dot013/spacestation
1
0
Fork 0
Code Issues Pull Requests Activity

feat(abaduh): setup nextcloud instance

Browse Source
This commit is contained in:
Guz
2025-09-16 16:18:06 -03:00
parent 8c8170058e
commit 23fff39cf9
4 changed files with 85 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
abaduh/default.nix
View File

@@ -1,6 +1,7 @@
{...}: { {...}: {
imports = [ imports = [
./adguard.nix ./adguard.nix
./nextcloud.nix
./tailscale.nix ./tailscale.nix
]; ];
} }

65
abaduh/nextcloud.nix Normal file
View File

@@ -0,0 +1,65 @@
{
config,
pkgs,
...
}: let
cfg = config.services.nextcloud;
in {
imports = [
"${fetchTarball {
url = "https://github.com/onny/nixos-nextcloud-testumgebung/archive/fa6f062830b4bc3cedb9694c1dbf01d5fdf775ac.tar.gz";
sha256 = "0gzd0276b8da3ykapgqks2zhsqdv4jjvbv97dsxg0hgrhb74z0fs";
}}/nextcloud-extras.nix"
];
services.nextcloud = {
enable = true;
package = pkgs.nextcloud31;
webserver = "caddy";
hostName = "nextcloud.local";
appstoreEnable = false;
configureRedis = true;
extraApps = {
inherit
(pkgs.nextcloud31Packages.apps)
# mail
calendar
contacts
memories
# recognize
;
};
config = {
adminuser = "admin";
adminpassFile = config.sops.secrets."nextcloud/adminpass".path;
dbtype = "pgsql";
dbhost = "localhost:${toString config.services.postgresql.settings.port}";
dbname = "nextcloud";
dbuser = "nextcloud";
objectstore.s3 = {
enable = true;
verify_bucket_exists = false;
bucket = "nextcloud";
hostname = "localhost";
port = 3461;
usePathStyle = true;
useSsl = false;
region = config.services.garage.settings.s3_api.s3_region;
key = "GK7b6d9214adf40850e5f39d66";
secretFile = config.sops.secrets."nextcloud/s3/secret".path;
# sseCKeyFile = config.sops.secrets."nextcloud/s3/sseC".path; # Needs SSL
};
};
settings = {
"auth.authtoken.v1.disabled" = true;
default_language = "pt_BR";
default_locale = "pt_BR";
default_phone_region = "BR";
default_timezone = config.time.timeZone;
maintenance_window_start = 4; # 1:00 AM at UTC-3
trusted_proxies = ["127.0.0.1"];
};
};
}

14
secrets.nix
View File

@@ -60,6 +60,20 @@ with lib; {
owner = config.services.keikos.web.user; owner = config.services.keikos.web.user;
}; };
"nextcloud/adminpass" = mkIf config.services.nextcloud.enable {
owner = "nextcloud";
};
"nextcloud/s3/secret" = mkIf config.services.nextcloud.enable {
owner = "nextcloud";
};
"nextcloud/s3/sseC" = mkIf config.services.nextcloud.enable {
owner = "nextcloud";
};
"pgadmin/password" = mkIf config.services.pgadmin.enable {
owner = config.systemd.services.pgadmin.serviceConfig.User;
};
"medama/anubis/hexFile" = { "medama/anubis/hexFile" = {
owner = config.services.anubis.instances."medama".user; owner = config.services.anubis.instances."medama".user;
}; };

