rpqt/flocon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add nextcloud

Browse Source
This commit is contained in:
Romain Paquet
2025-09-12 00:51:16 +02:00
parent b0a539fea4
commit 731c784b70
8 changed files with 99 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
machines/crocus/configuration.nix
View File

@@ -7,6 +7,7 @@
# ./radicle.nix
../../system
../../modules/remote-builder.nix
./nextcloud.nix
./topology.nix
../../modules/unbound.nix
../../modules/unbound-auth.nix

86
machines/crocus/nextcloud.nix Normal file
View File

@@ -0,0 +1,86 @@
{ config, ... }:
let
domain = "home.rpqt.fr";
fqdn = "cloud.${domain}";
in
{
imports = [
../../modules/acme-home.nix
];
services.nextcloud = {
enable = true;
hostName = fqdn;
https = true;
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql";
dbname = "nextcloud";
# admin user is only for the initial setup
adminuser = "root";
adminpassFile = config.clan.core.vars.generators.nextcloud.files.admin-password.path;
objectstore.s3 = {
enable = true;
bucket = "garage";
key = config.clan.core.vars.generators.nextcloud-s3-storage.files.access-key-id.value;
secretFile = config.clan.core.vars.generators.nextcloud-s3-storage.files.access-key-secret.path;
hostname = "127.0.0.1";
port = 3900;
useSsl = false;
region = "garage";
usePathStyle = true;
};
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
};
systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
useACMEHost = domain;
locations."/" = {
proxyPass = "http://127.0.0.1:8080";
proxyWebsockets = true;
};
};
clan.core.vars.generators.nextcloud = {
prompts.admin-password = {
description = "nextcloud admin password";
type = "hidden";
persist = true;
};
files.admin-password.owner = "nextcloud";
};
clan.core.vars.generators.nextcloud-s3-storage = {
prompts.access-key-id = {
description = "s3 access key id";
type = "line";
persist = true;
};
prompts.access-key-secret = {
description = "s3 access key secret";
type = "hidden";
persist = true;
};
files.access-key-id.owner = "nextcloud";
files.access-key-id.secret = false;
files.access-key-secret.owner = "nextcloud";
};
}

2
machines/genepi/configuration.nix
View File

@@ -4,7 +4,6 @@
}:
{
imports = [
./acme.nix
./actual.nix
./boot.nix
./builder.nix
@@ -21,6 +20,7 @@
./taskchampion.nix
./topology.nix
../../modules/acme-home.nix
../../modules/lounge.nix
../../modules/unbound.nix
../../modules/unbound-auth.nix

5
machines/genepi/glance-config.nix
View File

@@ -79,6 +79,11 @@
url = "https://assistant.home.rpqt.fr";
icon = "sh:home-assistant";
}
{
title = "Nextcloud";
url = "https://cloud.home.rpqt.fr";
icon = "sh:nextcloud";
}
];
}
{

2
machines/genepi/acme.nix → modules/acme-home.nix
View File

@@ -1,7 +1,7 @@
{ config, ... }:
{
imports = [
../../modules/gandi.nix
./gandi.nix
];
security.acme = {

5
modules/unbound.nix
View File

@@ -20,6 +20,11 @@ let
"tw"
];
};
crocus = {
subdomains = [
"cloud"
];
};
};
zerotierInterface = "zts7mq7onf";
machinesZerotierIpRecords =

1
vars/per-machine/crocus/nextcloud-s3-storage/access-key-id/machines/crocus
View File

@@ -1 +0,0 @@
../../../../../../sops/machines/crocus

1
vars/per-machine/crocus/nextcloud-s3-storage/access-key-id/machines/crocus Normal file
View File

@@ -0,0 +1 @@
../../../../../../sops/machines/crocus

1
vars/per-machine/crocus/nextcloud-s3-storage/access-key-id/users/rpqt
View File

@@ -1 +0,0 @@
../../../../../../sops/users/rpqt

1
vars/per-machine/crocus/nextcloud-s3-storage/access-key-id/users/rpqt Normal file
View File

@@ -0,0 +1 @@
../../../../../../sops/users/rpqt