Add a module for nextcloud
This commit is contained in:
parent
246c58e84d
commit
446710c766
|
@ -0,0 +1,5 @@
|
||||||
|
upload_max_filesize=20G
|
||||||
|
post_max_size=20G
|
||||||
|
max_input_time=3600
|
||||||
|
max_execution_time=3600
|
||||||
|
memory_limit=2G
|
|
@ -0,0 +1,62 @@
|
||||||
|
{ custom, domain }: { config, pkgs, ... }:
|
||||||
|
let
|
||||||
|
nextcloudEnvironment = {
|
||||||
|
MYSQL_DATABASE = "nextcloud";
|
||||||
|
MYSQL_USER = "nextcloud";
|
||||||
|
MYSQL_HOST = "172.17.0.1";
|
||||||
|
NEXTCLOUD_TRUSTED_DOMAINS = "nextcloud.2li.ch nextcloud2.2li.local 10.7.89.103";
|
||||||
|
REDIS_HOST = "redis";
|
||||||
|
SMTP_HOST = "mail.infomaniak.com";
|
||||||
|
SMTP_SECURE = "ssl";
|
||||||
|
SMTP_PORT = "465";
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
age.secrets.nextcloudEnv.file = "${custom.inputs.self}/scrts/nextcloud_env.age";
|
||||||
|
|
||||||
|
virtualisation.oci-containers = {
|
||||||
|
backend = "docker";
|
||||||
|
containers."nextcloud" = {
|
||||||
|
image = "nextcloud:25.0.0-apache@sha256:c65b3a099746f9168a594adc84f586a6a40719f50889d7814a6b68f6e183b26b";
|
||||||
|
autoStart = true;
|
||||||
|
environment = nextcloudEnvironment;
|
||||||
|
environmentFiles = [ config.age.secrets.nextcloudEnv.path ];
|
||||||
|
ports = [
|
||||||
|
"8080:80"
|
||||||
|
];
|
||||||
|
volumes = [
|
||||||
|
"${custom.inputs.self}/modules/nextcloud/custom-php.ini:/usr/local/etc/php/conf.d/zzz-custom.ini"
|
||||||
|
];
|
||||||
|
dependsOn = [ "redis" ];
|
||||||
|
extraOptions = [
|
||||||
|
''--mount=type=volume,source=heimdall,target=/var/www/html,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/nextcloud/data,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
|
||||||
|
"--add-host=host.docker.internal:host-gateway"
|
||||||
|
"--net=nextcloud"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
containers."cron" = {
|
||||||
|
image = "nextcloud:25.0.0-apache@sha256:c65b3a099746f9168a594adc84f586a6a40719f50889d7814a6b68f6e183b26b";
|
||||||
|
autoStart = true;
|
||||||
|
environment = nextcloudEnvironment;
|
||||||
|
environmentFiles = [ config.age.secrets.nextcloudEnv.path ];
|
||||||
|
entrypoint = "/cron.sh";
|
||||||
|
dependsOn = [ "redis" ];
|
||||||
|
extraOptions = [
|
||||||
|
''--mount=type=volume,source=heimdall,target=/var/www/html,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/nextcloud/data,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
|
||||||
|
"--add-host=host.docker.internal:host-gateway"
|
||||||
|
"--net=nextcloud"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
containers."redis" = {
|
||||||
|
image = "redis:alpine";
|
||||||
|
autoStart = true;
|
||||||
|
extraOptions = [
|
||||||
|
"--net=nextcloud"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
system.activationScripts.mkVPN = ''
|
||||||
|
${pkgs.docker}/bin/docker network create nextcloud
|
||||||
|
'';
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,34 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-rsa 7S8lxw
|
||||||
|
LdtLRHa5lpaXExtqkC8s2hJ20P+9YI4f2ZZFEkqc0/JozqzEFiP1xeAs8kXXpknf
|
||||||
|
czC0AJpTVbovZysY1CCj+ApPprkjSde/RDFVyaa2DQrncKQdeubAY2GcmGpDup1p
|
||||||
|
McuSIrZ92FuVU/yiBZGSzNeqoujCLoKUra3Y1P+ycrQ04ZBj+sxATAJ92Yba5hJy
|
||||||
|
n2+/Mjdk00VfbZ+Z9oYejTuWNynCmKGhmAfVwFd/PwCN0lZoIxBucY1IwgtR928A
|
||||||
|
v5g3i6pkzPXNMwlBbq5DkuEK6V5Lq3uAad0VeNKqyaDFSURLF4yrSqmdlW4iDm2+
|
||||||
|
IlKtTEHpy7mLK59T8jyZFywDJ+DWywirOC7aZoYZ9UydrrWUyLoDjtfT3+7CTHHU
|
||||||
|
IhODxMWi6/VeHzpSWNayQcCAviSzsHggHPDYsE4kgI5vBUbMn7wy0GfG5sdH7VsO
|
||||||
|
