{
config,
container,
lib,
pkgs,
...
}: let
cfg = config.container.module.cloud;
postgres = config.container.module.postgres;
proxy = config.container.module.proxy;
in {
options.container.module.cloud = {
enable = lib.mkEnableOption "the file cloud service.";
address = lib.mkOption {
default = "10.1.0.13";
type = lib.types.str;
};
port = lib.mkOption {
default = 80;
type = lib.types.int;
};
domain = lib.mkOption {
default = "cloud.${config.container.domain}";
type = lib.types.str;
};
storage = lib.mkOption {
default = "${config.container.storage}/cloud";
type = lib.types.str;
};
};
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.cloud = container.mkContainer cfg {
bindMounts = {
"/var/lib/nextcloud" = {
hostPath = "${cfg.storage}/data";
isReadOnly = false;
};
};
config = { config, ... }: container.mkContainerConfig cfg {
services.nextcloud = {
enable = true;
hostName = cfg.domain;
# package = pkgs.nextcloud29;
# phpOptions = {
# memory_limit = lib.mkForce "20G";
# };
config = {
adminpassFile = "${pkgs.writeText "NextcloudPassword" "root"}";
adminuser = "root";
dbhost = postgres.address;
dbname = "nextcloud";
dbpassFile = "${pkgs.writeText "NextcloudDbPassword" "nextcloud"}";
dbtype = "pgsql";
dbuser = "nextcloud";
};
extraApps = {
inherit (config.services.nextcloud.package.packages.apps)
contacts calendar onlyoffice;
};
extraAppsEnable = true;
settings = {
allow_local_remote_servers = true;
trusted_domains = [
cfg.address
cfg.domain
];
trusted_proxies = [
proxy.address
];
};
};
# HACK: This is required for TCP postgres connection.
systemd = {
services = {
nextcloud-setup = {
serviceConfig.PrivateNetwork = lib.mkForce false;
wantedBy = lib.mkForce [ ];
};
nextcloud-update-db = {
serviceConfig.PrivateNetwork = lib.mkForce false;
wantedBy = lib.mkForce [ ];
};
};
timers.fixsystemd = {
timerConfig = {
OnBootSec = 5;
Unit = "nextcloud-setup.service";
};
wantedBy = [
"timers.target"
];
};
};
};
};
};
}