|
|
system.activationScripts.makeDockerNetwork = ''
|
|
|
|
${pkgs.docker}/bin/docker network ls | ${pkgs.gnugrep}/bin/grep ${networkName} || ${pkgs.docker}/bin/docker network create ${networkName}
|
|
|
|
'';
|
2022-11-05 14:35:26 +01:00
|
|
|
|
2024-02-01 20:18:32 +01:00
|
|
|
systemd.services.nextcloud-previews = {
|
2024-02-02 13:45:05 +01:00
|
|
|
serviceConfig = {
|
|
|
|
Type = "oneshot";
|
|
|
|
};
|
2024-01-15 16:35:23 +01:00
|
|
|
script = ''
|
|
|
|
${pkgs.docker}/bin/docker exec -u www-data nextcloud php occ preview:pre-generate
|
|
|
|
'';
|
|
|
|
};
|
2024-01-17 08:03:30 +01:00
|
|
|
systemd.timers.nextcloud-previews = {
|
2024-01-15 16:35:23 +01:00
|
|
|
wantedBy = [ "timers.target" ];
|
2024-01-16 06:42:03 +01:00
|
|
|
timerConfig.OnCalendar = "*:0/10";
|
2024-01-15 16:35:23 +01:00
|
|
|
};
|
2024-01-17 08:03:30 +01:00
|
|
|
|
2023-06-05 15:46:01 +02:00
|
|
|
environment.shellAliases = {
|
2024-01-01 13:14:24 +01:00
|
|
|
occ = "${pkgs.docker}/bin/docker exec -u www-data nextcloud php occ";
|
2023-06-05 15:46:01 +02:00
|
|
|
};
|
2024-02-02 13:45:05 +01:00
|
|
|
systemd.services.${nextcloudService}.after = [
|
|
|
|
"mysql.service"
|
|
|
|
"nginx.service"
|
|
|
|
];
|
2023-06-05 15:46:01 +02:00
|
|
|
systemd.services.${cronService}.after = [ "mysql.service" ];
|
2022-11-12 15:13:03 +01:00
|
|
|
};
|
2022-11-05 14:35:26 +01:00
|
|
|
}
|