dachxy/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-conf/system/modules/nextcloud.nix
DACHXY b8a31b6264 feat: mailserver
2025-08-14 12:30:17 +08:00

184 lines
4.8 KiB
Nix
Raw Blame History

{
hostname,
datadir ? null,
dataBackupPath ? null,
dbBackupPath ? null,
https ? true,
}:
{
config,
pkgs,
lib,
...
}:
let
nextcloudPkg = pkgs.nextcloud31.overrideAttrs (oldAttr: rec {
caBundle = config.security.pki.caBundle;
postPatch = ''
cp ${caBundle} resources/config/ca-bundle.crt
'';
});
in
{
imports = [
"${
fetchTarball {
url = "https://github.com/onny/nixos-nextcloud-testumgebung/archive/fa6f062830b4bc3cedb9694c1dbf01d5fdf775ac.tar.gz";
sha256 = "0gzd0276b8da3ykapgqks2zhsqdv4jjvbv97dsxg0hgrhb74z0fs";
}
}/nextcloud-extras.nix"
];
services.postgresql = {
enable = true;
ensureUsers = [
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
ensureDatabases = [
"nextcloud"
];
};
services.nextcloud = {
enable = true;
package = nextcloudPkg;
configureRedis = true;
hostName = hostname;
https = if https then true else false;
datadir = lib.mkIf (datadir != null) datadir;
phpExtraExtensions =
all: with all; [
imagick
];
extraApps = {
inherit (config.services.nextcloud.package.packages.apps)
contacts
calendar
tasks
;
camerarawpreviews = pkgs.fetchNextcloudApp {
url = "https://github.com/ariselseng/camerarawpreviews/releases/download/v0.8.7/camerarawpreviews_nextcloud.tar.gz";
sha256 = "sha256-aiMUSJQVbr3xlJkqOaE3cNhdZu3CnPEIWTNVOoG4HSo=";
license = "agpl3Plus";
};
user_oidc = pkgs.fetchNextcloudApp {
url = "https://github.com/nextcloud-releases/user_oidc/releases/download/v7.2.0/user_oidc-v7.2.0.tar.gz";
sha256 = "sha256-nXDWfRP9n9eH+JGg1a++kD5uLMsXh5BHAaTAOgLI9W4=";
license = "agpl3Plus";
};
};
extraAppsEnable = true;
database.createLocally = true;
config = {
adminpassFile = config.sops.secrets."nextcloud/adminPassword".path;
dbtype = "pgsql";
};
settings = {
allow_local_remote_servers = true;
log_type = "syslog";
enabledPreviewProviders = [
"OC\\Preview\\BMP"
"OC\\Preview\\GIF"
"OC\\Preview\\JPEG"
"OC\\Preview\\Krita"
"OC\\Preview\\MarkDown"
"OC\\Preview\\MP3"
"OC\\Preview\\OpenDocument"
"OC\\Preview\\PNG"
"OC\\Preview\\TXT"
"OC\\Preview\\XBitmap"
"OC\\Preview\\HEIC"
"OC\\Preview\\SVG"
"OC\\Preview\\FONT"
];
};
};
services.nginx.virtualHosts.${hostname} = {
enableACME = true;
forceSSL = true;
};
environment.systemPackages = with pkgs; [
exiftool
];
systemd = {
timers = lib.mkIf (dataBackupPath != null || dbBackupPath != null) {
"nextcloud-backup" = {
enable = true;
description = "Nextcloud backup";
timerConfig = {
OnCalendar = "*-*-* 03:00:00";
Persistent = true;
OnUnitActiveSec = "1d";
AccuracySec = "1h";
Unit = "nextcloud-backup.service";
};
wantedBy = [ "timers.target" ];
};
};
services."nextcloud-backup" = lib.mkIf (dataBackupPath != null || dbBackupPath != null) {
enable = true;
serviceConfig = {
User = "nextcloud";
ExecStart =
let
script = pkgs.writeShellScriptBin "backup" (
''
nextcloudPath="${config.services.nextcloud.datadir}"
if [ ! -d "$nextcloudPath" ]; then
echo "nextcloud path not found: $nextcloudPath"
exit 1
fi
''
+ (
if dataBackupPath != null then
''
backupPath="${dataBackupPath}"
nextcloudBakPath="$backupPath"
if [ ! -d "$backupPath" ]; then
echo "Backup device is not mounted: $backupPath"
exit 1
fi
echo "Start syncing..."
${pkgs.rsync}/bin/rsync -rh --delete "$nextcloudPath" "$nextcloudBakPath"
echo "Data dir backup completed."
''
else
""
)
+ (
if dbBackupPath != null then
''
nextcloudDBBakPath="${dbBackupPath}/nextcloud-db.bak.tar"
if [ ! -d "$nextcloudBakPath" ]; then
mkdir -p "$nextcloudBakPath"
fi
echo "Try backing up database (postgresql)"
${pkgs.postgresql}/bin/pg_dump -F t nextcloud -f "$nextcloudDBBakPath"
echo "Database backup completed."
''
else
""
)
);
in
"${script}/bin/backup";
};
};
};
}
Reference in a new issue View git blame Copy permalink