mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

collabora->onlyoffice

Browse Source
This commit is contained in:
mjallen18
2025-01-25 14:07:36 -06:00
parent e983e5b47c
commit 88c98a2230
6 changed files with 48 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/nas/apps.nix
View File

@@ -12,12 +12,13 @@
../../modules ../../modules
./apps/netdata ./apps/netdata
./apps/collabora
]; ];
nas-apps = { nas-apps = {
collabora = { collabora = {
enable = true; enable = false;
environmentFiles = [ config.sops.secrets."jallen-nas/collabora".path ]; environmentFiles = [ config.sops.secrets."jallen-nas/collabora".path ];
}; };

27
hosts/nas/apps/collabora/default.nix
View File

@@ -1,7 +1,26 @@
{ ... }: { config, ... }:
{ {
services.collabora-online = { virtualisation.oci-containers.containers.onlyoffice = {
enable = true; image = "onlyoffice/documentserver:latest";
port = 9980; ports = ["9980:80"];
environment = {
USE_UNAUTHORIZED_STORAGE = "true";
}; };
environmentFiles = [
config.sops.secrets."jallen-nas/onlyoffice-key".path
];
};
# services.collabora-online = {
# enable = false;
# port = 9980;
# };
# services.onlyoffice = {
# enable = true;
# port = 9980;
# hostname = "office.mjallen.dev";
# };
# users.users.onlyoffice.isSystemUser = true;
# users.users.onlyoffice.isNormalUser = false;
} }

24
hosts/nas/apps/nextcloud/default.nix
View File

@@ -32,11 +32,11 @@ in
mountPoint = "/var/lib/nextcloud"; mountPoint = "/var/lib/nextcloud";
}; };
"/var/lib/onlyoffice" = { # "/var/lib/onlyoffice" = {
hostPath = "/media/nas/ssd/nix-app-data/onlyoffice"; # hostPath = "/media/nas/ssd/nix-app-data/onlyoffice";
isReadOnly = false; # isReadOnly = false;
mountPoint = "/var/lib/onlyoffice"; # mountPoint = "/var/lib/onlyoffice";
}; # };
}; };
config = config =
@@ -110,18 +110,12 @@ in
}; };
}; };
}; };
onlyoffice = {
enable = true;
port = 8000;
hostname = "office.mjallen.dev";
};
}; };
# System packages # System packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
nextcloud30 nextcloud30
onlyoffice-documentserver # onlyoffice-documentserver
sqlite sqlite
]; ];
@@ -132,9 +126,9 @@ in
group = "nextcloud"; group = "nextcloud";
}; };
users.users.onlyoffice = { # users.users.onlyoffice = {
group = lib.mkForce "nextcloud"; # group = lib.mkForce "nextcloud";
}; # };
users.groups = { users.groups = {
nextcloud = { nextcloud = {

6
hosts/nas/apps/traefik/default.nix
View File

@@ -107,6 +107,11 @@ in
]; ];
}; };
}; };
onlyoffice-websocket = {
headers.customrequestheaders = {
X-Forwarded-Proto = "https";
};
};
# test-errors = { # test-errors = {
# errors = { # errors = {
# status = [ # status = [
@@ -186,6 +191,7 @@ in
entryPoints = [ "websecure" ]; entryPoints = [ "websecure" ];
rule = "Host(`office.${domain}`)"; rule = "Host(`office.${domain}`)";
service = "collabora"; service = "collabora";
middlewares = "onlyoffice-websocket";
tls.certResolver = "letsencrypt"; tls.certResolver = "letsencrypt";
}; };
cloud = { cloud = {

4
hosts/nas/sops.nix
View File

@@ -69,6 +69,10 @@
restartUnits = [ "netdata.service" ]; restartUnits = [ "netdata.service" ];
}; };
sops.secrets."jallen-nas/onlyoffice-key" = {
restartUnits = [ "podman-onlyoffice.service" ];
};
sops.secrets."jallen-nas/paperless/secret" = { sops.secrets."jallen-nas/paperless/secret" = {
restartUnits = [ "container@paperless.service" ]; restartUnits = [ "container@paperless.service" ];
}; };

