{ pkgs, ... }: { # setup nextcloud in a container containers.nextcloud = { bindMounts = { password = { hostPath = toString ; mountPoint = toString ; isReadOnly = true; }; home = { hostPath = toString "/home/nextcloud"; mountPoint = "/var/lib/nextcloud"; isReadOnly = false; }; }; privateNetwork = true; hostAddress = "192.168.100.10"; localAddress = "192.168.100.11"; autoStart = true; config = { config, pkgs, ... }: { # don't forget the database backup before doing this # https://docs.nextcloud.com/server/stable/admin_manual/maintenance/backup.html # https://docs.nextcloud.com/server/stable/admin_manual/maintenance/upgrade.html # use snapshots in case of a rollback nixpkgs.config.packageOverrides = super: { nextcloud = super.nextcloud.overrideAttrs (old: rec { name = "nextcloud-${version}"; version = "18.0.1"; src = super.fetchurl { url = "https://download.nextcloud.com/server/releases/nextcloud-18.0.1.tar.bz2"; sha256 = "1h0rxpdssn1hc65k41zbvww9r4f79vbd9bixc9ri5n7hp0say3vp"; }; }); }; networking.firewall.allowedTCPPorts = [ 80 ]; networking.firewall.allowedUDPPorts = [ 80 ]; services.nextcloud = { enable = true; autoUpdateApps.enable = true; config.adminpassFile = toString ; nginx.enable = true; hostName = "nextcloud.ingolf-wagner.de"; #logLevel = 0; config.overwriteProtocol = "https"; config.extraTrustedDomains = [ "nextcloud.ingolf-wagner.de" #"nextcloud.gaykraft.com" "192.168.100.11" ]; }; environment.systemPackages = [ pkgs.smbclient ]; }; }; # give containers internet access networking.nat.enable = true; networking.nat.internalInterfaces = [ "ve-nextcloud" ]; networking.nat.externalInterface = "eth0"; # don't let networkmanager manger container network networking.networkmanager.unmanaged = [ "interface-name:ve-*" ]; # host nginx setup services.nginx = { enable = true; recommendedProxySettings = true; virtualHosts = { "nextcloud.workhorse.private" = { serverAliases = [ "nextcloud.ingolf-wagner.de" # "nextcloud.gaykraft.com" ]; locations."/" = { proxyPass = "http://192.168.100.11"; extraConfig = '' # allow big uploads # ----------------- client_max_body_size 0; ''; }; }; }; }; }