2020-03-03 18:45:35 +01:00
|
|
|
{ pkgs, ... }: {
|
2020-03-03 20:09:31 +01:00
|
|
|
|
|
|
|
|
# setup nextcloud in a container
|
|
|
|
|
containers.nextcloud = {
|
|
|
|
|
bindMounts = {
|
|
|
|
|
password = {
|
|
|
|
|
hostPath = toString <secrets/nextcloud/rootpassword>;
|
|
|
|
|
mountPoint = toString <secrets/nextcloud/rootpassword>;
|
|
|
|
|
isReadOnly = true;
|
|
|
|
|
};
|
|
|
|
|
home = {
|
|
|
|
|
hostPath = toString "/home/nextcloud";
|
|
|
|
|
mountPoint = "/var/lib/nextcloud";
|
|
|
|
|
isReadOnly = false;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privateNetwork = true;
|
|
|
|
|
hostAddress = "192.168.100.10";
|
|
|
|
|
localAddress = "192.168.100.11";
|
|
|
|
|
|
|
|
|
|
autoStart = true;
|
|
|
|
|
|
|
|
|
|
config = { config, pkgs, ... }: {
|
|
|
|
|
|
2020-03-05 17:11:47 +01:00
|
|
|
# don't forget the database backup before doing this
|
|
|
|
|
# https://docs.nextcloud.com/server/stable/admin_manual/maintenance/backup.html
|
|
|
|
|
# https://docs.nextcloud.com/server/stable/admin_manual/maintenance/upgrade.html
|
|
|
|
|
# use snapshots in case of a rollback
|
|
|
|
|
nixpkgs.config.packageOverrides = super: {
|
|
|
|
|
nextcloud = super.nextcloud.overrideAttrs (old: rec {
|
|
|
|
|
name = "nextcloud-${version}";
|
|
|
|
|
version = "18.0.1";
|
|
|
|
|
src = super.fetchurl {
|
|
|
|
|
url =
|
|
|
|
|
"https://download.nextcloud.com/server/releases/nextcloud-18.0.1.tar.bz2";
|
|
|
|
|
sha256 = "1h0rxpdssn1hc65k41zbvww9r4f79vbd9bixc9ri5n7hp0say3vp";
|
|
|
|
|
};
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
2020-03-03 20:09:31 +01:00
|
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
|
|
|
networking.firewall.allowedUDPPorts = [ 80 ];
|
|
|
|
|
|
|
|
|
|
services.nextcloud = {
|
|
|
|
|
enable = true;
|
|
|
|
|
autoUpdateApps.enable = true;
|
|
|
|
|
config.adminpassFile = toString <secrets/nextcloud/rootpassword>;
|
|
|
|
|
nginx.enable = true;
|
2020-03-05 06:55:08 +01:00
|
|
|
hostName = "nextcloud.ingolf-wagner.de";
|
2020-03-05 17:11:47 +01:00
|
|
|
#logLevel = 0;
|
2020-03-04 12:06:11 +01:00
|
|
|
config.overwriteProtocol = "https";
|
2020-03-03 20:09:31 +01:00
|
|
|
config.extraTrustedDomains = [
|
|
|
|
|
"nextcloud.ingolf-wagner.de"
|
2020-03-05 06:55:08 +01:00
|
|
|
#"nextcloud.gaykraft.com"
|
2020-03-03 20:09:31 +01:00
|
|
|
"192.168.100.11"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
2020-03-04 13:50:41 +01:00
|
|
|
environment.systemPackages = [ pkgs.smbclient ];
|
2020-03-03 20:09:31 +01:00
|
|
|
};
|
2020-03-03 17:14:21 +01:00
|
|
|
};
|
2020-03-03 18:45:35 +01:00
|
|
|
|
2020-03-03 23:20:34 +01:00
|
|
|
# give containers internet access
|
|
|
|
|
networking.nat.enable = true;
|
|
|
|
|
networking.nat.internalInterfaces = [ "ve-nextcloud" ];
|
|
|
|
|
networking.nat.externalInterface = "eth0";
|
|
|
|
|
|
|
|
|
|
# don't let networkmanager manger container network
|
|
|
|
|
networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
|
|
|
|
|
|
2020-03-03 20:09:31 +01:00
|
|
|
# host nginx setup
|
|
|
|
|
services.nginx = {
|
|
|
|
|
enable = true;
|
2020-03-04 07:37:03 +01:00
|
|
|
recommendedProxySettings = true;
|
2020-03-03 20:09:31 +01:00
|
|
|
virtualHosts = {
|
|
|
|
|
"nextcloud.workhorse.private" = {
|
2020-03-05 06:55:08 +01:00
|
|
|
serverAliases = [
|
|
|
|
|
"nextcloud.ingolf-wagner.de"
|
|
|
|
|
# "nextcloud.gaykraft.com"
|
|
|
|
|
];
|
2020-03-03 20:09:31 +01:00
|
|
|
locations."/" = {
|
|
|
|
|
proxyPass = "http://192.168.100.11";
|
|
|
|
|
extraConfig = ''
|
2020-03-04 12:06:11 +01:00
|
|
|
# allow big uploads
|
|
|
|
|
# -----------------
|
2020-03-04 11:30:45 +01:00
|
|
|
client_max_body_size 0;
|
2020-03-03 20:09:31 +01:00
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2020-03-03 18:45:35 +01:00
|
|
|
|
2020-03-03 17:14:21 +01:00
|
|
|
}
|
