{ pkgs, ... }: { # setup nextcloud in a container containers.nextcloud = { bindMounts = { password = { hostPath = toString ; mountPoint = toString ; isReadOnly = true; }; home = { hostPath = toString "/home/nextcloud"; mountPoint = "/var/lib/nextcloud"; isReadOnly = false; }; }; privateNetwork = true; hostAddress = "192.168.100.10"; localAddress = "192.168.100.11"; autoStart = true; config = { config, pkgs, ... }: { networking.firewall.allowedTCPPorts = [ 80 ]; networking.firewall.allowedUDPPorts = [ 80 ]; services.nextcloud = { enable = true; autoUpdateApps.enable = true; config.adminpassFile = toString ; nginx.enable = true; hostName = "nextcloud.workhorse.private"; logLevel = 0; config.extraTrustedDomains = [ "nextcloud.ingolf-wagner.de" "nextcloud.gaykraft.com" "192.168.100.11" ]; }; environment.systemPackages = [ pkgs.smbclient ]; }; }; # host nginx setup services.nginx = { enable = true; virtualHosts = { "nextcloud.workhorse.private" = { locations."/" = { proxyPass = "http://192.168.100.11"; extraConfig = '' sub_filter "192.168.100.11" "nextcloud.workhorse.private"; client_max_body_size 0; ''; }; }; }; }; }