5
secrets/secrets.yaml
View File

@@ -12,6 +12,7 @@ jallen-nas:
dbpassword: ENC[AES256_GCM,data:Xu92h2psR4jAJDM=,iv:UsJD1zq9Uy0Exxk58nkyPGyI8m2BOuvr2DK843h5pSk=,tag:k4MvHT8BoahCf9ZxQw8ovA==,type:str] dbpassword: ENC[AES256_GCM,data:Xu92h2psR4jAJDM=,iv:UsJD1zq9Uy0Exxk58nkyPGyI8m2BOuvr2DK843h5pSk=,tag:k4MvHT8BoahCf9ZxQw8ovA==,type:str]
adminpassword: ENC[AES256_GCM,data:y4PXSbrAAw3A6cg=,iv:10Dm3IYqKJz2FNRteauuYSKXCHE2IKHv4ytidUvblXA=,tag:OAsZ69s4g2p0JEenLbkXdA==,type:str] adminpassword: ENC[AES256_GCM,data:y4PXSbrAAw3A6cg=,iv:10Dm3IYqKJz2FNRteauuYSKXCHE2IKHv4ytidUvblXA=,tag:OAsZ69s4g2p0JEenLbkXdA==,type:str]
smtppassword: ENC[AES256_GCM,data:AIn3HJ3oX90nzcmSLSIeizqL1w==,iv:EyIgk3mxJ1Pn9Gff6ia6c2ekreSFGUWDbLrtC/meMyI=,tag:LvkT98sSOVDV+mxMyJKnbQ==,type:str] smtppassword: ENC[AES256_GCM,data:AIn3HJ3oX90nzcmSLSIeizqL1w==,iv:EyIgk3mxJ1Pn9Gff6ia6c2ekreSFGUWDbLrtC/meMyI=,tag:LvkT98sSOVDV+mxMyJKnbQ==,type:str]
onlyoffice-key: ENC[AES256_GCM,data:htJ+CEyeHgdxbOGKT5SFPaQeFYw0vw==,iv:J/yl1vYx4As8TwpgNYkeiZZixXzHMFeF0/D3zY+MmIc=,tag:wdc8hRLs+qWpVhwGsvSqZg==,type:str]
manyfold: manyfold:
secretkeybase: ENC[AES256_GCM,data:b+fgTrtnZcp34DOQ0dtKc6bX6/dm9j0o3QJr,iv:e4hOwgTFCXVokGqhwKsYHt5IQgtaKcMmEqvDoMly5aI=,tag:E8gFiOuozA4T1mmcgXfbDg==,type:str] secretkeybase: ENC[AES256_GCM,data:b+fgTrtnZcp34DOQ0dtKc6bX6/dm9j0o3QJr,iv:e4hOwgTFCXVokGqhwKsYHt5IQgtaKcMmEqvDoMly5aI=,tag:E8gFiOuozA4T1mmcgXfbDg==,type:str]
immich: immich:
@@ -66,8 +67,8 @@ sops:
UGhsN2N0Mjl3UEJvUVlGRlJiN05WaUkKW37lU4G4CLTo6JoHC2OyhKsG/FuO+BiN UGhsN2N0Mjl3UEJvUVlGRlJiN05WaUkKW37lU4G4CLTo6JoHC2OyhKsG/FuO+BiN
pzlVJwzRnmAqwklRbc6RMbQLl2EQrp6KQcgYsUxCMH9OQ/9WJ98dxQ== pzlVJwzRnmAqwklRbc6RMbQLl2EQrp6KQcgYsUxCMH9OQ/9WJ98dxQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-25T05:08:43Z" lastmodified: "2025-01-25T19:42:11Z"
mac: ENC[AES256_GCM,data:TFwJdmF0M4s3etKYXZAsMsEqcn7pt2Z6wgxPnLOpukFCGpNBorVsSWiFa/0UbvpZ7QRzNIEucEGAk0rspgnk0t+1EDxsW/UqXmieoLIQy317UHI/PVPprG6HPH/PHPCyhp/U4ddM94lKbxnEgf4kQDmL8Hl90vSWQs+8hOoByUk=,iv:1MjcEx4InMaDFStTLLvb/e0vAWyXoVb24dh2XwHvg3A=,tag:ZQQsuON1DFFD4aRWD2GTyg==,type:str] mac: ENC[AES256_GCM,data:dzOyTwO0bPCPVqus25r6oEXjjpNjfefkeqk16jW7DXugEcizCmS58nPMCGaHb4KrDyxjkzaMRHm7/tDqfRTtKh/nf14R+geWSk/J+c91cV5xCptfAphP53w5YeJkiOjCF3A08iSwEORvrzFY/xiomhO9xkew0bYzUV38Spe9Vfc=,iv:64NbSqYbO/YwqwlMh3WJgdkPNbNPd6lln2cRIlkmO5I=,tag:1ESax9tQ9ygghVLeHOkfJw==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.3 version: 3.9.3