From 3cf12e8aa69658fed578610d58311bbf000b3775 Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Sat, 24 Aug 2024 23:00:47 +0200 Subject: [PATCH] Add basic nextcloud module --- hosts/common.nix | 2 ++ hosts/proxima/secrets.yaml | 5 +++-- modules/system/nextcloud.nix | 30 ++++++++++++++++++++++++++++++ 3 files changed, 35 insertions(+), 2 deletions(-) create mode 100644 modules/system/nextcloud.nix diff --git a/hosts/common.nix b/hosts/common.nix index 85974e5..4efd47b 100644 --- a/hosts/common.nix +++ b/hosts/common.nix @@ -5,6 +5,8 @@ self.wrappers.default ]; + networking.domain = "stork-atlas.ts.net"; + nix = { channel.enable = false; settings = { diff --git a/hosts/proxima/secrets.yaml b/hosts/proxima/secrets.yaml index ce5a839..bf897ab 100644 --- a/hosts/proxima/secrets.yaml +++ b/hosts/proxima/secrets.yaml @@ -1,5 +1,6 @@ seb-password: ENC[AES256_GCM,data:N3w7niUZsyFmF2gF+gMhlDb6XfoYZ8yNrZvv2J0Cb3zDhstW7LsgYZVcM3+MXPbTDE9xJ00VGBayOT7fW+5IYYWdGgbRWvOH0w==,iv:rLCKJ9wUL+3sjIaqwV89pYJtt/ERuoR4AAgbt9H4oHg=,tag:nuh9rT0W500w8+y76MqC1Q==,type:str] tailscale-auth-key: ENC[AES256_GCM,data:zKjJsG23GYrAIAoTe9pRI/b9w6JPB/0EDrdtspQq1/dw7eQq7BuzYMT5O5EAy+5A9ZP3fDaleO5nFXRFvg==,iv:p7Dpq30TZyb20E5TfscycxMiN1XUx66DbNPhwuZkwaA=,tag:V/fc99Zv4xJ6PDxNIWHRew==,type:str] +nextcloud-admin-pass: ENC[AES256_GCM,data:Cmt6EUQCLAaqeXgvDC+G0t3PEp424BNvYvZpuLv5,iv:npzjc213z4tLmMWognC52oXf2yPtKsOw2WenK5HSZN0=,tag:VA3gjMA2TT50i1jaxxrWSg==,type:str] sops: kms: [] gcp_kms: [] @@ -24,8 +25,8 @@ sops: aW00MUpGdXpYam5LYVFUenh2VndzcE0KT6Hfx1CYJFseFaEZxwi4Fds4v1HEFzBo FdSC6pzpZkfXso8EtSftq0lPx10GfJ6GZXYb+bCB2S9ROvUMPYDH3A== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-15T20:36:57Z" - mac: ENC[AES256_GCM,data:d3UvTioPyA/Ua2hyWo01l1+6kPBFhQES8+l3wqFlnBlUmwBAIh8ZyBA4hNUB2A7eF7MXZytQuFkbxtmDljsLQ1yaAZNrN3gBl8arzn/ztXsbkQ2h53wWkjTrfjLCaN8Z4Ea9e1Y/2uBiUn2VkJT/YVVyt7bOhHtRw+JO/2CNhLw=,iv:Af0NUGw2D/7ekCo0L7Cqd4j35wc3AOgruglsCj3C7QI=,tag:B0RU/sv6gDUBs0x1drPy4A==,type:str] + lastmodified: "2024-08-24T20:34:04Z" + mac: ENC[AES256_GCM,data:bh9jVLtd97Zt0O1LlJWYXQHvNzr6vxpPEzduZa+XvLnf+NjcJv71DuR1ZzjW5nV0+63I1zKRDhcVq4IDFW/oHSLylCir17h5n4ZQR98i3B09fMETv0fJBtcadFCEJgOY/IBI0BDO8qeF8tMXFsXXqIGarScu4vJzLqh1MywvLkQ=,iv:gQbqrVVpto3aVHP86lOMHfDZ9kcdoIuJHojigRT8VII=,tag:3s/DYA/DMPm2CiDvv7vJLw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0 diff --git a/modules/system/nextcloud.nix b/modules/system/nextcloud.nix new file mode 100644 index 0000000..115ef11 --- /dev/null +++ b/modules/system/nextcloud.nix @@ -0,0 +1,30 @@ +{ + config, + pkgs, + lib, + ... +}: +{ + options.myConfig.nextcloud.enable = lib.mkEnableOption ""; + + config = lib.mkIf config.myConfig.nextcloud.enable { + sops.secrets.nextcloud-admin-pass = { + owner = config.services.nextcloud.config.dbname; + group = config.services.nextcloud.config.dbuser; + }; + + services.nextcloud = { + enable = true; + package = pkgs.nextcloud29; + home = "/data/nextcloud"; + hostName = config.networking.fqdn; + + database.createLocally = true; + config = { + dbtype = "pgsql"; + adminuser = "admin"; + adminpassFile = config.sops.secrets.nextcloud-admin-pass.path; + }; + }; + }; +}