Grimmauld/grimm-nix-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add nextcloud

Browse source
This commit is contained in:
Grimmauld 2023-12-30 12:48:12 +00:00
parent ba7db4a16f
commit bea40ce69b
4 changed files with 55 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -29,6 +29,7 @@
./modules/puffer.nix ./modules/puffer.nix
./modules/gitea.nix ./modules/gitea.nix
./modules/grafana.nix ./modules/grafana.nix
./modules/nextcloud.nix
./modules/prometheus.nix ./modules/prometheus.nix
./modules/letsencrypt.nix ./modules/letsencrypt.nix
./modules/fail2ban.nix ./modules/fail2ban.nix

37
modules/nextcloud.nix Normal file
View file

@ -0,0 +1,37 @@
{ pkgs, config, ...} :
let
root_host = "grimmauld.de";
nextcloud_host = "cloud.${root_host}";
nextcloud_port = 8083;
in {
security.acme.certs."${root_host}".extraDomainNames = [ nextcloud_host ];
age.secrets.nextcloud_admin_pass = {
file = ../secrets/nextcloud_admin_pass.age;
owner = "nextcloud";
group = "nextcloud";
mode = "0600";
};
services.nextcloud = {
enable = true;
https = true;
hostName = nextcloud_host;
package = pkgs.nextcloud28;
# extraApps = with config.services.nextcloud.package.packages.apps; [
# news contacts calendar tasks;
# ];
config = {
adminpassFile = config.age.secrets.nextcloud_admin_pass.path;
};
};
services.nginx = {
enable = true;
virtualHosts."${nextcloud_host}" = {
serverName = nextcloud_host;
forceSSL = true;
useACMEHost = root_host;
};
};
}

15
secrets/nextcloud_admin_pass.age Normal file
View file

@ -0,0 +1,15 @@
age-encryption.org/v1
-> ssh-rsa jWbwAg
Q/jX41H5vQpkJf7eEOKeRezpVFRM8NS4puvIrPXE/zUx4DTn38BpSbVuv+PUH/D1
LPAplIAh8JmeXGE9V0LcVX3cvwQ/IwYZ6Iwu82yCBFOv4F4EjbFZsXRjva64m4lj
Nr5vikahk3IVezsMqFn5f46/G5ZCRyPZSlOyojPZ4YA+mZq3g1PuL4Cd/296y0SI
0xNeYG9F8gCEW1iAKKjX5QBLBx/HztgJrYm6MVEK0jRDe1LC1JBWa670smI3ALH5
V1uQbPutsOkuyZw46Nbb9bBYLQLDoKoVmAetj6AIak9p7q4/vzWMEv1zgmHczAMC
7T3zuQ1D2zjS+ePXXhof2ZpBT4yr/hfRtf0V7NhDokFZZOleJE9K3BLkQCVdUTA8
ZSzX2MnZe4OXKXSh+8+KFD37AyR7P0G4eZF5rZJ2IIrdUz6/MFjheKUAQanfg8nm
Uh4YWFu2wyVYy1OYeuSoAhzj8VpGiEa4E1WRA7Hb7AdK9t2JvIIOG5duAWw+qHXY
leh5LKHeTdtEPqEY8QqdcUoEnU+q8DseXGrRJx16aPZgP1trjlDPRWNT9Ko8gIOn
kLctSbJ3v/wv9hI9waEaWw93LCDG6E+MK5pD03f6vKcr6HQoqEMg8+eVzX+dCoa4
AF6DiI1pXrYzjLztPLcUwb7Az/hPFrVrAZ6x7KUq2E4
--- QKrzExwjVrJvMy+dzU0aQ1PCye2SwR4e5ZJXEN/yX6c
˜vú4 Ás/ö¤R"y—RJˆ C?oâ«O]«ä¬aHézêš…âlÀ( y?¡šÀ™à /GM

3
secrets/secrets.nix
View file

@ -6,5 +6,6 @@ in
# "duckdns_token.age".publicKeys = [ contabo_nix_pub ]; # "duckdns_token.age".publicKeys = [ contabo_nix_pub ];
"synapse_db_pass.age".publicKeys = [ contabo_nix_pub ]; "synapse_db_pass.age".publicKeys = [ contabo_nix_pub ];
"synapse_db_pass_prepared.age".publicKeys = [ contabo_nix_pub ]; "synapse_db_pass_prepared.age".publicKeys = [ contabo_nix_pub ];
"grafana_admin_pass".publicKeys = [ contabo_nix_pub ]; "grafana_admin_pass.age".publicKeys = [ contabo_nix_pub ];
"nextcloud_admin_pass.age".publicKeys = [ contabo_nix_pub ];
} }