victor/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

containers: added nextcloud

Browse Source
This commit is contained in:
Victor Ișan 2026-03-04 15:11:29 +01:00
parent 03a4697cbd
commit 1eed275c37
6 changed files with 96 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/isengard.nix
View File

@ -12,6 +12,7 @@
../modules/containers/ntfy.nix
../modules/containers/mindwtr.nix
../modules/containers/vaultwarden.nix
../modules/containers/nextcloud.nix
../modules/containers/actualbudget.nix
];

12
modules/agenix.nix
View File

@ -17,5 +17,17 @@
group = "root";
mode = "0400";
};
nextcloud = {
file = ../secrets/nextcloud.age;
owner = "root";
group = "root";
mode = "0400";
};
nextcloud-db = {
file = ../secrets/nextcloud-db.age;
owner = "root";
group = "root";
mode = "0400";
};
};
}

50
modules/containers/nextcloud.nix Normal file
View File

@ -0,0 +1,50 @@
{ config, ... }:
let
workDir = "/srv/containers/nextcloud";
in
{
systemd.tmpfiles.rules = [
"d ${workDir} 2700 root admin"
];
virtualisation.oci-containers.containers = {
nextcloud = {
autoStart = true;
image = "nextcloud:31-apache";
ports = [
"0.0.0.0:10003:80"
];
volumes = [
"${workDir}/html:/var/www/html"
];
environmentFiles = [
config.age.secrets.nextcloud.path
];
dependsOn = [
"nextcloud-db"
"nextcloud-redis"
];
};
nextcloud-db = {
image = "postgres:18"; # trixie
volumes = [
"${workDir}/db:/var/lib/postgresql/data"
];
environmentFiles = [
config.age.secrets.nextcloud-db.path
];
};
nextcloud-redis = {
image = "redis:8-alpine"; # trixie
};
};
}

14
secrets/nextcloud-db.age Normal file
View File

@ -0,0 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFA5bEdnQSBEZ3Vz
d3orRHowOXVDNHJwakkzT1I4d2pyZ1FsWS9VTmwyTWd6RUNZT0hZCmVhc1ZpNHhp
cG42RytDYnp3SUpSdlk0NG9uUTE1V083bFRzcjc2U2VaZkkKLT4gc3NoLWVkMjU1
MTkgS0tuNDVBIEY5SEVqSXVKY2RqS0pUeWxaV0ZmR29ON1Bzd1l6RjhuRWJsSzZJ
dlpCbU0KbUFlQXY4SzRkZjBOK2ZPa3E5SDFpY1hJeW1WVG1WWkRoTEFtTmVQMzll
OAotPiBHRyt9KmktZ3JlYXNlIERlN3ItXlBNIFIsIEdkV3M9Y2MKekNlOWpLSkNo
QXlCK3BOZ1F5VjdOWFhpcDdmTTZQVVhzaUUwKzdHWTNTeC9NWk1rcXB3c0VLSHNV
a2ljeHZDcwp1eTRZVEpiT3BWMGFjZmpyWVBwQmcwL2RBRkd4MFp3NU9xTmtMQmox
Tk9aWkhVVjVtdwotLS0gK0VDelV6STAyaDdra2cxNmo3aU5oRkNaWG1BTDdGVjl2
aHpZNEF0bXc5bwrhlJWA0sUbTA7oEgWlWf9JXHZMl7U9eSyHQG+zEkczL1BSaz9t
fmwoLh+TjBr6iyPbzRqIl5xzgzgXINEhUlgT3XrnxCzW+L8Me2haB/aEE37+RjLk
XX7tJ3Z07tRsPxTbJZGKM7QeYy8PeAYxTsi+0XI9NCYahg==
-----END AGE ENCRYPTED FILE-----

17
secrets/nextcloud.age Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFA5bEdnQSBLU00z
blhGYXhzTi9ZbFk0cTcwYkdCTHdubzlRMC9VNUNXTEpsYjF1SXpZCmxKNDduTUhK
R3NrZTlIMFNiV0MwU3A2SkFadmlkOWh3SS9PSjYvdWkvYTAKLT4gc3NoLWVkMjU1
MTkgS0tuNDVBIFA0L0wycEpHTmFxeTd1WVZCTlFnb3N3bEY4ZUpib3IwZmxjUERY
YkdUbGsKSzA3UWV0VGUvNFc1anpNNmlCaWRkaU12bnBvaGY0M2dDNU03RENqWmNq
SQotPiBlLWdyZWFzZQpnR2JTU1hhYThPZjZVcjhLc3ZpdTdjR0NVUnlxZG5YdkQ4
VDN5ekZnazVURm5BN1JpM21LQmJNd1pkVitzMFIrCjJObkVIckFYTlhjQXc4NWxO
b3pOTGUyeloxYlJRYjBmVGpvcmdKVU1oUTBxWTJJdmw3blpKZTQweFMvZnRwOAot
LS0gWXc5V2h5bDNlSnNaZ1RSeUk2WEIrK3EvL1hSQzhIYS8vQnZnb05BbXpxNApP
ol1JWMDsMI4WYlU5NzoQbQ7cCkXZMzpGKQe15/1BFSpoqrmx9TADFQhJGeuzGyHc
HcI69emv77Tdq60sRQJ2dsCZccCFPGmxoAzYeXdZL6Tz6fmSvFvIra8Y0YEmYU7S
jbfxhwutsX4TfUMILO+qM3jWX5YORLUK0XtD415T9RG4j2zV61tvsaSpANwgB+Ri
lFz+TRm7XVWayH+hOoQWV2lcBDjEIBXgge5G2EwyEup93LUNaOmoe9np34LWGD0l
FUUKhQJQC4knE6oabYcn4V9zmYHV+stCUr8xnc9R1HJVRIFwfQBSBkyNZyd/PzSz
HP2rubkgW9ZR
-----END AGE ENCRYPTED FILE-----

2
secrets/secrets.nix
View File

@ -7,4 +7,6 @@ let
in
{
"vaultwarden.age".publicKeys = [ victor isengard ];
"nextcloud.age".publicKeys = [ victor isengard ];
"nextcloud-db.age".publicKeys = [ victor isengard ];
}