hosting/selfhostblocks
1
0
Fork 0
Code Issues Activity
selfhostblocks/modules/services/nextcloud-server/docs/default.md
ibizaman d908ae31c5 add nextcloud manual
2023-12-25 00:51:44 -08:00

4.5 KiB
Raw Blame History

Nextcloud Server Service

Defined in /modules/services/nextcloud-server.nix.

This NixOS module is a service that sets up a Nextcloud Server.

Features

  • Integration Tests (TODO: need to add some)
  • Demo
  • Access through subdomain using reverse proxy.
  • Access through HTTPS using reverse proxy.
  • Automatic setup of PostgreSQL database.
  • Backup of the shb.nextcloud.dataDir through the backup block.
  • Monitoring of reverse proxy, PHP-FPM, and database backups through the monitoring block.
  • Automatic setup of Only Office service if the shb.nextcloud.onlyoffice option is given. The integration still needs to be set up in the UI manually though.
  • Access to advanced options not exposed here thanks to how NixOS modules work.

Usage

Minimal

This will set up a Nextcloud service that runs on the NixOS target machine, reachable at http://nextcloud.example.com. If the shb.ssl block is enabled, the instance will be reachable at https://nextcloud.example.com.

shb.nextcloud = {
  enable = true;
  domain = "example.com";
  subdomain = "nextcloud";
  dataDir = "/var/lib/nextcloud";
  adminPassFile = <path/to/secret>;
};

The secret should not be stored in the nix store. If you're using sops-nix and assuming your secrets file is located at ./secrets.yaml, you can set the adminPassFile option with:

shb.nextcloud.adminPassFile = config.sops.secrets."nextcloud/adminpass".path;

sops.secrets."nextcloud/adminpass" = {
  sopsFile = ./secrets.yaml;
  mode = "0400";
  owner = "nextcloud";
  group = "nextcloud";
  restartUnits = [ "phpfpm-nextcloud.service" ];
};

Tweak PHPFpm Config

shb.nextcloud.phpFpmPoolSettings = {
  "pm" = "dynamic";
  "pm.max_children" = 800;
  "pm.start_servers" = 300;
  "pm.min_spare_servers" = 300;
  "pm.max_spare_servers" = 500;
  "pm.max_spawn_rate" = 50;
  "pm.max_requests" = 50;
  "pm.process_idle_timeout" = "20s";
};

Tweak PostgreSQL Settings

shb.nextcloud.postgresSettings = {
  max_connections = "100";
  shared_buffers = "512MB";
  effective_cache_size = "1536MB";
  maintenance_work_mem = "128MB";
  checkpoint_completion_target = "0.9";
  wal_buffers = "16MB";
  default_statistics_target = "100";
  random_page_cost = "1.1";
  effective_io_concurrency = "200";
  work_mem = "2621kB";
  huge_pages = "off";
  min_wal_size = "1GB";
  max_wal_size = "4GB";
};

Backup the Nextcloud data

TODO

Enable OnlyOffice Server

The following snippets sets up an onlyoffice instance listening at onlyoffice.example.com that only listens on the local nextwork.

shb.nextcloud.onlyoffice = {
  subdomain = "onlyoffice";
  localNextworkIPRange = "192.168.1.1/24";
};

You still need to install the OnlyOffice integration in Nextcloud UI. Setting up the integration declaratively is WIP.

Also, you will need to explicitly allow the package corefonts:

nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [
  "corefonts"
];

Enable Monitoring

Enable the monitoring block.

Enable Tracing

You can enable tracing with:

shb.nextcloud.debug = true;

Traces will be located at /var/log/xdebug.

See my blog post for how to look at the traces.

Demo

Head over to the Nextcloud demo for a demo that installs Nextcloud on a VM with minimal manual steps.

Maintenance

On the command line, the occ tool is called nextcloud-occ.

Options Reference

id-prefix: services-nextcloud-server-options-
list-id: selfhostblocks-service-nextcloud-options
source: @OPTIONS_JSON@