feat: move away from cube host

2025-08-01 04:27:46 +00:00 · 2025-02-28 00:29:52 +03:00 · 2025-02-28 00:29:52 +03:00 · 5125a31e7f
commit 5125a31e7f
parent 07537d4889
36 changed files with 97 additions and 165 deletions
--- a/hosts/best/nextcloud/default.nix
+++ b/hosts/best/nextcloud/default.nix
@ -0,0 +1,115 @@
+ { self, config, lib, pkgs, ... }: let
+  inherit (config.networking) domain;
+  inherit (lib) const enabled genAttrs merge mkAfter;
+
+  fqdn = "cloud.${domain}";
+
+  packageNextcloud = pkgs.nextcloud30;
+in {
+  imports = [
+    (self + /modules/nginx.nix)
+    (self + /modules/postgresql.nix)
+  ];
+
+  secrets.nextcloudPassword = {
+    file  = ./password.age;
+    owner = "nextcloud";
+  };
+  secrets.nextcloudPasswordExporter = {
+    file  = ./password.age;
+    owner = "nextcloud-exporter";
+  };
+
+  services.prometheus.exporters.nextcloud = enabled {
+    listenAddress = "[::]";
+
+    username     = "admin";
+    url          = "https://${fqdn}";
+    passwordFile = config.secrets.nextcloudPasswordExporter.path;
+  };
+
+  services.postgresql.ensure = [ "nextcloud" ];
+
+  services.restic.backups = genAttrs config.services.restic.hosts <| const {
+    paths = [ "/var/lib/nextcloud" ];
+  };
+
+  systemd.services.nextcloud-setup = {
+    after    = [ "postgresql.service" ];
+    requires = [ "postgresql.service" ];
+
+    script = mkAfter /* sh */ ''
+      # TODO: Nextcloud 30 removed these. Find another way.
+      # nextcloud-occ theming:config name "RGBCube's Depot"
+      # nextcloud-occ theming:config slogan "RGBCube's storage of insignificant data."
+
+      # nextcloud-occ theming:config color "#000000"
+      # nextcloud-occ theming:config background backgroundColor
+
+      # nextcloud-occ theming:config logo ${./icon.gif}
+    '';
+  };
+
+  services.nextcloud = enabled {
+    package  = packageNextcloud;
+
+    hostName = fqdn;
+    https    = true;
+
+    configureRedis = true;
+
+    config.adminuser     = "admin";
+    config.adminpassFile = config.secrets.nextcloudPassword.path;
+
+    config.dbhost = "/run/postgresql";
+    config.dbtype = "pgsql";
+
+    settings = {
+      default_phone_region = "TR";
+
+      # Even with a manual SMTP config, Nextcloud fails to communicate properly
+      # and fails to send mail. PHP moment?
+      # mail_smtphost     = "::1"; # FIXME: Will need to use SMTP.
+      # mail_smtpmode     = "sendmail";
+      # mail_from_address = "cloud";
+
+      maintenance_window_start = 1;
+
+      # No clue why it was syslog.
+      # What are the NixOS module authors on?
+      log_type = "file";
+    };
+
+    settings.enabledPreviewProviders = [
+      "OC\\Preview\\BMP"
+      "OC\\Preview\\GIF"
+      "OC\\Preview\\JPEG"
+      "OC\\Preview\\Krita"
+      "OC\\Preview\\MarkDown"
+      "OC\\Preview\\MP3"
+      "OC\\Preview\\OpenDocument"
+      "OC\\Preview\\PNG"
+      "OC\\Preview\\TXT"
+      "OC\\Preview\\XBitmap"
+      "OC\\Preview\\HEIC"
+    ];
+
+    phpOptions = {
+      "opcache.interned_strings_buffer" = "16";
+      output_buffering                  = "off";
+    };
+
+    extraAppsEnable = true;
+    extraApps       = {
+      inherit (packageNextcloud.packages.apps)
+        bookmarks calendar contacts deck forms
+        impersonate mail maps notes previewgenerator;
+    };
+
+    nginx.recommendedHttpHeaders = true;
+  };
+
+  services.nginx.virtualHosts.${fqdn} = merge config.services.nginx.sslTemplate {
+    extraConfig = config.services.nginx.headers;    
+  };
+}