summaryrefslogtreecommitdiffstats
path: root/lass/1systems
diff options
context:
space:
mode:
authorlassulus <git@lassul.us>2023-07-02 22:46:37 +0200
committerlassulus <git@lassul.us>2023-07-02 22:46:37 +0200
commitb5a295da8f224a8984771be227e1f3a44fa36cb5 (patch)
tree328b06db9399c0b6b17514afb5d8f4daffeb23f0 /lass/1systems
parent0ac8623840c17a905fcebe7180e8c3963fd0ef3f (diff)
l ubik.r: enable nextcloud
Diffstat (limited to 'lass/1systems')
-rw-r--r--lass/1systems/ubik/config.nix14
1 files changed, 13 insertions, 1 deletions
diff --git a/lass/1systems/ubik/config.nix b/lass/1systems/ubik/config.nix
index 1d836d4ec..b153c0d3b 100644
--- a/lass/1systems/ubik/config.nix
+++ b/lass/1systems/ubik/config.nix
@@ -14,13 +14,25 @@ with import <stockholm/lib>;
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPBFGMjH0+Dco6DVFZbByENMci8CFTLXCL7j53yctPnM";
};
- networking.firewall.allowedTCPPorts = [ 80 ];
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "acme@lassul.us";
+ };
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+ # nextcloud
+ services.nginx.virtualHosts."c.apanowicz.de" = {
+ enableACME = true;
+ forceSSL = true;
+ };
services.nextcloud = {
enable = true;
+ enableBrokenCiphersForSSE = false;
hostName = "c.apanowicz.de";
package = pkgs.nextcloud25;
config.adminpassFile = "/run/nextcloud.pw";
https = true;
+ maxUploadSize = "9001M";
};
systemd.services.nextcloud-setup.serviceConfig.ExecStartPre = [
"+${pkgs.writeDash "copy-pw" ''