Add SMTP configuration to nextcloud and use an additional disk for the data

2023-08-04 03:32:06 +02:00 · 2023-08-04 03:32:06 +02:00 · c1bd4e3529
commit c1bd4e3529
parent 3f9cdc0943
4 changed files with 62 additions and 22 deletions
--- a/hosts/nextcloud/default.nix
+++ b/hosts/nextcloud/default.nix
@ -2,6 +2,7 @@
 {
  imports = [
    ./configuration.nix
+    ./hardware-configuration.nix
    ./nextcloud.nix
  ];
 }
--- a/hosts/nextcloud/hardware-configuration.nix
+++ b/hosts/nextcloud/hardware-configuration.nix
@ -0,0 +1,10 @@
+{ ... }:
+{
+  fileSystems."/var/lib/nextcloud/data" = {
+    device = "/dev/vdb";
+    fsType = "ext4";
+    autoFormat = true;
+    autoResize = true;
+    options = [ "X-mount.owner=nextcloud" "X-mount.group=nextcloud" ];
+  };
+}
--- a/hosts/nextcloud/nextcloud.nix
+++ b/hosts/nextcloud/nextcloud.nix
@ -17,9 +17,23 @@
      inherit bookmarks contacts calendar tasks twofactor_webauthn;
    };
    maxUploadSize = "16G";
+    extraOptions = {
+      mail_smtpmode = "smtp";
+      mail_sendmailmode = "smtp";
+      mail_smtpsecure = "ssl";
+      mail_from_address = "cloud";
+      mail_domain = "nekover.se";
+      mail_smtpauthtype = "LOGIN";
+      mail_smtpauth = 1;
+      mail_smtphost = "mail.grzb.de";
+      mail_smtpport = 465;
+      mail_smtpname = "nextcloud";
+    };
+    secretFile = "/secrets/nextcloud-secretfile.secret";
  };

-  services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
+  services.nginx = {
+    virtualHosts.${config.services.nextcloud.hostName} = {
      forceSSL = true;
      enableACME = true;
      listen = [
@ -34,5 +48,10 @@
          proxyProtocol = true;
        }
      ];
+      extraConfig = ''
+        set_real_ip_from 10.202.41.100;
+        real_ip_header proxy_protocol;
+      '';
+    };
  };
 }
--- a/hosts/nextcloud/secrets.nix
+++ b/hosts/nextcloud/secrets.nix
@ -1,6 +1,7 @@
 { ... }:
 {
-  deployment.keys."nextcloud-adminpass.secret" = {
+  deployment.keys = {
+    "nextcloud-adminpass.secret" = {
      keyCommand = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" "pass" "nextcloud/adminpass" ];
      destDir = "/secrets";
      user = "nextcloud";
@ -8,4 +9,13 @@
      permissions = "0640";
      uploadAt = "pre-activation";
    };
+    "nextcloud-secretfile.secret" = {
+      keyCommand = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" "pass" "nextcloud/secretfile" ];
+      destDir = "/secrets";
+      user = "nextcloud";
+      group = "nextcloud";
+      permissions = "0640";
+      uploadAt = "pre-activation";
+    };
+  };
 }