6rVLdEoPk3Y2HYverzarnaeQBuIocgOFT6kLvUdVQYBdl9ttxjNRlCtw1yE9ZENY
|
||||||
|
|
||||||
|
-> ssh-rsa Ws+JZA
|
||||||
|
L2AEPNYGbXZFjyB6mY4I/JMaNWqpa8OObhRXFt8WnugS+U4JCENlJDbrpppTSmn+
|
||||||
|
W0r26wfUyr1di8XSweyhKcVtdgUoFtR/VKuNEKMRK6d1OJ3umRYT3e/sQmM1nIr+
|
||||||
|
2ZPs7aB705MF61zDz1JEdtwh8aH/+/19XnImatLm0Mz6ImoxE8Fn3elm55SEHcs3
|
||||||
|
0bM/06pAkSIWbOgP9iArFkbswG0jPzump5W9tS+UrNCNolaMjitIuSfGR1D41G29
|
||||||
|
kAloVh/iQ5qiWUHSz7NSGQeCVfKNpMC1v1QWWn2Vr9UMXkCiz/1sFOsem/V7PCU6
|
||||||
|
zajq4/E0K5mOXQlIPA0DRKJz9OgsrIB1eGB/bM2KoZzJYDnEiBcL6kRJ8MpQhP1I
|
||||||
|
/2i/fDC7tLu+wOndcgyBfXffCBWADg57JJ70YIanNh05rCeV2+5SgnjcxZxMy4hm
|
||||||
|
mNkpiFAVGdv5XVwcdgYLnhhZjrYnS2gBedwfRDsFKOQHiH2YCbMKcjKHr4daoNWk
|
||||||
|
|
||||||
|
-> ssh-ed25519 skmU/w nuyq5npptM5bas+M3jqpReL/hloZs3g6Kqub0uhrTkE
|
||||||
|
ZmZ2h++VAwAzo9WrM+1XNLOcf1xkhsCXrfxpfs4+fwE
|
||||||
|
-> ssh-ed25519 MpFwoA XOQyrApMRyzujgyiHbZxjOIVHqj9DuJ/at4VK1b4syg
|
||||||
|
0Hz9Z376UtxMQn9WXl8CT/YYC4XSRuywWMTVjwplO+E
|
||||||
|
-> ssh-ed25519 KXqA9w 0KnMs8WH07Quji6wNZDPYd1engQ3Y29BbpT0AryyqVk
|
||||||
|
2ANzfISoBrt0mkeWt89PBaWrKIv0YgVr80upG1f2JyM
|
||||||
|
-> ssh-ed25519 aGyD+A pdzvGvRlUkzv5ZQ8ichKbvRiwFQEK9ATRWcA3oX3Jno
|
||||||
|
tX0gFk+0RXPki7HbIHMj97NQCZfDPCibZ7PWn+E8C9I
|
||||||
|
-> Q:-grease S`l _Ta<]e& (PT)~\
|
||||||
|
vgI4o9Su/jk
|
||||||
|
--- nnHLB07Gyv5bDviSDUjsR4VWuXV6M0UabD56bmGcu24
|
||||||
|
\æ"ÃŒ•„”ýO«°æ}¢ÔžbÇÖÇM–>ÞfèÐ[£æ]׶¶/ç]xfLô±X8^á†5'†æ73”䊯^8Vw»c×Aó—Xzzð-QíNŽöW¨sÀå!–iÿ;»=|Q';{ÌÀ]"ŽÒ¼|`dØRÕ +Þ[’ˆ5j(O¢ù«¢Úºñ>ÁÏŠ¢ÕCŸ7/"Æî¾vAJº’ÆôiL'ÚÒ—ˆ¶Å}2ìÏPÆ+ÜîX(Ùè®óUęܺ5IG©
Єò¶œb´„ö5žN}
|
||||||
|
äS(ÇÞnº0nîlêk,{a<>?>›æÈ;]“=óuãné‰B£†a’U³
`ßî9‘o
|
|
@ -35,6 +35,7 @@ in
|
||||||
{
|
{
|
||||||
"gitea_env.age".publicKeys = defaultKeys ++ [ git ];
|
"gitea_env.age".publicKeys = defaultKeys ++ [ git ];
|
||||||
"infomaniak_env.age".publicKeys = all;
|
"infomaniak_env.age".publicKeys = all;
|
||||||
|
"nextcloud_env.age".publicKeys = defaultKeys ++ [ nextcloud ];
|
||||||
"pihole_env.age".publicKeys = defaultKeys ++ [ pihole ];
|
"pihole_env.age".publicKeys = defaultKeys ++ [ pihole ];
|
||||||
"personal_email.key.age".publicKeys = defaultKeys;
|
"personal_email.key.age".publicKeys = defaultKeys;
|
||||||
"plex_claim.age".publicKeys = defaultKeys ++ [ plex ];
|
"plex_claim.age".publicKeys = defaultKeys ++ [ plex ];
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
{ custom, hostname }: { pkgs, ... }:
|
{ custom, hostname }: { pkgs, ... }:
|
||||||
|
let
|
||||||
|
domain = "nextcloud.2li.ch";
|
||||||
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(import "${custom.inputs.self}/systems/proxmox-vm" {
|
(import "${custom.inputs.self}/systems/proxmox-vm" {
|
||||||
|
@ -11,6 +14,9 @@
|
||||||
})
|
})
|
||||||
(import "${custom.inputs.self}/modules/docker" { inherit custom; })
|
(import "${custom.inputs.self}/modules/docker" { inherit custom; })
|
||||||
"${custom.inputs.self}/modules/mariadb"
|
"${custom.inputs.self}/modules/mariadb"
|
||||||
|
(import "${custom.inputs.self}/modules/nextcloud" {
|
||||||
|
inherit custom domain;
|
||||||
|
})
|
||||||
"${custom.inputs.self}/modules/nginx-acme-base"
|
"${custom.inputs.self}/modules/nginx-acme-base"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -20,7 +26,7 @@
|
||||||
add_header X-Frame-Options SAMEORIGIN;
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
'';
|
'';
|
||||||
clientMaxBodySize = "20G";
|
clientMaxBodySize = "20G";
|
||||||
virtualHosts."nextcloud.2li.ch" = {
|
virtualHosts."${domain}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
|
|
Loading…
Reference in New Issue