38 lines
1,002 B
Nix
38 lines
1,002 B
Nix
{ config, pkgs, lib, ... }:
|
||
|
||
{
|
||
imports = [ ./flowback-options.nix ];
|
||
|
||
# Enable nginx + ACME (TLS). Works when DNS points correctly.
|
||
services.nginx.enable = true;
|
||
|
||
security.acme.acceptTerms = true;
|
||
# I will change this email later
|
||
security.acme.defaults.email = "new.fadi.b@gmail.com";
|
||
|
||
services.nextcloud = {
|
||
enable = true;
|
||
package = pkgs.nextcloud33;
|
||
hostName = config.services.flowback.nextcloudHost;
|
||
https = true;
|
||
|
||
# Performance / reliability
|
||
configureRedis = true;
|
||
|
||
# DB locally (Postgres) — production-ready baseline
|
||
database.createLocally = true;
|
||
|
||
# Admin bootstrap secret will be wired via sops later.
|
||
# For now, placeholder: you’ll set adminpassFile via sops secret.
|
||
config = {
|
||
adminuser = "admin";
|
||
adminpassFile = "/var/lib/sops-nix/nextcloud-adminpass";
|
||
dbtype = "pgsql";
|
||
};
|
||
};
|
||
|
||
services.nginx.virtualHosts.${config.services.flowback.nextcloudHost} = {
|
||
forceSSL = true;
|
||
enableACME = true;
|
||
};
|
||
}
|