From 587419e2173f15433679a8a7b8a41e2db017c6c0 Mon Sep 17 00:00:00 2001
From: Jonas Heinrich <onny@project-insanity.org>
Date: Wed, 13 Apr 2022 12:46:02 +0200
Subject: [PATCH] add nextcloud service (testing)
---
README.md | 5 ++
configuration.nix | 139 +++++++++++++++++++++++++++++++-----------
wordpress/plugins.nix | 34 +++++------
wordpress/themes.nix | 10 +++
4 files changed, 137 insertions(+), 51 deletions(-)
diff --git a/README.md b/README.md
index 5ac665a..5ada3d0 100644
--- a/README.md
+++ b/README.md
@@ -5,6 +5,7 @@
- Firewall
- Jellyfin
- Dokuwiki
+- Nextcloud
- InvoicePlane
- Wordpress
- AirPrinting
@@ -26,6 +27,8 @@ sudo nixos-generate-config
Adapt config from this repository, and rebuild. Set password for new user
`picloud`.
+## Backup
+
Data folders which have to be synchronized:
- Jellyfin /var/lib/jellyfin
- Dokuwiki /var/lib/dokuwiki
@@ -36,3 +39,5 @@ Data folders which have to be synchronized:
Databases to be synchronized:
- wordpress (mysql)
- gitlab (postgresql)
+- nextcloud (mysql)
+- invoiceplane (mysql)
diff --git a/configuration.nix b/configuration.nix
index a025dc4..41c5dca 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -25,36 +25,75 @@ let
in
{
+ disabledModules = [ "services/web-apps/nextcloud.nix" ]; # FIXME
+
imports = [
./hardware-configuration.nix # Include the results of the hardware scan.
+ # Module or module changes available with 22.05
(builtins.fetchTarball {
url = "https://github.com/onny/nixpkgs/archive/invoiceplane.tar.gz";
sha256 = "0qpsfkby28ys0fn4v57psmcdx4f4fz44wr13l81fjvxzln78kygw";
} + "/nixos/modules/services/web-apps/invoiceplane.nix")
+ # Module or module changes available with 22.05
(builtins.fetchTarball {
url = "https://github.com/onny/nixpkgs/archive/maddy.tar.gz";
sha256 = "17l1phgzm2bflrkblsfy2xb2ixfknf4m7g9i3yfsv6ap5wk83kha";
} + "/nixos/modules/services/mail/maddy.nix")
+ # Module or module changes available with 22.05
+ (builtins.fetchTarball {
+ url = "https://github.com/onny/nixpkgs/archive/nextcloud-caddy.tar.gz";
+ sha256 = "01l966kq0810awsw7dabyb546k2nabmfym1wajc6jxl7k1y8abjy";
+ } + "/nixos/modules/services/web-apps/nextcloud.nix")
+
];
# FIXME
nixpkgs.overlays = [
(self: super: {
+ # Package or package changes available with 22.05
invoiceplane = (import (builtins.fetchTarball {
url =
"https://github.com/onny/nixpkgs/archive/invoiceplane.tar.gz";
sha256 = "0qpsfkby28ys0fn4v57psmcdx4f4fz44wr13l81fjvxzln78kygw";
}) {} ).invoiceplane;
+ # Package or package changes available with 22.05
wordpress = super.wordpress.overrideAttrs (oldAttrs: rec {
+ # FIXME: Include important security update
+ version = "5.9.2";
+ src = pkgs.fetchurl {
+ url = "https://wordpress.org/wordpress-5.9.2.tar.gz";
+ sha256 = "sha256-d2Xy3SpWzpIHmXh8x5BKWF9jNlvKK6D3uwbqIGDGn4s=";
+ };
# Remove default plugins and themes
installPhase = oldAttrs.installPhase + ''
rm -r $out/share/wordpress/wp-content/plugins/*
rm -r $out/share/wordpress/wp-content/themes/*
'';
});
+ # Package or package changes available with 22.05
+ dokuwiki = super.dokuwiki.overrideAttrs (oldAttrs: rec {
+ # FIXME: Use unstable release since it includes an
+ # important fix preventing bots form editing pages which
+ # is not yet included in dokuwiki-2020-07-29
+ version = "2022-03-17";
