moved services out of container

hosts/Alaska/default.nix

@@ -5,8 +5,8 @@
 {
   imports = [ 
     (import ./hardware-configuration.nix)
-    (import ./containers/nextcloud.nix)
    (import ./modules/nginx.nix)
+    (import ./modules/nextcloud.nix)
   ];
 
   environment.systemPackages = [

hosts/Alaska/modules/nextcloud.nix

@@ -1,48 +1,17 @@
-
 { config, lib, pkgs, ... }:
 
-
 {
-  containers.nextcloud = {
-    autoStart = true;
-    privateNetwork = true;
-    # The host address is the address of the parent machine from inside the container
-    hostAddress = "192.168.100.10";
-    # The local address field is the "inside the container" address of this machine
-    # Or what it says when you run 'ip a' inside the container
-    localAddress = "192.168.100.11";
-    # These are the same as above, but for ipv6
-    hostAddress6 = "fc00::1";
-    localAddress6 = "fc00::2";
-
-    # allowed filepaths and container-internal mount points
-    # I believe "hostPath" is the system-wide, non-conatainer path
-     bindMounts = {
-      "/Aurora/nextcloud" = {
-        hostPath = "/Aurora/nextcloud";
-        isReadOnly = false;
-      };
-    };
-
-     # If, when you nix-container root-login and systemctl status nextcloud-setup says the
-     # password files are unreadable, log in as root and `chown nextcloud:nextcloud` the password files
-  config = { config, pkgs, ... }: {
-
-    # A lot of this nextcloud configuration was pulled from this post:
-    # https://jacobneplokh.com/how-to-setup-nextcloud-on-nixos/
       services.nextcloud = {
         enable = true;
         package = pkgs.nextcloud25;
         enableBrokenCiphersForSSE = false;
 
+        nginx.recommendedHttpHeaders = true;
         https = true;
-        hostName = "192.168.100.10";
+        hostName = "files.nickiel.net";
         home = "/Aurora/nextcloud";
 
-        autoUpdateApps = {
-          enable = true;
-          startAt = "05:00:00";
-        };
+        autoUpdateApps.enable = true;
 
         config = {
           overwriteProtocol = "https";
@@ -50,6 +19,9 @@
             "10.0.0.183"
             "files.nickiel.net"
           ];
+          trustedProxies = [
+            "files.nickiel.net"
+          ];
 
           dbtype = "pgsql";
           dbuser = "nextcloud";
@@ -86,17 +58,4 @@
           requires = ["postgresql.service"];
           after = ["postgresql.service"];
       };
-
-
-      # Container nixos state configurations
-      system.stateVersion = "22.05";
-      networking.firewall = {
-        enable = true;
-        allowedTCPPorts = [ 80 ];
-      };
-      # Manually configure nameserver. Using resolved inside the container seems to fail
-      # currently
-      environment.etc."resolv.conf".text = "nameserver 1.1.1.1";
-    };
-  };
 }

hosts/Alaska/modules/nginx.nix

@@ -1,6 +1,11 @@
 { config, lib, pkgs, ... }:
 
 {
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "nicholasyoungsumner@gmail.com";
+  };
+
   services.nginx = {
     enable = true;
     commonHttpConfig = ''
@@ -19,8 +24,7 @@
 
       "jellyfin.nickiel.net" = {
           forceSSL = true;
-          sslCertificate = "/Aurora/nickiel.net.pem";
-          sslCertificateKey = "/Aurora/nickiel.net.key";
+          enableACME = true;
           locations."/" = {
             proxyPass = "http://127.0.0.1:8096/";
             proxyWebsockets = true;
@@ -28,15 +32,10 @@
           };
       };
 
-      #"files.nickiel.net" = {
-      #      forceSSL = true;
-      #      sslCertificate = "/Aurora/nickiel.net.pem";
-      #      sslCertificateKey = "/Aurora/nickiel.net.key";
-      #      locations."/" = {
-      #        proxyPass = "http://192.168.100.11:80";
-      #        proxyWebsockets = true;
-      #      };
-      #    };
+      "files.nickiel.net" = {
+          forceSSL = true;
+          enableACME = true;
+      };
     };
   };
 }