Setup Nextcloud with NixOS, switch to PostgreSQL

configuration.nix

@@ -48,83 +48,64 @@
   # Nginx web server
   services.nginx = {
     enable = true;
+
     virtualHosts."www.beffara.org" = {
       default = true;
       forceSSL = true;
       root = "/data/web/root";
       enableACME = true;
+    };
 
-      locations."/owncloud/" = {
-        alias = "/data/web/nextcloud/site/";
-        extraConfig = ''
-          rewrite ^/owncloud/((cal|card|web)dav.*)$ /owncloud/remote.php/$1 redirect;
-        '';
-      };
-
-      locations."~ ^/owncloud/.+\.php(/|$)" = {
-        alias = "/data/web/nextcloud/site/";
-        extraConfig = ''
-          fastcgi_pass  unix:${config.services.phpfpm.pools.nextcloud.socket};
-          fastcgi_index index.php;
-          include ${config.services.nginx.package}/conf/fastcgi.conf;
-          fastcgi_split_path_info ^/owncloud/(.+\.php)(|/.*)$;
-          fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name;
-        '';
-      };
-
-      extraConfig = ''
-        index index.php index.html;
-        add_header Strict-Transport-Security "max-age=15768000;";
-        rewrite ^/.well-known/host-meta /owncloud/public.php?service=host-meta last;
-        rewrite ^/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last;
-        rewrite ^/.well-known/(cal|card)dav /owncloud/remote.php/$1dav/ redirect;
-      '';
+    virtualHosts."cloud.beffara.org" = {
+      forceSSL = true;
+      enableACME = true;
     };
   };
 
-  # FastCGI server for PHP
-  services.phpfpm = {
-    phpOptions = ''
-      memory_limit = 512M
-      extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
-      extension=${pkgs.phpPackages.imagick}/lib/php/extensions/imagick.so
-    '';
-
-    pools.nextcloud = {
-      user = "nextcloud";
-      settings = {
-        "listen.owner" = config.services.nginx.user;
-        "pm" = "dynamic";
-        "pm.max_children" = 5;
-        "pm.start_servers" = 2;
-        "pm.min_spare_servers" = 1;
-        "pm.max_spare_servers" = 3;
-        "pm.max_requests" = 500;
-      };
+  # Nextcloud
+  services.nextcloud = {
+    enable = true;
+    hostName = "cloud.beffara.org";
+    https = true;
+    package = pkgs.nextcloud21;
+    home = "/data/web/nextcloud";
+
+    autoUpdateApps = {
+      enable = true;
+      startAt = "03:00:00";
     };
+
+    config = {
+      overwriteProtocol = "https";
+      dbtype = "pgsql";
+      dbuser = "nextcloud";
+      dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
+      dbname = "nextcloud";
+      dbpassFile = "/data/web/nextcloud/db-pass";
+      defaultPhoneRegion = "FR";
+      adminpassFile = "/data/web/nextcloud/admin-pass";
+      adminuser = "admin";
+    };
+  };
+
+  # Ensure that postgres is running before setting up Nextcloud
+  systemd.services."nextcloud-setup" = {
+    requires = ["postgresql.service"];
+    after = ["postgresql.service"];
   };
 
-  # MySQL database
-  services.mysql = {
+  # PostgreSQL database
+  services.postgresql = {
     enable = true;
-    package = pkgs.mariadb;
     ensureDatabases = [ "nextcloud" ];
     ensureUsers = [
       {
         name = "nextcloud";
-        ensurePermissions = { "nextcloud.*" = "ALL PRIVILEGES"; };
+        ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
       }
     ];
   };
 
-  # System user accounts
-  users.users.nextcloud = {
-    isSystemUser = true;
-    home = "/data/web/nextcloud";
-    group = "nextcloud";
-  };
-  users.groups.nextcloud = { };
-
   # Initial user account
   users.users.manu = {
     isNormalUser = true;