nixin-krops/modules/nextcloud.nix

# Forgejo
{ config, pkgs, lib, ... }:

let
  inherit (lib) mkOption mkDefault;
in
{
  options = {
    nixin.nextcloud = {
      domain = mkOption { type = lib.types.str; };
      admin-user = mkOption { type = lib.types.str; };
      admin-pwd = mkOption { type = lib.types.str; };
      container-address = mkOption { type = lib.types.str; };
      host-address = mkOption { type = lib.types.str; };
      address-prefix = mkOption { type = lib.types.str; };
    };
  };

  config = {
    networking.hosts = {
      "127.0.0.1" = [ "${config.nixin.nextcloud.domain}" ];
    };

    containers.nextcloud = {
      privateNetwork = true;
      hostBridge = "br0"; # Specify the bridge name
      localAddress = "${config.nixin.nextcloud.container-address}${config.nixin.nextcloud.address-prefix}";
      #localAddress6 = containerIp6;
      autoStart = true;
      hostAddress = "${config.nixin.nextcloud.host-address}";
      #hostAddress6 = "fc00::1";
      config = let 
        nextcloud-domain = "${config.nixin.nextcloud.domain}"; 
        nextcloud-admin-pwd = "${config.nixin.nextcloud.admin-pwd}"; 
        nextcloud-admin-user = "${config.nixin.nextcloud.admin-user}"; 
      in { config, pkgs, lib, ... }: {
        environment.etc."nextcloud-admin-pwd".text = "${nextcloud-admin-pwd}";
        services.nextcloud = {
          enable = true;
          package = pkgs.nextcloud30;
          hostName = "localhost";
          maxUploadSize = "1G";
          settings = {
            trusted_domains = [ "${nextcloud-domain}" ];
          };
          database.createLocally = true;
          config = {
            dbtype = "pgsql";
            adminuser = "${nextcloud-admin-user}";
            adminpassFile = "/etc/nextcloud-admin-pwd";
          };
        };

        system.stateVersion = "24.11";

        networking = {
          firewall = {
            enable = true;
            allowedTCPPorts = [ 80 ];
          };
          # Use systemd-resolved inside the container
          # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
          useHostResolvConf = lib.mkForce false;
        };
    
        services.resolved.enable = true;
      };
    };

    networking.firewall.extraCommands = ''
      iptables -w -t nat -A POSTROUTING -s ${config.containers.nextcloud.localAddress} -j MASQUERADE
    '';

  };
}
add nextcloud to arachnide server, using a nixos container 2024-12-22 14:58:09 +00:00			`# Forgejo`
			`{ config, pkgs, lib, ... }:`

			`let`
			`inherit (lib) mkOption mkDefault;`
			`in`
			`{`
			`options = {`
			`nixin.nextcloud = {`
			`domain = mkOption { type = lib.types.str; };`
			`admin-user = mkOption { type = lib.types.str; };`
			`admin-pwd = mkOption { type = lib.types.str; };`
			`container-address = mkOption { type = lib.types.str; };`
			`host-address = mkOption { type = lib.types.str; };`
			`address-prefix = mkOption { type = lib.types.str; };`
			`};`
			`};`

			`config = {`
			`networking.hosts = {`
			`"127.0.0.1" = [ "${config.nixin.nextcloud.domain}" ];`
			`};`

			`containers.nextcloud = {`
			`privateNetwork = true;`
			`hostBridge = "br0"; # Specify the bridge name`
			`localAddress = "${config.nixin.nextcloud.container-address}${config.nixin.nextcloud.address-prefix}";`
			`#localAddress6 = containerIp6;`
			`autoStart = true;`
			`hostAddress = "${config.nixin.nextcloud.host-address}";`
			`#hostAddress6 = "fc00::1";`
			`config = let`
			`nextcloud-domain = "${config.nixin.nextcloud.domain}";`
			`nextcloud-admin-pwd = "${config.nixin.nextcloud.admin-pwd}";`
			`nextcloud-admin-user = "${config.nixin.nextcloud.admin-user}";`
			`in { config, pkgs, lib, ... }: {`
			`environment.etc."nextcloud-admin-pwd".text = "${nextcloud-admin-pwd}";`
			`services.nextcloud = {`
			`enable = true;`
			`package = pkgs.nextcloud30;`
			`hostName = "localhost";`
			`maxUploadSize = "1G";`
			`settings = {`
			`trusted_domains = [ "${nextcloud-domain}" ];`
			`};`
			`database.createLocally = true;`
			`config = {`
			`dbtype = "pgsql";`
			`adminuser = "${nextcloud-admin-user}";`
			`adminpassFile = "/etc/nextcloud-admin-pwd";`
			`};`
			`};`

			`system.stateVersion = "24.11";`

			`networking = {`
			`firewall = {`
			`enable = true;`
			`allowedTCPPorts = [ 80 ];`
			`};`
			`# Use systemd-resolved inside the container`
			`# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686`
			`useHostResolvConf = lib.mkForce false;`
			`};`

			`services.resolved.enable = true;`
			`};`
			`};`

add etherpad to arachnide server and fix internet access from nixos-containers 2024-12-22 16:12:20 +00:00			`networking.firewall.extraCommands = ''`
			`iptables -w -t nat -A POSTROUTING -s ${config.containers.nextcloud.localAddress} -j MASQUERADE`
			`'';`
add nextcloud to arachnide server, using a nixos container 2024-12-22 14:58:09 +00:00
			`};`
			`}`