fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add SMTP configuration to nextcloud and use an additional disk for the data

Browse source
This commit is contained in:
fi 2023-08-04 03:32:06 +02:00
commit c1bd4e3529
Signed by: fi
SSH key fingerprint: SHA256:d+6fQoDPMbSFK95zRVflRKZLRKF4cPSQb7VIxYkhFsA
4 changed files with 62 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/nextcloud/default.nix
View file

@ -2,6 +2,7 @@
{
imports = [
./configuration.nix
./hardware-configuration.nix
./nextcloud.nix
];
}

10
hosts/nextcloud/hardware-configuration.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }:
{
fileSystems."/var/lib/nextcloud/data" = {
device = "/dev/vdb";
fsType = "ext4";
autoFormat = true;
autoResize = true;
options = [ "X-mount.owner=nextcloud" "X-mount.group=nextcloud" ];
};
}

49
hosts/nextcloud/nextcloud.nix
View file

@ -17,22 +17,41 @@
inherit bookmarks contacts calendar tasks twofactor_webauthn;
};
maxUploadSize = "16G";
extraOptions = {
mail_smtpmode = "smtp";
mail_sendmailmode = "smtp";
mail_smtpsecure = "ssl";
mail_from_address = "cloud";
mail_domain = "nekover.se";
mail_smtpauthtype = "LOGIN";
mail_smtpauth = 1;
mail_smtphost = "mail.grzb.de";
mail_smtpport = 465;
mail_smtpname = "nextcloud";
};
secretFile = "/secrets/nextcloud-secretfile.secret";
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "localhost";
port = 1234;
} # workaround for enableACME check
{
addr = "0.0.0.0";
port = 8443;
ssl = true;
proxyProtocol = true;
}
];
services.nginx = {
virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "localhost";
port = 1234;
} # workaround for enableACME check
{
addr = "0.0.0.0";
port = 8443;
ssl = true;
proxyProtocol = true;
}
];
extraConfig = ''
set_real_ip_from 10.202.41.100;
real_ip_header proxy_protocol;
'';
};
};
}

24
hosts/nextcloud/secrets.nix
View file

@ -1,11 +1,21 @@
{ ... }:
{
deployment.keys."nextcloud-adminpass.secret" = {
keyCommand = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" "pass" "nextcloud/adminpass" ];
destDir = "/secrets";
user = "nextcloud";
group = "nextcloud";
permissions = "0640";
uploadAt = "pre-activation";
deployment.keys = {
"nextcloud-adminpass.secret" = {
keyCommand = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" "pass" "nextcloud/adminpass" ];
destDir = "/secrets";
user = "nextcloud";
group = "nextcloud";
permissions = "0640";
uploadAt = "pre-activation";
};
"nextcloud-secretfile.secret" = {
keyCommand = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" "pass" "nextcloud/secretfile" ];
destDir = "/secrets";
user = "nextcloud";
group = "nextcloud";
permissions = "0640";
uploadAt = "pre-activation";
};
};
}