From b5a295da8f224a8984771be227e1f3a44fa36cb5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 2 Jul 2023 22:46:37 +0200 Subject: l ubik.r: enable nextcloud --- lass/1systems/ubik/config.nix | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/lass/1systems/ubik/config.nix b/lass/1systems/ubik/config.nix index 1d836d4ec..b153c0d3b 100644 --- a/lass/1systems/ubik/config.nix +++ b/lass/1systems/ubik/config.nix @@ -14,13 +14,25 @@ with import ; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPBFGMjH0+Dco6DVFZbByENMci8CFTLXCL7j53yctPnM"; }; - networking.firewall.allowedTCPPorts = [ 80 ]; + security.acme = { + acceptTerms = true; + defaults.email = "acme@lassul.us"; + }; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + # nextcloud + services.nginx.virtualHosts."c.apanowicz.de" = { + enableACME = true; + forceSSL = true; + }; services.nextcloud = { enable = true; + enableBrokenCiphersForSSE = false; hostName = "c.apanowicz.de"; package = pkgs.nextcloud25; config.adminpassFile = "/run/nextcloud.pw"; https = true; + maxUploadSize = "9001M"; }; systemd.services.nextcloud-setup.serviceConfig.ExecStartPre = [ "+${pkgs.writeDash "copy-pw" '' -- cgit v1.2.3