nixos/modules/services/nextcloud.nix

inputs:
{
  options.nixos.services.nextcloud = let inherit (inputs.lib) mkOption types; in
  {
    enable = mkOption { type = types.bool; default = false; };
    hostname = mkOption { type = types.nonEmptyStr; default = "nextcloud.chn.moe"; };
  };
  config =
    let
      inherit (inputs.config.nixos.services) nextcloud;
      inherit (inputs.localLib) attrsToList;
      inherit (inputs.lib) mkIf mkMerge;
      inherit (builtins) map listToAttrs toString replaceStrings filter toJSON;
    in mkIf nextcloud.enable
    {
      services.nextcloud =
      {
        enable = true;
        hostName = nextcloud.hostname;
        appstoreEnable = false;
        https = true;
        package = inputs.pkgs.nextcloud28;
        maxUploadSize = "10G";
        config =
        {
          dbtype = "pgsql";
          dbpassFile = inputs.config.sops.secrets."nextcloud/postgresql".path;
          adminuser = "admin";
          adminpassFile = inputs.config.sops.secrets."nextcloud/admin".path;
          overwriteProtocol = "https";
          defaultPhoneRegion = "CN";
        };
        configureRedis = true;
        settings =
        {
          mail_domain = "chn.moe";
          mail_from_address = "bot";
          mail_smtphost = "mail.chn.moe";
          mail_smtpport = 465;
          mail_smtpsecure = "ssl";
          mail_smtpauth = true;
          mail_smtpname = "bot@chn.moe";
          updatechecker = false;
        };
        secretFile = inputs.config.sops.templates."nextcloud/secret".path;
        extraApps =
          let
            githubRelease = repo: file: "https://github.com/${repo}/releases/download/${file}";
          in
          {
            # nix-prefetch-url --unpack
            maps = inputs.pkgs.fetchNextcloudApp
            {
              url = githubRelease "nextcloud/maps" "v1.4.0/maps-1.4.0.tar.gz";
              sha256 = "1gqms3rrdpjmpb1h5d72b4lwbvsl8p10zwnkhgnsmvfcf93h3r1c";
              license = "agpl3Only";
            };
            phonetrack = inputs.pkgs.fetchNextcloudApp
            {
              url = githubRelease "julien-nc/phonetrack" "v0.8.1/phonetrack-0.8.1.tar.gz";
              sha256 = "1i28xgzp85yb44ay2l2zw18fk00yd6fh6yddj92gdrljb3w9zpap";
              license = "agpl3Only";
            };
            twofactor_webauthn = inputs.pkgs.fetchNextcloudApp
            {
              url = githubRelease "nextcloud-releases/twofactor_webauthn" "v1.4.0/twofactor_webauthn-v1.4.0.tar.gz";
              sha256 = "0llxakzcdcy9hscyzw3na5zp1p57h03w5fmm0gs9g62k1b88k6kw";
              license = "agpl3Only";
            };
            calendar = inputs.pkgs.fetchNextcloudApp
            {
              url = githubRelease "nextcloud-releases/calendar" "v4.7.6/calendar-v4.7.6.tar.gz";
              sha256 = "09rsp5anpaqzwmrixza5qh12vmq9hd3an045064vm3rnynz537qc";
              license = "agpl3Only";
            };
          };
        };
      nixos.services =
      {
        postgresql.instances.nextcloud = {};
        redis.instances.nextcloud.port = 3499;
        nginx = { enable = true; https.${nextcloud.hostname}.global.configName = nextcloud.hostname; };
      };
      sops =
      {
        templates."nextcloud/secret" =
        {
          content = toJSON
          {
            redis.password = inputs.config.sops.placeholder."redis/nextcloud";
            mail_smtppassword = inputs.config.sops.placeholder."mail/bot";
          };
          owner = inputs.config.users.users.nextcloud.name;
        };
        secrets =
        {
          "nextcloud/postgresql" = { key = "postgresql/nextcloud"; owner = inputs.config.users.users.nextcloud.name; };
          "nextcloud/admin".owner = inputs.config.users.users.nextcloud.name;
        };
      };
      systemd.services.nextcloud-setup = rec { requires = [ "postgresql.service" ]; after = requires; };
    };
}
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`inputs:`
			`{`
fix 2023-10-04 15:42:34 +08:00			`options.nixos.services.nextcloud = let inherit (inputs.lib) mkOption types; in`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`{`
fix 2023-10-04 15:46:55 +08:00			`enable = mkOption { type = types.bool; default = false; };`
add ua 2023-11-12 17:29:40 +08:00			`hostname = mkOption { type = types.nonEmptyStr; default = "nextcloud.chn.moe"; };`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`};`
			`config =`
			`let`
fix 2023-10-04 15:42:34 +08:00			`inherit (inputs.config.nixos.services) nextcloud;`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`inherit (inputs.localLib) attrsToList;`
			`inherit (inputs.lib) mkIf mkMerge;`
			`inherit (builtins) map listToAttrs toString replaceStrings filter toJSON;`
fix 2023-10-04 15:42:34 +08:00			`in mkIf nextcloud.enable`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`{`
			`services.nextcloud =`
			`{`
			`enable = true;`
