{pkgs, ...}: { project.name = "nextcloud"; networks.dmz = { name = "dmz"; external = true; }; networks.transport = {}; services = { nextcloud.service = { image = "nextcloud:28.0.4"; container_name = "nextcloud"; useHostStore = true; labels = { "traefik.enable" = "true"; "traefik.http.routers.nextcloud.entrypoints" = "websecure"; "traefik.http.routers.nextcloud.rule" = "Host(`nextcloud.ghoscht.com`)"; "traefik.docker.network" = "dmz"; "traefik.http.routers.nextcloud.tls" = "true"; "traefik.http.routers.nextcloud.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/nextcloud/nextcloud_data:/var/www/html" ]; hostname = "nextcloud.ghoscht.com"; environment = { REDIS_HOST = "nextcloud-redis"; REDIS_PORT = 6379; }; restart = "unless-stopped"; networks = [ "dmz" "transport" ]; }; nextcloud-db.service = { image = "mariadb:11.4.1-rc-jammy"; env_file = [ "/home/ghoscht/.docker/nextcloud/nextcloud.env" ]; volumes = [ "/storage/dataset/docker/nextcloud/nextcloud_db:/var/lib/mysql" ]; restart = "unless-stopped"; command = "--transaction-isolation=READ-COMMITTED --binlog-format=ROW"; networks = [ "transport" ]; }; nextcloud-redis.service = { image = "redis:alpine3.19"; restart = "unless-stopped"; networks = [ "transport" ]; }; }; }