34 lines
747 B
Nix
34 lines
747 B
Nix
{ pkgs, ... }: {
|
|
|
|
environment.systemPackages = with pkgs; [ nextcloud29 ];
|
|
|
|
services.nextcloud = {
|
|
enable = true;
|
|
package = pkgs.nextcloud29;
|
|
hostName = "localhost";
|
|
config.adminpassFile = "/etc/nextcloudpwd";
|
|
nginx.enable = true;
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
# Use recommended settings
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
|
|
# Only allow PFS-enabled ciphers with AES256
|
|
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
|
|
|
|
# Setup Nextcloud virtual host to listen on ports
|
|
virtualHosts = {
|
|
|
|
"localhost" = { };
|
|
};
|
|
};
|
|
}
|