ahuston-0
73406a8be3
All checks were successful
Check flake.lock / Check health of `flake.lock` (push) Successful in 11s
Check Nix formatting / Perform Nix format checks (push) Successful in 2m30s
Check Nix flake / Perform Nix flake checks (ubuntu-latest) (push) Successful in 6m52s
Check flake.lock / Check health of `flake.lock` (pull_request) Successful in 6s
Check Nix formatting / Perform Nix format checks (pull_request) Successful in 2m11s
Check Nix flake / Perform Nix flake checks (ubuntu-latest) (pull_request) Successful in 6m7s
108 lines
2.8 KiB
Nix
108 lines
2.8 KiB
Nix
{ config, ... }:
|
|
|
|
let
|
|
vars = import ../vars.nix;
|
|
nextcloud_path = vars.primary_nextcloud;
|
|
redis_path = vars.primary_redis;
|
|
|
|
# nextcloud-image = import ./nextcloud-image { inherit pkgs; };
|
|
nextcloud-base = {
|
|
# image comes from running docker compose build in nextcloud-docker/.examples/full/apache
|
|
image = "nextcloud-nextcloud";
|
|
hostname = "nextcloud";
|
|
volumes = [
|
|
"${nextcloud_path}/nc_data:/var/www/html:z"
|
|
"${nextcloud_path}/nc_php:/usr/local/etc/php"
|
|
"${nextcloud_path}/nc_prehooks:/docker-entrypoint-hooks.d/before-starting"
|
|
#"${nextcloud_path}/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro"
|
|
];
|
|
extraOptions = [
|
|
"--network=haproxy-net"
|
|
"--network=postgres-net"
|
|
"--network=nextcloud_default"
|
|
];
|
|
dependsOn = [ "redis" ];
|
|
environmentFiles = [ config.sops.secrets."docker/nextcloud".path ];
|
|
};
|
|
in
|
|
{
|
|
virtualisation.oci-containers.containers = {
|
|
nextcloud = nextcloud-base // {
|
|
ports = [ "9999:80" ];
|
|
};
|
|
redis = {
|
|
image = "redis:latest";
|
|
user = "600:600";
|
|
volumes = [
|
|
"${config.sops.secrets."docker/redis".path}:/usr/local/etc/redis/redis.conf"
|
|
"${redis_path}:/data"
|
|
];
|
|
extraOptions = [
|
|
"--network=nextcloud_default"
|
|
];
|
|
cmd = [
|
|
"redis-server"
|
|
"/usr/local/etc/redis/redis.conf"
|
|
];
|
|
};
|
|
go-vod = {
|
|
image = "radialapps/go-vod:latest";
|
|
dependsOn = [ "nextcloud" ];
|
|
environment = {
|
|
NEXTCLOUD_HOST = "https://nextcloud.alicehuston.xyz";
|
|
};
|
|
volumes = [ "${nextcloud_path}/nc_data:/var/www/html:ro" ];
|
|
extraOptions = [
|
|
"--device=/dev/dri:/dev/dri"
|
|
];
|
|
};
|
|
collabora-code = {
|
|
image = "collabora/code:latest";
|
|
dependsOn = [ "nextcloud" ];
|
|
environment = {
|
|
aliasgroup1 = "https://collabora.nayenoie.com:443";
|
|
aliasgroup2 = "https://nextcloud.alicehuston.xyz:443";
|
|
aliasgroup3 = "https://.*:443";
|
|
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
|
|
};
|
|
environmentFiles = [
|
|
config.sops.secrets."docker/collabora".path
|
|
];
|
|
extraOptions = [
|
|
"--network=haproxy-net"
|
|
"--privileged"
|
|
];
|
|
ports = [ "9980:9980" ];
|
|
};
|
|
};
|
|
|
|
users.users.www-data = {
|
|
uid = 33;
|
|
isSystemUser = true;
|
|
group = "www-data";
|
|
};
|
|
|
|
users.groups.www-data = {
|
|
gid = 33;
|
|
members = [ "www-data" ];
|
|
};
|
|
|
|
sops = {
|
|
defaultSopsFile = ../secrets.yaml;
|
|
secrets = {
|
|
"docker/redis" = {
|
|
owner = "docker-service";
|
|
restartUnits = [ "docker-redis.service" ];
|
|
};
|
|
"docker/nextcloud" = {
|
|
owner = "www-data";
|
|
restartUnits = [ "docker-nextcloud.service" ];
|
|
};
|
|
"docker/collabora" = {
|
|
owner = "www-data";
|
|
restartUnits = [ "docker-collabora.service" ];
|
|
};
|
|
};
|
|
};
|
|
}
|