{ services.postgresql = { ensureDatabases = [ "nextcloud" ]; ensureUsers = [ { name = "nextcloud"; ensureDBOwnership = true; } ]; }; containers.nextcloud = { autoStart = true; privateNetwork = true; hostAddress = "192.168.0.1"; localAddress = "192.168.0.3"; config = { config, pkgs, lib, ... }: { environment.etc."nextcloud-admin-pass".text = "admin"; nixpkgs.config.allowUnfree = true; services = { nextcloud = { enable = true; hostName = "nextcloud.thewordnerd.info"; package = pkgs.nextcloud30; configureRedis = true; maxUploadSize = "16G"; autoUpdateApps.enable = true; notify_push.enable = true; webfinger = true; settings = { overwriteprotocol = "https"; trusted_proxies = [ "192.168.0.1" ]; default_phone_region = "US"; }; config = { dbtype = "pgsql"; dbhost = "/run/postgresql"; adminpassFile = "/etc/nextcloud-admin-pass"; }; }; onlyoffice = { enable = true; hostname = "onlyoffice.thewordnerd.info"; }; resolved.enable = true; }; networking = { firewall.allowedTCPPorts = [ 80 ]; useHostResolvConf = lib.mkForce false; }; virtualisation.podman = { enable = true; dockerCompat = true; dockerSocket.enable = true; }; }; bindMounts = { "/run/postgresql/.s.PGSQL.5432" = { hostPath = "/run/postgresql/.s.PGSQL.5432"; }; }; }; services.caddy.virtualHosts."nextcloud.thewordnerd.info".extraConfig = ''reverse_proxy nextcloud''; }