{ config, lib, pkgs, namespace, ... }: with lib; let cfg = config.${namespace}.services.nextcloud; adminpass = config.sops.secrets."jallen-nas/nextcloud/adminpassword".path; secretsFile = config.sops.secrets."jallen-nas/nextcloud/smtp_settings".path; jwtSecretFile = config.sops.secrets."jallen-nas/onlyoffice-key".path; hostAddress = "10.0.1.3"; nextcloudPortExtHttp = 9988; nextcloudPortExtHttps = 9943; onlyofficePortExt = 9943; in { imports = [ ./options.nix ]; config = mkIf cfg.enable { services.nginx.virtualHosts."cloud.mjallen.dev".listen = [ { addr = "0.0.0.0"; port = nextcloudPortExtHttp; } ]; # Create required users and groups users.users.nextcloud = { isSystemUser = lib.mkForce true; isNormalUser = lib.mkForce false; group = "nextcloud"; }; users.groups = { nextcloud = { }; downloads = { }; }; services = { opencloud = { enable = true; url = "https://10.0.1.3:9988"; address = "0.0.0.0"; port = nextcloudPortExtHttp; stateDir = "/media/nas/main/nix-app-data/opencloud"; }; onlyoffice = { enable = false; port = onlyofficePortExt; hostname = "office.mjallen.dev"; jwtSecretFile = jwtSecretFile; }; nextcloud = { enable = false; package = pkgs.nextcloud32; home = "/media/nas/main/nix-app-data/nextcloud"; database.createLocally = true; hostName = "cloud.mjallen.dev"; appstoreEnable = false; caching.redis = true; configureRedis = true; enableImagemagick = true; https = true; secretFile = secretsFile; extraApps = { inherit (pkgs.nextcloud32Packages.apps) # app_api # bookmarks mail calendar contacts integration_openai integration_paperless # maps # oidc_login onlyoffice previewgenerator recognize # richdocuments user_oidc ; # inherit # nextcloudPhotos # nextcloudPdfViewer # nextcloudAssist # ; }; config = { adminuser = "mjallen"; adminpassFile = adminpass; dbhost = "localhost"; dbtype = "pgsql"; dbname = "nextcloud"; dbuser = "nextcloud"; }; settings = { log_type = "syslog"; syslog_tag = "nextcloud"; logfile = ""; loglevel = 3; allow_local_remote_servers = true; upgrade.disable-web = false; datadirectory = "/media/nas/main/nextcloud"; trusted_domains = [ "${hostAddress}:${toString nextcloudPortExtHttp}" "${hostAddress}:${toString nextcloudPortExtHttps}" # "${localAddress}:80" # "${localAddress}:8080" # "${localAddress}:443" "cloud.mjallen.dev" ]; opcache.interned_strings_buffer = 16; trusted_proxies = [ hostAddress ]; maintenance_window_start = 6; default_phone_region = "US"; enable_previews = true; enabledPreviewProviders = [ "OC\\Preview\\PNG" "OC\\Preview\\JPEG" "OC\\Preview\\GIF" "OC\\Preview\\BMP" "OC\\Preview\\XBitmap" "OC\\Preview\\MP3" "OC\\Preview\\TXT" "OC\\Preview\\MarkDown" "OC\\Preview\\OpenDocument" "OC\\Preview\\Krita" "OC\\Preview\\HEIC" "OC\\Preview\\Movie" "OC\\Preview\\MSOffice2003" "OC\\Preview\\MSOffice2007" "OC\\Preview\\MSOfficeDoc" ]; installed = true; user_oidc = { auto_provision = false; soft_auto_provision = false; allow_multiple_user_backends = false; # auto redirect to authentik for login }; social_login_auto_redirect = true; }; }; }; }; }