numbus/numbus-server-module
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c90169f242f68bbe495c8ae74cf8bd6ab0be5b2c
numbus-server-module/modules/services/nextcloud.nix
T
Raphaël Numbus 583963c7dc First commit
2026-02-18 22:22:31 +01:00

131 lines
4.4 KiB
Nix
Raw Blame History

{ config, pkgs, ... }:
let
container_name = "nextcloud";
compose_file = "podman/nextcloud/compose.yaml";
data_dir = "/mnt/data/nextcloud";
in
{
config = {
environment.etc."${compose_file}".text =
/*
yaml
*/
''
services:
nextcloud-server:
image: docker.io/library/nextcloud:latest
container_name: nextcloud-server
restart: unless-stopped
networks:
nextcloud_frontend:
nextcloud_backend:
volumes:
- nextcloud_data:/var/www/html
- ${data_dir}:/var/www/html/data
environment:
MYSQL_HOST: nextcloud-database
MYSQL_DATABASE: $MYSQL_DATABASE
MYSQL_USER: $MYSQL_USER
MYSQL_PASSWORD: $MYSQL_PASSWORD
REDIS_HOST: nextcloud-redis
REDIS_HOST_PASSWORD: $REDIS_HOST_PASSWORD
NEXTCLOUD_TRUSTED_DOMAINS: $DOMAIN_NAME
SMTP_HOST: $SMTP_HOST
SMTP_SECURE: tls
SMTP_PORT: $SMTP_PORT
SMTP_NAME: $SMTP_NAME
SMTP_PASSWORD: $SMTP_PASSWORD
MAIL_FROM_ADDRESS: $MAIL_FROM_ADDRESS
MAIL_DOMAIN: $DOMAIN_NAME
APACHE_DISABLE_REWRITE_IP: 1
TRUSTED_PROXIES: traefik
OVERWRITEPROTOCOL: https
labels:
- traefik.enable=true
- traefik.docker.network=nextcloud_frontend
- traefik.http.services.nextcloud.loadbalancer.server.port=80
- traefik.http.services.nextcloud.loadbalancer.server.scheme=http
- traefik.http.routers.nextcloud-https.entrypoints=websecure
- traefik.http.routers.nextcloud-https.rule=Host(`nextcloud.$DOMAIN_NAME`)
- traefik.http.routers.nextcloud-https.tls=true
- traefik.http.routers.nextcloud-https.tls.certresolver=cloudflare
depends_on:
- nextcloud-database
nextcloud-redis:
image: docker.io/library/redis:alpine
name: nextcloud-redis
restart: unless-stopped
networks:
nextcloud_backend:
command: redis-server --requirepass $REDIS_HOST_PASSWORD
nextcloud-database:
image: docker.io/library/mariadb:latest
container_name: nextcloud-database
restart: unless-stopped
networks:
nextcloud_backend:
volumes:
- nextcloud_database:/var/lib/mysql
environment:
MARIADB_DATABASE: $MYSQL_DATABASE
MARIADB_USER: $MYSQL_USER
MARIADB_PASSWORD: $MYSQL_PASSWORD
MARIADB_RANDOM_ROOT_PASSWORD: true
networks:
nextcloud_frontend:
external: true
nextcloud_backend:
external: true
volumes:
nextcloud_data:
nextcloud_database:
'';
systemd.services."${container_name}" = {
description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" "pi-hole.service" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman pkgs.coreutils ];
serviceConfig = {
User = "numbus-admin";
Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
Type = "exec";
TimeoutStartSec = "600";
ExecStartPre = [
"${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 180))'"
"-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
];
ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
Restart = "on-failure";
RestartSec = "5m";
StartLimitBurst = "3";
};
};
systemd.services."update-${container_name}" = {
description = "Update ${container_name} container";
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service";
};
};
systemd.timers."update-${container_name}" = {
timerConfig = {
OnCalendar = "02:00";
RandomizedDelaySec = "60m";
Unit = "update-${container_name}.service";
};
wantedBy = [ "timers.target" ];
};
};
}
Reference in New Issue View Git Blame Copy Permalink