diff options
author | lassulus <git@lassul.us> | 2023-07-02 22:46:37 +0200 |
---|---|---|
committer | lassulus <git@lassul.us> | 2023-07-02 22:46:37 +0200 |
commit | b5a295da8f224a8984771be227e1f3a44fa36cb5 (patch) | |
tree | 328b06db9399c0b6b17514afb5d8f4daffeb23f0 | |
parent | 0ac8623840c17a905fcebe7180e8c3963fd0ef3f (diff) |
l ubik.r: enable nextcloud
-rw-r--r-- | lass/1systems/ubik/config.nix | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/lass/1systems/ubik/config.nix b/lass/1systems/ubik/config.nix index 1d836d4ec..b153c0d3b 100644 --- a/lass/1systems/ubik/config.nix +++ b/lass/1systems/ubik/config.nix @@ -14,13 +14,25 @@ with import <stockholm/lib>; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPBFGMjH0+Dco6DVFZbByENMci8CFTLXCL7j53yctPnM"; }; - networking.firewall.allowedTCPPorts = [ 80 ]; + security.acme = { + acceptTerms = true; + defaults.email = "acme@lassul.us"; + }; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + # nextcloud + services.nginx.virtualHosts."c.apanowicz.de" = { + enableACME = true; + forceSSL = true; + }; services.nextcloud = { enable = true; + enableBrokenCiphersForSSE = false; hostName = "c.apanowicz.de"; package = pkgs.nextcloud25; config.adminpassFile = "/run/nextcloud.pw"; https = true; + maxUploadSize = "9001M"; }; systemd.services.nextcloud-setup.serviceConfig.ExecStartPre = [ "+${pkgs.writeDash "copy-pw" '' |