5
secrets.yaml
View File

@@ -18,6 +18,11 @@ guz:
password: ENC[AES256_GCM,data:zlO5xSFho7TXjFv62lgFir9SAgn+UE6XjdNEvIAgmQG9oDkthfgxO84wYdI0mQDwRIIs2PmSdBRfo0DPc3hji+ySCrItolPL8g==,iv:MZfhTxwfcbmXh5C6DkQhnY9NQGdE8zEwwvFOHQiUgKY=,tag:JjJN2bYcSXNN3ueGj5RNLg==,type:str] password: ENC[AES256_GCM,data:zlO5xSFho7TXjFv62lgFir9SAgn+UE6XjdNEvIAgmQG9oDkthfgxO84wYdI0mQDwRIIs2PmSdBRfo0DPc3hji+ySCrItolPL8g==,iv:MZfhTxwfcbmXh5C6DkQhnY9NQGdE8zEwwvFOHQiUgKY=,tag:JjJN2bYcSXNN3ueGj5RNLg==,type:str]
keiko: keiko:
env-file: ENC[AES256_GCM,data:up0VMFlG92ZAmnDk1b3DNrGJ9zUoyu3pi5poP1cgaYMAaVotRtrQkDAWLPdMKrRaXZlMFhmR0Vmy4n5wauZwiUN6nhMQOEkLZ5QOa8wiyA93JTmu0982bvMeZ+dk1HTy7nU1UI1OaejjEoGFlFV5g06qGfXnC1CFHyqwM1WeTgI6Syv431q0wutz2J6lcDvyxOU8zem3zSOpf5fg,iv:hxixIs/OoUS8Cntr7yJXZxeo5PpyPGfQLfDROQ07mr4=,tag:YUgrrP/C0ZY/SIs/wszW/w==,type:str] env-file: ENC[AES256_GCM,data:up0VMFlG92ZAmnDk1b3DNrGJ9zUoyu3pi5poP1cgaYMAaVotRtrQkDAWLPdMKrRaXZlMFhmR0Vmy4n5wauZwiUN6nhMQOEkLZ5QOa8wiyA93JTmu0982bvMeZ+dk1HTy7nU1UI1OaejjEoGFlFV5g06qGfXnC1CFHyqwM1WeTgI6Syv431q0wutz2J6lcDvyxOU8zem3zSOpf5fg,iv:hxixIs/OoUS8Cntr7yJXZxeo5PpyPGfQLfDROQ07mr4=,tag:YUgrrP/C0ZY/SIs/wszW/w==,type:str]
nextcloud:
adminpass: ENC[AES256_GCM,data:RY2BsFDSttpr,iv:Mv22/Ht4Uq0miQjKgbnu37UCk/wZMyc6t9jrWkyXsxI=,tag:ScYTA46R0ZpkeqjhRsYzYg==,type:str]
s3:
secret: ENC[AES256_GCM,data:GrkETHYY8OMGazKWvnvG1CYiRc/5O01WAof0YIhbJ+U0wSxSYJBVGqV55WVurtzR9F5VxiVpHRRs3cPvtdC8eQ==,iv:a0fMz3NtQX43VWtOfIp9mXZ/R1MCD7y/LBGuWvoxhgQ=,tag:4FjaAQTHNEBfI5q1kLw/Kg==,type:str]
sseC: ENC[AES256_GCM,data:VMrZoC1zvK+7aQ1nfpF0Az9OxmGAqMSFRTgz04jbj3rKkWnGFzi3wTzrfFg=,iv:Vy86k6Yz3Thn7/zqbIp1xV9j1Yi+k6x2qG4vyGHP0IQ=,tag:SnDkc2jfq4gy7OCaT4oFhg==,type:str]
medama: medama:
anubis: anubis:
hexFile: ENC[AES256_GCM,data:INM0j8uPSV60nEyGJ2/+nH1IDVL08hvBzTULBHPbChQVdYO+Z/UCI1aKCLoCwad0NAp+rAljYotZ0NxlxfjnmQ==,iv:y9F70r7erFOBe94rvv3/3P+N8SwFgW39hRcfP2SjFMA=,tag:PnjbQcCDbB/8XPJc+hM5dA==,type:str] hexFile: ENC[AES256_GCM,data:INM0j8uPSV60nEyGJ2/+nH1IDVL08hvBzTULBHPbChQVdYO+Z/UCI1aKCLoCwad0NAp+rAljYotZ0NxlxfjnmQ==,iv:y9F70r7erFOBe94rvv3/3P+N8SwFgW39hRcfP2SjFMA=,tag:PnjbQcCDbB/8XPJc+hM5dA==,type:str]