nixos/services/nextcloud.nix

{ pkgs, config, ... }:

{
  imports = [ ./caddy.nix ];
  services.nextcloud = {
    enable = true;
    package = pkgs.nextcloud27;
    hostName = "cloud.xenia.me.uk";
    config = {
      adminuser = "xenia";
      adminpassFile = "/secrets/nextcloud_admin.txt";
    };
    extraOptions = {
      trusted_proxies = [ "192.168.1.230" ];
      overwriteprotocol = "https";
    };
    phpOptions = {
      catch_workers_output = "yes";
      display_errors = "stderr";
      error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
      expose_php = "Off";
      "opcache.enable_cli" = "1";
      "opcache.fast_shutdown" = "1";
      "opcache.interned_strings_buffer" = "8";
      "opcache.max_accelerated_files" = "10000";
      "opcache.memory_consumption" = "128";
      "opcache.revalidate_freq" = "1";
      "openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
      short_open_tag = "Off";
      # upload_max_filesize = "16G";
      # post_max_size = "16G";
      max_input_time = "3600";
      max_execution_time = "3600";
    };
    extraApps = with pkgs.nextcloud26Packages.apps; {
      inherit calendar contacts bookmarks;
    };
    extraAppsEnable = true;
  };
  services.nginx.virtualHosts.${config.services.nextcloud.hostName}.listen = [{
    addr = "localhost";
    port = 8000;
  }];
  services.caddy.virtualHosts."cloud.xenia.me.uk".extraConfig = ''
    redir /.well-known/carddav /remote.php/dav 301
    redir /.well-known/caldav /remote.php/dav 301
    reverse_proxy http://localhost:8000
  '';
}