nix/container/Cloud.nix

{ container, pkgs, lib, config, ... } @args: with lib; let
	cfg = config.container.module.cloud;

	postgres = config.container.module.postgres;
	proxy    = config.container.module.proxy;
in {
	options = {
		container.module.cloud = {
			enable = mkEnableOption "File cloud service";
			address = mkOption {
				default = "10.1.0.13";
				type    = types.str;
			};
			port = mkOption {
				default = 80;
				type    = types.int;
			};
			domain = mkOption {
				default = "cloud.${config.container.domain}";
				type    = types.str;
			};
			storage = mkOption {
				default = "${config.container.storage}/cloud";
				type    = types.str;
			};
		};
	};

	config = mkIf cfg.enable {
		systemd.tmpfiles.rules = container.mkContainerDir cfg [
			"data"
		];

		containers.cloud = container.mkContainer cfg {
			bindMounts = {
				"/var/lib/nextcloud" = {
					hostPath   = "${cfg.storage}/data";
					isReadOnly = false;
				};
			};

			config = { config, ... }: container.mkContainerConfig cfg {
				services.nextcloud = {
					enable = true;
					# package = pkgs.nextcloud29;
					hostName = cfg.domain;
					# phpOptions = {
					# 	memory_limit = lib.mkForce "20G";
					# };
					config = {
						adminuser     = "root";
						adminpassFile = "${pkgs.writeText "NextcloudPassword" "root"}";

						dbhost     = postgres.address;
						dbname     = "nextcloud";
						dbpassFile = "${pkgs.writeText "NextcloudDbPassword" "nextcloud"}";
						dbtype     = "pgsql";
						dbuser     = "nextcloud";
					};
					extraApps = {
						inherit (config.services.nextcloud.package.packages.apps) contacts calendar onlyoffice;
					};
					extraAppsEnable = true;
					settings = {
						trusted_domains = [ cfg.address cfg.domain ];
						trusted_proxies = [ proxy.address ];
						allow_local_remote_servers = true;
					};
				};
			};
		};
	};
}