{ pkgs, config, ... }: { services.nextcloud = { autoUpdateApps.enable = true; enable = true; caching.redis = true; hostName = "nc.mc-fucker.cool"; package = pkgs.nextcloud23; https = true; config = { dbtype = "pgsql"; #dbhost = "postgres"; dbhost = "/run/postgresql"; #dbpassFile = "/etc/nixos/keys/nextcloud-dbpassword"; extraTrustedDomains = [ "mc4" ]; adminpassFile = "/etc/nixos/keys/nextcloud-adminpassword"; adminuser = "Superadmin"; defaultPhoneRegion = "DE"; }; #poolSettings = { # "pm" = "dynamic"; # "pm.max_children" = "256"; # "pm.max_requests" = "1000"; # "pm.max_spare_servers" = "64"; # "pm.min_spare_servers" = "24"; # "pm.start_servers" = "32"; #}; }; services.nginx = { #package = pkgs.nginxMainline; package = pkgs.nginxQuic; virtualHosts."${config.services.nextcloud.hostName}" = { forceSSL = true; enableACME = true; #http3 = true; }; }; services.redis = { enable = true; unixSocket = "/run/redis/redis.sock"; unixSocketPerm = 770; }; users.groups.redis.members = [ "nextcloud" ]; networking.firewall.allowedTCPPorts = [ 80 443 ]; security.acme = { acceptTerms = true; email = "dev@mc-fucker.cool"; }; systemd.services.nextcloud-redis-setup = let redisConfig = pkgs.writeText "nextcloud-redis-config.php" '' '\OC\Memcache\Redis', 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => [ 'host' => '${config.services.redis.unixSocket}', 'port' => 0, 'dbindex' => 0, 'timeout' => 1.5, ], ]; ''; in { wantedBy = [ "multi-user.target" ]; before = [ "phpfpm-nextcloud.service" ]; script = '' ln -sf ${redisConfig} ${config.services.nextcloud.datadir}/config/redis.config.php ''; serviceConfig.Type = "oneshot"; serviceConfig.User = "nextcloud"; }; } # vim: set et ts=2 sw=2 ai: