From a3ffbec4b2417125f8096d15750ebd2878013c8e Mon Sep 17 00:00:00 2001
From: mc-fucker <dev@mc-fucker.cool>
Date: Tue, 23 Nov 2021 11:17:26 +0100
Subject: [PATCH] added nextcloud

---
 modules/nextcloud.nix                  | 46 ++++++++++++++++++++++++++
 modules/postgresql.nix                 | 18 ++++++++++
 systems/mc4/configuration.nix          |  2 ++
 systems/mc4/hardware-configuration.nix |  2 ++
 4 files changed, 68 insertions(+)
 create mode 100644 modules/nextcloud.nix
 create mode 100644 modules/postgresql.nix

diff --git a/modules/nextcloud.nix b/modules/nextcloud.nix
new file mode 100644
index 0000000..15c90a8
--- /dev/null
+++ b/modules/nextcloud.nix
@@ -0,0 +1,46 @@
+{ pkgs, config, ... }:
+{
+  services.nextcloud = {
+    enable = true;
+    hostName = "nc.mc-fucker.cool";
+    package = pkgs.nextcloud22;
+    https = true;
+    config = {
+      dbtype = "pgsql";
+      #dbhost = "postgres";
+      dbhost = "/run/postgresql";
+      #dbpassFile = "/etc/nixos/keys/nextcloud-dbpassword";
+      extraTrustedDomains = [ "mc4" ];
+      adminpassFile = "/etc/nixos/keys/nextcloud-adminpassword";
+      adminuser = "Superadmin";
+    };
+    poolSettings = {
+      "pm" = "dynamic";
+      "pm.max_children" = "128";
+      "pm.max_requests" = "500";
+      "pm.max_spare_servers" = "18";
+      "pm.min_spare_servers" = "6";
+      "pm.start_servers" = "12";
+    };
+  };
+
+  services.nginx = {
+    #package = pkgs.nginxMainline;
+    package = pkgs.nginxQuic;
+    virtualHosts."${config.services.nextcloud.hostName}" = {
+      forceSSL = true;
+      #sslCertificate = "/etc/letsencrypt/live/mc-fucker.cool/cert.pem";
+      #sslCertificateKey = "/etc/letsencrypt/live/mc-fucker.cool/privkey.pem";
+      enableACME = true;
+      http3 = true;
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  security.acme = {
+    acceptTerms = true;
+    email = "dev@mc-fucker.cool";
+  };
+}
+
+# vim: set et ts=2 sw=2 ai:
diff --git a/modules/postgresql.nix b/modules/postgresql.nix
new file mode 100644
index 0000000..dec9d3b
--- /dev/null
+++ b/modules/postgresql.nix
@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+{
+  services.postgresql = {
+    enable = true;
+    package = pkgs.postgresql_13;
+    ensureDatabases = [ "nextcloud" ];
+    ensureUsers = [
+      {
+        name = "nextcloud";
+        ensurePermissions = {
+          "DATABASE nextcloud" = "ALL PRIVILEGES";
+        };
+      }
+    ];
+  };
+}
+
+# vim: set et ts=2 sw=2 ai:
diff --git a/systems/mc4/configuration.nix b/systems/mc4/configuration.nix
index e137ba8..961a6b7 100644
--- a/systems/mc4/configuration.nix
+++ b/systems/mc4/configuration.nix
@@ -8,6 +8,8 @@
     [
       ./hardware-configuration.nix
       ./modules/generic.nix
+      ./modules/nextcloud.nix
+      ./modules/postgresql.nix
     ];
 
   system.stateVersion = "21.05";
diff --git a/systems/mc4/hardware-configuration.nix b/systems/mc4/hardware-configuration.nix
index 72528c3..95ef8d6 100644
--- a/systems/mc4/hardware-configuration.nix
+++ b/systems/mc4/hardware-configuration.nix
@@ -35,3 +35,5 @@
   };
 
 }
+
+# vim: set et ts=2 sw=2 ai: