From 860a267f68e4518adf556dd35c0e7120904a1f44 Mon Sep 17 00:00:00 2001 From: Leon Vatthauer Date: Tue, 28 May 2024 08:56:45 +0200 Subject: [PATCH] add nextcloud --- dafoe/services/acme.nix | 1 + dafoe/services/ddns.nix | 2 +- dafoe/services/nextcloud.nix | 11 +++++++++++ dafoe/services/nginx.nix | 5 +++++ dafoe/services/restic.nix | 4 ++-- dafoe/services/vaultwarden.nix | 6 +++--- 6 files changed, 23 insertions(+), 6 deletions(-) create mode 100644 dafoe/services/nextcloud.nix diff --git a/dafoe/services/acme.nix b/dafoe/services/acme.nix index f8fa687..4f1d742 100644 --- a/dafoe/services/acme.nix +++ b/dafoe/services/acme.nix @@ -6,5 +6,6 @@ "video.vatthauer.xyz".email = "leonvatthauer@outlook.com"; "files.vatthauer.xyz".email = "leonvatthauer@outlook.com"; "www.vatthauer.xyz".email = "leonvatthauer@outlook.com"; + "cloud.vatthauer.xyz".email = "leonvatthauer@outlook.com"; }; } diff --git a/dafoe/services/ddns.nix b/dafoe/services/ddns.nix index 76d79d0..222e91f 100644 --- a/dafoe/services/ddns.nix +++ b/dafoe/services/ddns.nix @@ -10,7 +10,7 @@ enable = true; serviceConfig.User = "ddns"; path = [ pkgs.curl ]; - script = "${../../nix-secrets/willem/ddns/update}"; + script = "${../../nix-secrets/dafoe/ddns/update}"; startAt = "hourly"; }; } diff --git a/dafoe/services/nextcloud.nix b/dafoe/services/nextcloud.nix new file mode 100644 index 0000000..f9c5859 --- /dev/null +++ b/dafoe/services/nextcloud.nix @@ -0,0 +1,11 @@ +{ + services.nextcloud = { + enable = true; + package = pkgs.nextcloud29 + hostName = "cloud.vatthauer.xyz"; + https = true; + config.adminpassFile = "${../../nix-secrets/dafoe/nextcloud/adminpass}"; + configureRedis = true; + maxUploadSize = "1G"; + }; +} diff --git a/dafoe/services/nginx.nix b/dafoe/services/nginx.nix index 79637c3..85b1bf7 100644 --- a/dafoe/services/nginx.nix +++ b/dafoe/services/nginx.nix @@ -45,4 +45,9 @@ extraConfig = "autoindex on;"; }; }; + services.nginx.virtualHosts."cloud.vatthauer.xyz" = { + forceSSL = true; + enableACME = true; + # nextcloud does location setup itself + }; } diff --git a/dafoe/services/restic.nix b/dafoe/services/restic.nix index 5b7f636..09236cf 100644 --- a/dafoe/services/restic.nix +++ b/dafoe/services/restic.nix @@ -2,8 +2,8 @@ services.restic.backups = { giteaBackup = { paths = [ "/forgejo/dump" ]; - environmentFile = "${../../nix-secrets/willem/gitea/backupCreds}"; - passwordFile = "${../../nix-secrets/willem/restic/password}"; + environmentFile = "${../../nix-secrets/dafoe/gitea/backupCreds}"; + passwordFile = "${../../nix-secrets/dafoe/restic/password}"; repository = "b2:gitea-willem"; initialize = true; timerConfig = { diff --git a/dafoe/services/vaultwarden.nix b/dafoe/services/vaultwarden.nix index 6fe8a81..f6f8d5a 100644 --- a/dafoe/services/vaultwarden.nix +++ b/dafoe/services/vaultwarden.nix @@ -10,10 +10,10 @@ ROCKET_LOG = "critical"; - ADMIN_TOKEN = "${../../nix-secrets/willem/vaultwarden/admin-token}"; + ADMIN_TOKEN = "${../../nix-secrets/dafoe/vaultwarden/admin-token}"; - YUBICO_CLIENT_ID = "${../../nix-secrets/willem/vaultwarden/yubico-id}"; - YUBICO_SECRET_KEY = "${../../nix-secrets/willem/vaultwarden/yubico-secret}"; + YUBICO_CLIENT_ID = "${../../nix-secrets/dafoe/vaultwarden/yubico-id}"; + YUBICO_SECRET_KEY = "${../../nix-secrets/dafoe/vaultwarden/yubico-secret}"; }; }; }