--- /dev/null
+{ lib, pkgs, config, ... }:
+let
+ ncfg = config.myServices.tools.cloud.farm.instances.immae;
+ env = config.myEnv.tools.nextcloud;
+ cfg = config.myServices.websites.tools.cloud;
+in {
+ options.myServices.websites.tools.cloud = {
+ enable = lib.mkEnableOption "enable cloud website";
+ };
+
+ config = lib.mkIf cfg.enable {
+ myServices.dns.zones."immae.eu".subdomains.cloud =
+ with config.myServices.dns.helpers; ips servers.eldiron.ips.main;
+
+ myServices.chatonsProperties.hostings.nextcloud = {
+ file.datetime = "2022-08-21T19:50:00";
+ hosting = {
+ name = "Nextcloud";
+ description = "The self-hosted productivity platform that keeps you in control";
+ website = "https://cloud.immae.eu/";
+ logo = "https://cloud.immae.eu/core/img/favicon.ico";
+ type = "INSTANCE";
+ status.level = "OK";
+ status.description = "OK";
+ registration.load = "OPEN";
+ install.type = "PACKAGE";
+ };
+ };
+ myServices.chatonsProperties.services.nextcloud = {
+ file.datetime = "2022-08-21T19:50:00";
+ service = {
+ name = "Nextcloud";
+ description = "The self-hosted productivity platform that keeps you in control";
+ website = "https://cloud.immae.eu/";
+ logo = "https://cloud.immae.eu/core/img/favicon.ico";
+ status.level = "OK";
+ status.description = "OK";
+ registration."" = ["MEMBER" "CLIENT"];
+ registration.load = "OPEN";
+ install.type = "PACKAGE";
+ guide.user = "https://www.immae.eu/docs/nextcloud.html";
+ };
+ software = {
+ name = "Nextcloud";
+ website = "https://nextcloud.com/";
+ license.url = "https://github.com/nextcloud/server/blob/master/COPYING";
+ license.name = "GNU Affero General Public License v3.0";
+ version = ncfg.rootDir.version;
+ source.url = "https://github.com/nextcloud/server";
+ modules = map (a: a.appName) ncfg.rootDir.apps;
+ };
+ };
+
+ myServices.tools.cloud.farm.instances.immae = {
+ nextcloud = pkgs.webapps-nextcloud_27.override ({
+ # Allow /index.php redirects
+ postInstall = ''
+ cd $out
+ ${pkgs.php81}/bin/php ${./add-htaccess.php} /
+ '';
+ });
+ apps = a: [
+ a.side_menu a.audioplayer a.bookmarks a.calendar a.carnet a.contacts
+ a.cookbook a.deck a.extract a.files_markdown a.files_mindmap
+ a.gpxpod a.keeweb a.maps a.metadata a.music
+ a.notes a.passman a.polls a.spreed a.tasks
+ ];
+ varDir = "/var/lib/nextcloud";
+ secretsPath = "webapps/tools-nextcloud";
+ phpPackage = pkgs.php81;
+ # Be careful when editing that: config from here takes
+ # precedence over the regular one, but if a key got removed, it my
+ # still exist in the default config file
+ config = let
+ env = config.myEnv.tools.nextcloud;
+ in {
+ "dbtype" = "pgsql";
+ "dbname" = env.postgresql.database;
+ "dbhost" = env.postgresql.socket;
+ "dbport" = "";
+ "dbtableprefix" = "oc_";
+ "dbuser" = env.postgresql.user;
+ "dbpassword" = env.postgresql.password;
+
+ "instanceid" = env.instance_id;
+ "passwordsalt" = env.password_salt;
+ "secret" = env.secret;
+
+ "trusted_domains" = [ "cloud.immae.eu" ];
+ "overwrite.cli.url" = "https://cloud.immae.eu";
+
+ "lost_password_link" = "disabled";
+
+ "remember_login_cookie_lifetime" = 60*60*24*30;
+ "session_keepalive" = true;
+ "session_lifefime" = 60*60*24*30;
+
+ "maxZipInputSize" = 0;
+ "allowZipDownload" = true;
+
+ # set by Carnet
+ "has_rebuilt_cache" = true;
+
+ "memcache.distributed" = "\\OC\\Memcache\\Redis";
+ "memcache.locking" = "\\OC\\Memcache\\Redis";
+ "filelocking.enabled" = true;
+ "redis" = {
+ "host" = env.redis.socket;
+ "port" = 0;
+ "dbindex" = env.redis.db;
+ };
+
+ "ldapIgnoreNamingRules" = false;
+ "ldapProviderFactory" = "\\OCA\\User_LDAP\\LDAPProviderFactory";
+
+ "mail_smtpmode" = "sendmail";
+ "mail_smtphost" = "127.0.0.1";
+ "mail_smtpname" = "";
+ "mail_smtppassword" = "";
+ "mail_from_address" = "nextcloud";
+ "mail_smtpauth" = false;
+ "mail_domain" = "tools.immae.eu";
+ };
+ };
+ services.websites.env.tools.modules = [ "proxy_fcgi" ];
+
+ security.acme.certs.eldiron.extraDomainNames = [ "cloud.immae.eu" ];
+ services.websites.env.tools.vhostConfs.cloud = {
+ certName = "eldiron";
+ hosts = ["cloud.immae.eu" ];
+ root = ncfg.rootDir;
+ extraConfig = [
+ ncfg.vhost
+ ];
+ };
+
+ myServices.monitoring.fromMasterActivatedPlugins = [ "http" ];
+ myServices.monitoring.fromMasterObjects.service = [
+ {
+ service_description = "owncloud website is running on cloud.immae.eu";
+ host_name = config.hostEnv.fqdn;
+ use = "external-web-service";
+ check_command = ["check_https" "cloud.immae.eu" "/" "a safe home for all your data"];
+
+ servicegroups = "webstatus-webapps";
+ _webstatus_name = "Nextcloud";
+ _webstatus_url = "https://cloud.immae.eu";
+ }
+ ];
+ };
+}