+ src = pkgs.fetchFromGitHub {
+ owner = "splitbrain";
+ repo = "dokuwiki";
+ rev = "aeff85cf66d3386d58e0a01e534791bde4757e9e";
+ sha256 = "sha256-tR4ezMEBB0cYjCuhH5CpTSw/Y1+oujPGOAYwCYakIos=";
+ };
+ });
})
];
+ # FIXME
+ nix = {
+ package = pkgs.nixFlakes;
+ extraOptions = ''
+ experimental-features = nix-command flakes
+ '';
+ };
+
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot = {
cleanTmpDir = true;
@@ -179,34 +218,64 @@ in
wordpress = {
webserver = "caddy";
- sites."blog.${config.networking.domain}" = {
- database.createLocally = true;
- plugins = with wordpressPackages.plugins; [
- add-widget-after-content
- anti-spam-bee
- code-syntax-block
- lightbox-with-photoswipe
- wp-gdpr-compliance
- co-authors-plus
- wp-statistics
- wp-user-avatars
- opengraph
- simple-login-captcha
- disable-xml-rpc
- async-javascript
- webp-converter-for-media
- breeze
- jetpack
- jetpack-lite
- ];
- themes = with wordpressPackages.themes; [
- geist
- ];
- extraConfig = ''
- // Needed to run behind reverse proxy
- define('FORCE_SSL_ADMIN', true);
- $_SERVER['HTTPS']='on';
- '';
+ sites = {
+ "blog.${config.networking.domain}" = {
+ database.createLocally = true;
+ plugins = with wordpressPackages.plugins; [
+ add-widget-after-content
+ anti-spam-bee
+ code-syntax-block
+ lightbox-with-photoswipe
+ wp-gdpr-compliance
+ co-authors-plus
+ wp-statistics
+ wp-user-avatars
+ opengraph
+ simple-login-captcha
+ disable-xml-rpc
+ async-javascript
+ webp-converter-for-media
+ breeze
+ jetpack
+ jetpack-lite
+ ];
+ themes = with wordpressPackages.themes; [
+ geist
+ ];
+ extraConfig = ''
+ // Needed to run behind reverse proxy
+ define('FORCE_SSL_ADMIN', true);
+ $_SERVER['HTTPS']='on';
+ '';
+ };
+ "lecker-company.de" = {
+ database = {
+ createLocally = true;
+ name = "wordpress_leckercompany";
+ };
+ themes = with wordpressPackages.themes; [
+ twenty-twenty-two
+ ];
+ extraConfig = ''
+ // Needed to run behind reverse proxy
+ define('FORCE_SSL_ADMIN', true);
+ $_SERVER['HTTPS']='on';
+ '';
+ };
+ "fachwerk-sauna.de" = {
+ database = {
+ createLocally = true;
+ name = "wordpress_fachwerksauna";
+ };
+ themes = with wordpressPackages.themes; [
+ twenty-twenty-two
+ ];
+ extraConfig = ''
+ // Needed to run behind reverse proxy
+ define('FORCE_SSL_ADMIN', true);
+ $_SERVER['HTTPS']='on';
+ '';
+ };
};
};
@@ -242,15 +311,17 @@ in
rspamd.enable = true;
- #nextcloud = {
- # enable = true;
- # webserver = "caddy";
- # hostName = "nextcloud.${config.networking.domain}";
- #};
-
+ nextcloud = {
+ enable = true;
+ webserver = "caddy";
+ package = pkgs.nextcloud23;
+ hostName = "nextcloud.${config.networking.domain}";
+ config.adminpassFile = "${pkgs.writeText "adminpass" "hunter2"}";
+ };
mysql.package = lib.mkForce pkgs.mariadb; # FIXME
+ # FIXME
postgresql = {
enable = true;
enableTCPIP = true;
diff --git a/wordpress/plugins.nix b/wordpress/plugins.nix
index 588ad95..f612768 100644
--- a/wordpress/plugins.nix
+++ b/wordpress/plugins.nix
@@ -63,10 +63,10 @@ in rec {
lightbox-with-photoswipe = mkWordpressPlugin {
pluginName = "lightbox-with-photoswipe";
- version = "3.2.10";
+ version = "3.4.2";
src = fetchurl {
- url = "https://downloads.wordpress.org/plugin/lightbox-photoswipe.3.2.10.zip";
- sha256 = "1x4ygrhj95si7zf3l89hjsm0camv3gcc1pzjxvkg79fw000c2cpq";
