From 24de1041397c8d99eedc8faa3ce03d07317c615b Mon Sep 17 00:00:00 2001
From: Hadi <112569860+anotherhadi@users.noreply.github.com>
Date: Fri, 7 Jun 2024 22:53:04 +0200
Subject: [PATCH] Update

---
 hosts/server/nextcloud.nix | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/hosts/server/nextcloud.nix b/hosts/server/nextcloud.nix
index 9a4a12a..cc23e8b 100644
--- a/hosts/server/nextcloud.nix
+++ b/hosts/server/nextcloud.nix
@@ -7,8 +7,27 @@
     package = pkgs.nextcloud29;
     hostName = "localhost";
     config.adminpassFile = "/etc/nextcloudpwd";
-    settings = { overwritehost = "localhost:8080"; };
+    nginx.enable = true;
   };
 
-  networking.firewall.allowedTCPPorts = [ 8080 ];
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+  services.nginx = {
+    enable = true;
+
+    # Use recommended settings
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+
+    # Only allow PFS-enabled ciphers with AES256
+    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
+
+    # Setup Nextcloud virtual host to listen on ports
+    virtualHosts = {
+
+      "localhost" = { };
+    };
+  };
 }