fix 2023-10-04 15:42:34 +08:00			`hostName = nextcloud.hostname;`
Revert "services.nextcloud: enable appstore" This reverts commit 60f3ccc5065cbbbec4f9be072ef39c0e9612d4c7. 2023-10-04 20:45:05 +08:00			`appstoreEnable = false;`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`https = true;`
services.nextcloud: update to 28 2024-06-08 13:24:41 +08:00			`package = inputs.pkgs.nextcloud28;`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`maxUploadSize = "10G";`
			`config =`
			`{`
			`dbtype = "pgsql";`
			`dbpassFile = inputs.config.sops.secrets."nextcloud/postgresql".path;`
			`adminuser = "admin";`
			`adminpassFile = inputs.config.sops.secrets."nextcloud/admin".path;`
			`overwriteProtocol = "https";`
			`defaultPhoneRegion = "CN";`
			`};`
			`configureRedis = true;`
services.nextcloud: fix 2024-06-08 12:21:01 +08:00			`settings =`
fix nextcloud mail config 2023-10-04 16:14:25 +08:00			`{`
			`mail_domain = "chn.moe";`
services.nextcloud: fix mail 2023-10-04 20:06:45 +08:00			`mail_from_address = "bot";`
fix nextcloud mail config 2023-10-04 16:14:25 +08:00			`mail_smtphost = "mail.chn.moe";`
			`mail_smtpport = 465;`
			`mail_smtpsecure = "ssl";`
			`mail_smtpauth = true;`
			`mail_smtpname = "bot@chn.moe";`
services.nextcloud: disable update checker 2023-10-05 16:12:53 +08:00			`updatechecker = false;`
fix nextcloud mail config 2023-10-04 16:14:25 +08:00			`};`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`secretFile = inputs.config.sops.templates."nextcloud/secret".path;`
services.nextcloud: add app 2023-10-04 20:59:17 +08:00			`extraApps =`
services.nextcloud: update apps 2023-11-22 21:48:23 +08:00			`let`
			`githubRelease = repo: file: "https://github.com/${repo}/releases/download/${file}";`
			`in`
services.nextcloud: add app 2023-10-04 20:59:17 +08:00			`{`
fix nextcloud update everything 2023-12-02 10:52:42 +08:00			`# nix-prefetch-url --unpack`
services.nextcloud: update apps 2023-11-22 21:48:23 +08:00			`maps = inputs.pkgs.fetchNextcloudApp`
			`{`
services.nextcloud: fix 2024-06-06 22:15:33 +08:00			`url = githubRelease "nextcloud/maps" "v1.4.0/maps-1.4.0.tar.gz";`
			`sha256 = "1gqms3rrdpjmpb1h5d72b4lwbvsl8p10zwnkhgnsmvfcf93h3r1c";`
			`license = "agpl3Only";`
services.nextcloud: update apps 2023-11-22 21:48:23 +08:00			`};`
			`phonetrack = inputs.pkgs.fetchNextcloudApp`
			`{`
services.nextcloud: fix 2024-06-06 22:15:33 +08:00			`url = githubRelease "julien-nc/phonetrack" "v0.8.1/phonetrack-0.8.1.tar.gz";`
			`sha256 = "1i28xgzp85yb44ay2l2zw18fk00yd6fh6yddj92gdrljb3w9zpap";`
			`license = "agpl3Only";`
services.nextcloud: update apps 2023-11-22 21:48:23 +08:00			`};`
services.nextcloud: fix 2024-03-04 12:08:53 +08:00			`twofactor_webauthn = inputs.pkgs.fetchNextcloudApp`
services.nextcloud: update apps 2023-11-22 21:48:23 +08:00			`{`
services.nextcloud: fix 2024-06-06 22:15:33 +08:00			`url = githubRelease "nextcloud-releases/twofactor_webauthn" "v1.4.0/twofactor_webauthn-v1.4.0.tar.gz";`
			`sha256 = "0llxakzcdcy9hscyzw3na5zp1p57h03w5fmm0gs9g62k1b88k6kw";`
			`license = "agpl3Only";`
services.nextcloud: update apps 2024-03-02 22:06:41 +08:00			`};`
			`calendar = inputs.pkgs.fetchNextcloudApp`
			`{`
services.nextcloud: fix 2024-06-06 22:15:33 +08:00			`url = githubRelease "nextcloud-releases/calendar" "v4.7.6/calendar-v4.7.6.tar.gz";`
			`sha256 = "09rsp5anpaqzwmrixza5qh12vmq9hd3an045064vm3rnynz537qc";`
			`license = "agpl3Only";`
services.nextcloud: update apps 2023-11-22 21:48:23 +08:00			`};`
services.nextcloud: add app 2023-10-04 20:59:17 +08:00			`};`
			`};`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`nixos.services =`
			`{`
services.postgresql: fix 2024-05-10 15:56:42 +08:00			`postgresql.instances.nextcloud = {};`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`redis.instances.nextcloud.port = 3499;`
缩减行数 2023-11-16 15:51:47 +08:00			`nginx = { enable = true; https.${nextcloud.hostname}.global.configName = nextcloud.hostname; };`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`};`
			`sops =`
			`{`
fix 2023-10-04 15:56:11 +08:00			`templates."nextcloud/secret" =`
			`{`
fix nextcloud mail config 2023-10-04 16:14:25 +08:00			`content = toJSON`
			`{`
			`redis.password = inputs.config.sops.placeholder."redis/nextcloud";`
			`mail_smtppassword = inputs.config.sops.placeholder."mail/bot";`
			`};`
fix 2023-10-04 15:56:11 +08:00			`owner = inputs.config.users.users.nextcloud.name;`
			`};`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`secrets =`
			`{`
			`"nextcloud/postgresql" = { key = "postgresql/nextcloud"; owner = inputs.config.users.users.nextcloud.name; };`
			`"nextcloud/admin".owner = inputs.config.users.users.nextcloud.name;`
			`};`
			`};`
services.nextcloud: run nextcloud-setup after postgresql 2023-11-20 20:46:29 +08:00			`systemd.services.nextcloud-setup = rec { requires = [ "postgresql.service" ]; after = requires; };`
services.nextcloud: init 2023-10-04 15:40:28 +08:00			`};`
			`}`