+ url = "https://downloads.wordpress.org/plugin/lightbox-photoswipe.3.4.2.zip";
+ sha256 = "sha256-qf1do83pa2tO85oP5fwjInKW8bXdZZrz/HOdtYy0tpc=";
};
buildInputs = [ pkgs.unzip ];
installPhase = "mkdir -p $out; cp -R * $out/";
@@ -74,10 +74,10 @@ in rec {
wp-gdpr-compliance = mkWordpressPlugin {
pluginName = "wp-gdpr-compliance";
- version = "2.0.8";
+ version = "2.0.12";
src = fetchurl {
- url = "https://downloads.wordpress.org/plugin/wp-gdpr-compliance.2.0.8.zip";
- sha256 = "1nigmmbj8p98r3akfhhqcajfx4f2r9ldk66fcya41gvy1r5zllz1";
+ url = "https://downloads.wordpress.org/plugin/wp-gdpr-compliance.2.0.12.zip";
+ sha256 = "sha256-n5ta5DUrE4h69/nSUYocZoMH3ubU4TYaFPLRWQyLonw=";
};
buildInputs = [ pkgs.unzip ];
installPhase = "mkdir -p $out; cp -R * $out/";
@@ -96,10 +96,10 @@ in rec {
wp-statistics = mkWordpressPlugin {
pluginName = "wp-statistics";
- version = "13.1.6";
+ version = "13.1.7";
src = fetchurl {
- url = "https://downloads.wordpress.org/plugin/wp-statistics.13.1.6.zip";
- sha256 = "0j5vwyz2d09dnkvkjj2ln635rfq6ka0n4pjdsccqjw68lzk5srmi";
+ url = "https://downloads.wordpress.org/plugin/wp-statistics.13.1.7.zip";
+ sha256 = "sha256-4F6/AAd78dWaQSsF8DJR9bghY9n3hhozGPw37XlY4/I=";
};
buildInputs = [ pkgs.unzip ];
installPhase = "mkdir -p $out; cp -R * $out/";
@@ -162,10 +162,10 @@ in rec {
webp-converter-for-media = mkWordpressPlugin {
pluginName = "webp-converter-for-media";
- version = "4.2.1";
+ version = "4.3.1";
src = fetchurl {
url = "https://downloads.wordpress.org/plugin/webp-converter-for-media.zip";
- sha256 = "0nwdzp139fnk2jha01y4dg460il20sikl4lqj9hfxkqqjs9d51yr";
+ sha256 = "sha256-/dpXmoCsMBgm5zfa2kS0paUTaq94IQQOJjGHgjGpldk=";
};
buildInputs = [ pkgs.unzip ];
installPhase = "mkdir -p $out; cp -R * $out/";
@@ -173,10 +173,10 @@ in rec {
breeze = mkWordpressPlugin {
pluginName = "breeze";
- version = "2.0.1";
+ version = "2.0.2";
src = fetchurl {
- url = "https://downloads.wordpress.org/plugin/breeze.2.0.1.zip";
- sha256 = "0dxrsw1pa88qhr1dvi12ir2pidmzg5nhl2qd03x2ivr90cvnz90x";
+ url = "https://downloads.wordpress.org/plugin/breeze.2.0.2.zip";
+ sha256 = "sha256-8mIncqHp3Vz619XhT80VLxu+EW8+1a1kiOOvR+ZznGU=";
};
buildInputs = [ pkgs.unzip ];
installPhase = "mkdir -p $out; cp -R * $out/";
@@ -184,10 +184,10 @@ in rec {
jetpack = mkWordpressPlugin {
pluginName = "jetpack";
- version = "10.6";
+ version = "10.8";
src = fetchurl {
- url = "https://downloads.wordpress.org/plugin/jetpack.10.6.zip";
- sha256 = "0m8q1cgp797xs1xsrjwcvgmd54xfsg7asnw1s2waw2ylsz2byvf9";
+ url = "https://downloads.wordpress.org/plugin/jetpack.10.8.zip";
+ sha256 = "sha256-r/vSa6UgsLK4oV2QOgQ0PRjWooM4EbeaxEJhqXzRrG8=";
};
buildInputs = [ pkgs.unzip ];
installPhase = "mkdir -p $out; cp -R * $out/";
diff --git a/wordpress/themes.nix b/wordpress/themes.nix
index 9f91f8c..d4b69d5 100644
--- a/wordpress/themes.nix
+++ b/wordpress/themes.nix
@@ -40,5 +40,15 @@ in rec {
buildInputs = [ pkgs.unzip ];
};
+ twenty-twenty-two = mkWordpressTheme {
+ themeName = "twentytwentytwo";
+ version = "1.1";
+ src = fetchurl {
+ url = "https://downloads.wordpress.org/theme/twentytwentytwo.1.1.zip";
+ sha256 = "sha256-5pzKxmGwKSeDe9yl2t1wY02YBI0jJlXHynAK9YfT/xk=";
+ };
+ buildInputs = [ pkgs.unzip ];
+ };
+
}
--
GitLab