5.4 KiB
Nextcloud Server Service
Defined in /modules/services/nextcloud-server.nix.
This NixOS module is a service that sets up a Nextcloud Server.
Features
- Declarative Apps Configuration - no need
to configure those with the UI.
- LDAP app: enables app and sets up integration with an existing LDAP server. The defaults are suited to work with LLDAP which is provided as a building block.
- Preview Generator app: enables app and sets up required cron job.
- Only Office app: enables app and sets up Only Office service.
- Any other app through the shb.nextcloud.extraApps option.
- Demo
- Access through subdomain using reverse proxy.
- Access through HTTPS using reverse proxy.
- Automatic setup of PostgreSQL database.
- Automatic setup of Redis database for caching.
- Backup of the
shb.nextcloud.dataDirthrough the backup block. - Monitoring of reverse proxy, PHP-FPM, and database backups through the monitoring block.
- Integration Tests
- Tests system cron job is setup correctly.
- Tests initial admin user and password are setup correctly.
- Tests admin user can create and retrieve a file through WebDAV.
- Access to advanced options not exposed here thanks to how NixOS modules work.
Usage
Minimal
This will set up a Nextcloud service that runs on the NixOS target machine, reachable at
http://nextcloud.example.com. If the shb.ssl block is enabled, the
instance will be reachable at https://nextcloud.example.com.
shb.nextcloud = {
enable = true;
domain = "example.com";
subdomain = "nextcloud";
dataDir = "/var/lib/nextcloud";
adminPassFile = <path/to/secret>;
};
The secret should not be stored in the nix store. If you're using
sops-nix and assuming your secrets file is located at
./secrets.yaml, you can set the adminPassFile option with:
shb.nextcloud.adminPassFile = config.sops.secrets."nextcloud/adminpass".path;
sops.secrets."nextcloud/adminpass" = {
sopsFile = ./secrets.yaml;
mode = "0400";
owner = "nextcloud";
group = "nextcloud";
restartUnits = [ "phpfpm-nextcloud.service" ];
};
Tweak PHPFpm Config
shb.nextcloud.phpFpmPoolSettings = {
"pm" = "dynamic";
"pm.max_children" = 800;
"pm.start_servers" = 300;
"pm.min_spare_servers" = 300;
"pm.max_spare_servers" = 500;
"pm.max_spawn_rate" = 50;
"pm.max_requests" = 50;
"pm.process_idle_timeout" = "20s";
};
Tweak PostgreSQL Settings
shb.nextcloud.postgresSettings = {
max_connections = "100";
shared_buffers = "512MB";
effective_cache_size = "1536MB";
maintenance_work_mem = "128MB";
checkpoint_completion_target = "0.9";
wal_buffers = "16MB";
default_statistics_target = "100";
random_page_cost = "1.1";
effective_io_concurrency = "200";
work_mem = "2621kB";
huge_pages = "off";
min_wal_size = "1GB";
max_wal_size = "4GB";
};
Backup the Nextcloud data
TODO
Enable OnlyOffice Server
The following snippets sets up an onlyoffice instance listening at onlyoffice.example.com that
only listens on the local nextwork.
shb.nextcloud.onlyoffice = {
subdomain = "onlyoffice";
localNextworkIPRange = "192.168.1.1/24";
};
You still need to install the OnlyOffice integration in Nextcloud UI. Setting up the integration declaratively is WIP.
Also, you will need to explicitly allow the package corefonts:
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [
"corefonts"
];
Enable Monitoring
Enable the monitoring block.
Enable Tracing
You can enable tracing with:
shb.nextcloud.debug = true;
Traces will be located at /var/log/xdebug.
See my blog post for how to look at the traces.
Demo
Head over to the Nextcloud demo for a demo that installs Nextcloud on a VM with minimal manual steps.
Maintenance
On the command line, the occ tool is called nextcloud-occ.
Options Reference
id-prefix: services-nextcloud-server-options-
list-id: selfhostblocks-service-nextcloud-options
source: @OPTIONS_JSON@