diff --git a/lass/1systems/ubik/config.nix b/lass/1systems/ubik/config.nix index 1d836d4ec..b153c0d3b 100644 --- a/lass/1systems/ubik/config.nix +++ b/lass/1systems/ubik/config.nix @@ -14,13 +14,25 @@ with import ; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPBFGMjH0+Dco6DVFZbByENMci8CFTLXCL7j53yctPnM"; }; - networking.firewall.allowedTCPPorts = [ 80 ]; + security.acme = { + acceptTerms = true; + defaults.email = "acme@lassul.us"; + }; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + # nextcloud + services.nginx.virtualHosts."c.apanowicz.de" = { + enableACME = true; + forceSSL = true; + }; services.nextcloud = { enable = true; + enableBrokenCiphersForSSE = false; hostName = "c.apanowicz.de"; package = pkgs.nextcloud25; config.adminpassFile = "/run/nextcloud.pw"; https = true; + maxUploadSize = "9001M"; }; systemd.services.nextcloud-setup.serviceConfig.ExecStartPre = [ "+${pkgs.writeDash "copy-pw" ''