-
-
Save tilpner/466c5225f4cd6f3d611862fab4973df7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ config, pkgs, lib, ... }: | |
let | |
cfg = config.services.nextcloud; | |
domain = "..."; | |
wrappers = config.security.wrapperDir; | |
pg = config.services.postgresql.package; | |
in { | |
services.nextcloud = { | |
enable = true; | |
hostName = domain; | |
https = true; | |
nginx.enable = true; | |
maxUploadSize = "2048M"; | |
caching = { | |
apcu = true; | |
redis = true; | |
}; | |
config = { | |
dbtype = "pgsql"; | |
dbuser = "nextcloud"; | |
dbhost = "/tmp"; # nextcloud will add /.s.PGSQL.5432 by itself | |
dbname = "nextcloud"; | |
adminuser = "root"; | |
adminpassFile = "${config.services.nextcloud.home}/adminpass"; | |
}; | |
}; | |
/*nixpkgs.overlays = [ (self: super: { | |
inherit (pkgs.nixos-unstable-small) nextcloud; | |
}) ];*/ | |
services.redis.enable = true; | |
services.nginx.virtualHosts.${domain} = { | |
forceSSL = true; | |
enableACME = true; | |
}; | |
services.postgresql = { | |
enable = true; | |
/*initialScript = pkgs.writeText "psql-init" '' | |
CREATE ROLE nextcloud WITH LOGIN; | |
CREATE DATABASE nextcloud WITH OWNER nextcloud; | |
'';*/ | |
}; | |
# ensure that postgres is running *before* running the setup | |
systemd.services.nextcloud-setup = { | |
requires = [ "postgresql.service" ]; | |
after = [ "postgresql.service" ]; | |
preStart = lib.mkBefore '' | |
if ! test -e "${cfg.home}/db-created"; then | |
${wrappers}/sudo -u postgres \ | |
${pg}/bin/createuser \ | |
--login \ | |
--no-createdb \ | |
--no-createrole \ | |
--encrypted \ | |
nextcloud | |
${wrappers}/sudo -u postgres \ | |
${pg}/bin/createdb \ | |
--owner=nextcloud \ | |
--encoding=UTF8 \ | |
nextcloud | |
touch "${cfg.home}/db-created" | |
fi | |
''; | |
}; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment