{ description = "NixOS Nextcloud server"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; }; outputs = { self, nixpkgs, ... }: { nixosModules.nextcloud = { config, lib, pkgs, ... }: let cfg = config.nextcloud; in { options.nextcloud = { enable = lib.mkOption {type = lib.types.bool;}; adminPasswordFile = lib.mkOption { type = lib.types.path; description = "Path to file containing the root password."; }; dbPasswordFile = lib.mkOption { type = lib.types.path; description = "Path to file containing the DB password."; }; domain = lib.mkOption {type = lib.types.str;}; hostName = lib.mkOption {type = lib.types.str;}; port = lib.mkOption {type = lib.types.ints.unsigned;}; }; config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; package = pkgs.nextcloud32; hostName = cfg.hostName; database.createLocally = true; https = true; port = cfg.port; caching.redis = true; config = { adminuser = "admin"; adminpassFile = cfg.adminPasswordFile; dbtype = "mysql"; dbuser = "nextcloud"; #dbhost = "localhost"; #dbpassFile = cfg.dbPasswordFile; }; settings = { trusted_domains = [cfg.domain]; }; extraApps = with config.services.nextcloud.package.packages.apps; { inherit calendar tasks contacts news; }; extraAppsEnable = true; # redis caching extraOptions = { redis = { host = "127.0.0.1"; port = 31638; dbindex = 0; timeout = 1.5; }; }; }; # nginx virtual host services.nginx.virtualHosts.${cfg.hostName} = { enableACME = true; acmeRoot = null; addSSL = true; # directs traffic to the appropriate port locations."/" = { proxyPass = "http://localhost:${cfg.port}"; proxyWebsockets = true; }; }; }; }; }; }