{ modulesPath, pkgs, config, ... }: { imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ]; environment.systemPackages = with pkgs; [ vim wget curl openssh ]; services.nextcloud = { enable = true; hostName = "nextcloud.yourdomain.com"; # Replace with your domain. https = true; # Enable HTTPS config = { dbtype = "pgsql"; dbuser = "nextcloud"; dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself dbname = "nextcloud"; adminpassFile = "/path/to/password/file"; # Replace with your password file. adminuser = "root"; defaultPhoneRegion = "US"; # Replace with your country code. }; package = pkgs.nextcloud26; extraApps = { # Recommanded apps # You can install apps according to your preference # Afterall, it's your own cloud and you know how to do it. contacts = pkgs.nextcloud26Packages.apps.contacts; mail = pkgs.nextcloud26Packages.apps.mail; calendar = pkgs.fetchNextcloudApp rec { url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.3.4/calendar-v4.3.4.tar.gz"; sha256 = "0pj1h86kdnckzfrn13hllgps4wa921z4s24pg5d2666fqx89rwrv"; }; notes = pkgs.fetchNextcloudApp rec { url = "https://github.com/nextcloud-releases/notes/releases/download/v4.7.2/notes.tar.gz"; sha256 = "0klqf8dixrrb8yp8cc60ggnvhmqb3yh9f6y1281jn8ia5jml622v"; }; camerarawpreviews = pkgs.fetchNextcloudApp rec { url = "https://github.com/ariselseng/camerarawpreviews/releases/download/v0.8.1/camerarawpreviews_nextcloud.tar.gz"; sha256 = "1n1395m81m81klxzxd03ww07m0xjp0blbmx23y457k62j3kkr0m2"; }; drawio = pkgs.fetchNextcloudApp rec { url = "https://github.com/jgraph/drawio-nextcloud/releases/download/v2.1.1/drawio-v2.1.1.tar.gz"; sha256 = "0frizrgkbmc3mhhap7cq45z43l4whzkszx7v0v0q2ylmq8sbxszm"; }; registration = pkgs.fetchNextcloudApp rec { url = "https://github.com/nextcloud-releases/registration/releases/download/v2.1.0/registration-v2.1.0.tar.gz"; sha256 = "07dqc670qmdb3c8jjnj7azxxspjhiv6m9nrj960y3rjabyzy25m9"; }; music = pkgs.fetchNextcloudApp rec { url = "https://github.com/owncloud/music/releases/download/v1.8.3/music_1.8.3_for_nextcloud.tar.gz"; sha256 = "1kajm5ppp63g42xdvkmv0glw7snsc2fi7pcra1sg4kd005ffz42d"; }; bookmarks = pkgs.fetchNextcloudApp rec { url = "https://github.com/nextcloud/bookmarks/releases/download/v13.0.1/bookmarks-13.0.1.tar.gz"; sha256 = "0xx331bgly91y8ncxk36ha3ncrr2xlivblfi7rix6ffkrdx73yb9"; }; }; extraOptions = { mail_smtpmode = "smtp"; smtpsecure = "ssl"; mail_sendmailmode = "smtp"; mail_from_address = "nextcloud-system"; mail_dmoain = "mail.yourdomain.com"; # Replace with your domain. mail_smtphost = "email-smtp.us-east-2.amazonaws.com"; # Replace with your email provider. mail_smtpport = "465"; mail_smtpauth = 1; mail_smtpname = "STMPNAME"; # Replace with your SMTP username (or Email address). mail_smtppassword = "password"; }; phpOptions = { "opcache.interned_strings_buffer" = "16"; }; appstoreEnable = true; # Enable appstore }; services.postgresql = { enable = true; ensureDatabases = [ "nextcloud" ]; ensureUsers = [ { name = "nextcloud"; ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES"; } ]; }; systemd.services."nextcloud-setup" = { requires = ["postgresql.service"]; after = ["postgresql.service"]; }; services.nginx.virtualHosts.${config.services.nextcloud.hostName} = { forceSSL = true; enableACME = true; }; security.acme = { acceptTerms = true; defaults.email = "yourmail@example.com"; # Replace with your email. certs = { "nextcloud.yourdomain.com" = {}; # Replace with your domain. }; }; networking.firewall.allowedTCPPorts = [ 80 443 465 587 ]; }