]>
Commit | Line | Data |
---|---|---|
1a64deeb IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | ncfg = config.myServices.tools.cloud.farm.instances.immae; | |
4 | env = config.myEnv.tools.nextcloud; | |
5 | cfg = config.myServices.websites.tools.cloud; | |
6 | in { | |
7 | options.myServices.websites.tools.cloud = { | |
8 | enable = lib.mkEnableOption "enable cloud website"; | |
9 | }; | |
10 | ||
11 | config = lib.mkIf cfg.enable { | |
12 | myServices.dns.zones."immae.eu".subdomains.cloud = | |
13 | with config.myServices.dns.helpers; ips servers.eldiron.ips.main; | |
14 | ||
15 | myServices.chatonsProperties.hostings.nextcloud = { | |
16 | file.datetime = "2022-08-21T19:50:00"; | |
17 | hosting = { | |
18 | name = "Nextcloud"; | |
19 | description = "The self-hosted productivity platform that keeps you in control"; | |
20 | website = "https://cloud.immae.eu/"; | |
21 | logo = "https://cloud.immae.eu/core/img/favicon.ico"; | |
22 | type = "INSTANCE"; | |
23 | status.level = "OK"; | |
24 | status.description = "OK"; | |
25 | registration.load = "OPEN"; | |
26 | install.type = "PACKAGE"; | |
27 | }; | |
28 | }; | |
29 | myServices.chatonsProperties.services.nextcloud = { | |
30 | file.datetime = "2022-08-21T19:50:00"; | |
31 | service = { | |
32 | name = "Nextcloud"; | |
33 | description = "The self-hosted productivity platform that keeps you in control"; | |
34 | website = "https://cloud.immae.eu/"; | |
35 | logo = "https://cloud.immae.eu/core/img/favicon.ico"; | |
36 | status.level = "OK"; | |
37 | status.description = "OK"; | |
38 | registration."" = ["MEMBER" "CLIENT"]; | |
39 | registration.load = "OPEN"; | |
40 | install.type = "PACKAGE"; | |
41 | guide.user = "https://www.immae.eu/docs/nextcloud.html"; | |
42 | }; | |
43 | software = { | |
44 | name = "Nextcloud"; | |
45 | website = "https://nextcloud.com/"; | |
46 | license.url = "https://github.com/nextcloud/server/blob/master/COPYING"; | |
47 | license.name = "GNU Affero General Public License v3.0"; | |
48 | version = ncfg.rootDir.version; | |
49 | source.url = "https://github.com/nextcloud/server"; | |
50 | modules = map (a: a.appName) ncfg.rootDir.apps; | |
51 | }; | |
52 | }; | |
53 | ||
54 | myServices.tools.cloud.farm.instances.immae = { | |
55 | nextcloud = pkgs.webapps-nextcloud_27.override ({ | |
56 | # Allow /index.php redirects | |
57 | postInstall = '' | |
58 | cd $out | |
59 | ${pkgs.php81}/bin/php ${./add-htaccess.php} / | |
60 | ''; | |
61 | }); | |
62 | apps = a: [ | |
63 | a.side_menu a.audioplayer a.bookmarks a.calendar a.carnet a.contacts | |
64 | a.cookbook a.deck a.extract a.files_markdown a.files_mindmap | |
65 | a.gpxpod a.keeweb a.maps a.metadata a.music | |
66 | a.notes a.passman a.polls a.spreed a.tasks | |
67 | ]; | |
68 | varDir = "/var/lib/nextcloud"; | |
69 | secretsPath = "webapps/tools-nextcloud"; | |
70 | phpPackage = pkgs.php81; | |
71 | # Be careful when editing that: config from here takes | |
72 | # precedence over the regular one, but if a key got removed, it my | |
73 | # still exist in the default config file | |
74 | config = let | |
75 | env = config.myEnv.tools.nextcloud; | |
76 | in { | |
77 | "dbtype" = "pgsql"; | |
78 | "dbname" = env.postgresql.database; | |
79 | "dbhost" = env.postgresql.socket; | |
80 | "dbport" = ""; | |
81 | "dbtableprefix" = "oc_"; | |
82 | "dbuser" = env.postgresql.user; | |
83 | "dbpassword" = env.postgresql.password; | |
84 | ||
85 | "instanceid" = env.instance_id; | |
86 | "passwordsalt" = env.password_salt; | |
87 | "secret" = env.secret; | |
88 | ||
89 | "trusted_domains" = [ "cloud.immae.eu" ]; | |
90 | "overwrite.cli.url" = "https://cloud.immae.eu"; | |
91 | ||
92 | "lost_password_link" = "disabled"; | |
93 | ||
94 | "remember_login_cookie_lifetime" = 60*60*24*30; | |
95 | "session_keepalive" = true; | |
96 | "session_lifefime" = 60*60*24*30; | |
97 | ||
98 | "maxZipInputSize" = 0; | |
99 | "allowZipDownload" = true; | |
100 | ||
101 | # set by Carnet | |
102 | "has_rebuilt_cache" = true; | |
103 | ||
104 | "memcache.distributed" = "\\OC\\Memcache\\Redis"; | |
105 | "memcache.locking" = "\\OC\\Memcache\\Redis"; | |
106 | "filelocking.enabled" = true; | |
107 | "redis" = { | |
108 | "host" = env.redis.socket; | |
109 | "port" = 0; | |
110 | "dbindex" = env.redis.db; | |
111 | }; | |
112 | ||
113 | "ldapIgnoreNamingRules" = false; | |
114 | "ldapProviderFactory" = "\\OCA\\User_LDAP\\LDAPProviderFactory"; | |
115 | ||
116 | "mail_smtpmode" = "sendmail"; | |
117 | "mail_smtphost" = "127.0.0.1"; | |
118 | "mail_smtpname" = ""; | |
119 | "mail_smtppassword" = ""; | |
120 | "mail_from_address" = "nextcloud"; | |
121 | "mail_smtpauth" = false; | |
122 | "mail_domain" = "tools.immae.eu"; | |
123 | }; | |
124 | }; | |
125 | services.websites.env.tools.modules = [ "proxy_fcgi" ]; | |
126 | ||
127 | security.acme.certs.eldiron.extraDomainNames = [ "cloud.immae.eu" ]; | |
128 | services.websites.env.tools.vhostConfs.cloud = { | |
129 | certName = "eldiron"; | |
130 | hosts = ["cloud.immae.eu" ]; | |
131 | root = ncfg.rootDir; | |
132 | extraConfig = [ | |
133 | ncfg.vhost | |
134 | ]; | |
135 | }; | |
136 | ||
137 | myServices.monitoring.fromMasterActivatedPlugins = [ "http" ]; | |
138 | myServices.monitoring.fromMasterObjects.service = [ | |
139 | { | |
140 | service_description = "owncloud website is running on cloud.immae.eu"; | |
141 | host_name = config.hostEnv.fqdn; | |
142 | use = "external-web-service"; | |
143 | check_command = ["check_https" "cloud.immae.eu" "/" "a safe home for all your data"]; | |
144 | ||
145 | servicegroups = "webstatus-webapps"; | |
146 | _webstatus_name = "Nextcloud"; | |
147 | _webstatus_url = "https://cloud.immae.eu"; | |
148 | } | |
149 | ]; | |
150 | }; | |
151 | } |