153 lines
5.2 KiB
Nix
153 lines
5.2 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
let serverCfg = config.syscfg.server;
|
|
in {
|
|
project.name = "cloud";
|
|
|
|
networks = {
|
|
internal = {
|
|
name = lib.mkForce "internal";
|
|
internal = true;
|
|
};
|
|
external = {
|
|
name = lib.mkForce "external";
|
|
internal = false;
|
|
};
|
|
};
|
|
|
|
services = {
|
|
|
|
cloud_nextcloud.service = {
|
|
image = "nextcloud:27";
|
|
container_name = "cloud";
|
|
restart = "unless-stopped";
|
|
networks = [ "external" ];
|
|
volumes = [
|
|
"${serverCfg.configPath}/data/nextcloud:/var/www/html"
|
|
"${serverCfg.dataPath}/data/music:/media/music"
|
|
"${serverCfg.dataPath}/data/video:/media/video"
|
|
"${serverCfg.dataPath}/data/photo:/media/photo"
|
|
];
|
|
tmpfs = [ "/tmp" ];
|
|
labels = {
|
|
"traefik.enable" = "true";
|
|
"traefik.http.routers.nextcloud.entrypoints" = "web-secure";
|
|
"traefik.http.routers.nextcloud.rule" =
|
|
"Host(`cloud.${serverCfg.hostDomain}`)";
|
|
"traefik.http.routers.nextcloud.tls" = "true";
|
|
"traefik.http.routers.nextcloud.middlewares" =
|
|
"sts_headers,nextcloud-caldav";
|
|
|
|
"traefik.http.middlewares.nextcloud-caldav.redirectregex.permanent" =
|
|
"true";
|
|
"traefik.http.middlewares.nextcloud-caldav.redirectregex.regex" =
|
|
"^https://(.*)/.well-known/(card|cal)dav";
|
|
"traefik.http.middlewares.nextcloud-caldav.redirectregex.replacement" =
|
|
"https://$\${1}/remote.php/dav/";
|
|
"traefik.http.middlewares.sts_headers.headers.stsSeconds" = "15552000";
|
|
"traefik.http.middlewares.sts_headers.headers.stsIncludeSubdomains" =
|
|
"true";
|
|
};
|
|
};
|
|
|
|
cloud_office.service = {
|
|
image = "collabora/code:latest";
|
|
container_name = "cloud_office";
|
|
restart = "unless-stopped";
|
|
networks = [ "external" ];
|
|
volumes = [ ];
|
|
environment = {
|
|
username = "COLLABORA_USER";
|
|
password = "COLLABORA_PASSWORD";
|
|
aliasgroup1 = "https://cloud.${serverCfg.hostDomain}";
|
|
server_name = "office.${serverCfg.hostDomain}";
|
|
VIRTUAL_HOST = "office.${serverCfg.hostDomain}";
|
|
VIRTUAL_PORT = "9980";
|
|
VIRTUAL_PROTO = "http";
|
|
DONT_GEN_SSL_CERT = "true";
|
|
RESOLVE_TO_PROXY_IP = "true";
|
|
NETWORK_ACCESS = "internal";
|
|
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
|
|
dictionaries = "en fr de jp";
|
|
};
|
|
labels = {
|
|
"traefik.enable" = "true";
|
|
"traefik.http.routers.collabora.entrypoints" = "web-secure";
|
|
"traefik.http.routers.collabora.rule" =
|
|
"Host(`office.${serverCfg.hostDomain}`)";
|
|
"traefik.http.routers.collabora.tls" = "true";
|
|
};
|
|
};
|
|
|
|
cloud_etherpad.service = {
|
|
image = "etherpad/etherpad:latest";
|
|
container_name = "etherpad";
|
|
restart = "unless-stopped";
|
|
networks = [ "external" ];
|
|
volumes = [
|
|
"${serverCfg.dataPath}/ether/etherpad/data:/opt/etherpad-lite/var"
|
|
"${serverCfg.dataPath}/ether/etherpad/APIKEY.txt:/opt/etherpad-lite/APIKEY.txt"
|
|
];
|
|
environment = {
|
|
NODE_ENV = "production";
|
|
TITLE = "Helcel-Pad";
|
|
DB_TYPE = "mysql";
|
|
DB_HOST = serverCfg.dbHost;
|
|
DB_PORT = serverCfg.dbPort;
|
|
DB_NAME = "etherpad";
|
|
DB_USER = "ETHERPAD_DB_USER";
|
|
DB_PASS = "ETHERPAD_DB_PASSWORD";
|
|
DB_CHARSET = "utf8mb4";
|
|
DEFAULT_PAD_TEXT = "P A D";
|
|
PAD_OPTIONS_SHOW_LINE_NUMBERS = "true";
|
|
PAD_OPTIONS_USE_MONOSPACE_FONT = "true";
|
|
ADMIN_PASSWORD = "ETHERPAD_ADMIN_PASSWORD";
|
|
SKIN_VARIANTS = "super-dark-toolbar light-editor dark-background";
|
|
};
|
|
labels = {
|
|
"traefik.enable" = "true";
|
|
"traefik.http.routers.etherpad.entrypoints" = "web-secure";
|
|
"traefik.http.routers.etherpad.rule" =
|
|
"Host(`pad.${serverCfg.hostDomain}`)";
|
|
"traefik.http.routers.etherpad.tls" = "true";
|
|
};
|
|
};
|
|
|
|
cloud_ethercalc.service = {
|
|
image = "audreyt/ethercalc:latest";
|
|
container_name = "ethercalc";
|
|
restart = "unless-stopped";
|
|
networks = [ "external" "internal" ];
|
|
volumes = [
|
|
"${serverCfg.dataPath}/ether/etherpad/data:/opt/etherpad-lite/var"
|
|
"${serverCfg.dataPath}/ether/etherpad/APIKEY.txt:/opt/etherpad-lite/APIKEY.txt"
|
|
];
|
|
environment = {
|
|
NODE_ENV = "production";
|
|
TITLE = "Helcel-Calc";
|
|
REDIS_PORT_6379_TCP_ADDR = "ethercalc-redis";
|
|
REDIS_PORT_6379_TCP_PORT = "6379";
|
|
ADMIN_PASSWORD = "ETHERPAD_ADMIN_PASSWORD";
|
|
SKIN_VARIANTS = "super-dark-toolbar light-editor dark-background";
|
|
};
|
|
labels = {
|
|
"traefik.enable" = "true";
|
|
"traefik.http.routers.ethercalc.entrypoints" = "web-secure";
|
|
"traefik.http.routers.ethercalc.rule" =
|
|
"Host(`calc.${serverCfg.hostDomain}`)";
|
|
"traefik.http.routers.ethercalc.tls" = "true";
|
|
};
|
|
};
|
|
|
|
cloud_redis.service = {
|
|
image = "redis:latest";
|
|
container_name = "ethercalc-redis";
|
|
restart = "unless-stopped";
|
|
networks = [ "internal" ];
|
|
volumes = [ "${serverCfg.dataPath}/ether/ethercalc/redis:/data" ];
|
|
environment = { };
|
|
labels = { "traefik.enable" = "false"; };
|
|
};
|
|
|
|
};
|
|
}
|