{ config, lib, pkgs, namespace, ... }: with lib; let name = "opencloud"; cfg = config.${namespace}.services.${name}; # # Create an environment file from the configuration # envFile = pkgs.writeText "opencloud-environment" '' # OC_JWT_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"} # OC_TRANSFER_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"} # OC_MACHINE_AUTH_API_KEY=${config.sops.placeholder."jallen-nas/onlyoffice-key"} # OC_ADD_RUN_SERVICES=collaboration,app-provider # OC_REVA_GATEWAY=eu.opencloud.api.gateway # APP_PROVIDER_WOPI_APP_NAME=Collabora # APP_PROVIDER_ENABLE=true # APP_PROVIDER_SERVICE_NAME=app-provider-collabora # COLLABORATION_APP_NAME=Collabora # COLLABORATION_APP_PRODUCT=Collabora # COLLABORATION_WOPI_DISCOVERY_URL=https://office.mjallen.dev/hosting/discovery # COLLABORATION_WOPI_SRC=https://office.mjallen.dev # OC_COLLABORATION_WOPI_URL=https://office.mjallen.dev # COLLABORATION_APP_ADDR=https://office.mjallen.dev # COLLABORATION_APP_INSECURE=false # COLLABORATION_APP_PROOF_DISABLE=true # COLLABORATION_WOPI_SHORTTOKENS=false # MICRO_REGISTRY=nats-js-kv # MICRO_REGISTRY_ADDRESS=127.0.0.1:9233 # OC_SYSTEM_USER_ID=${cfg.puid} # OC_LOG_LEVEL=info # APP_PROVIDER_PROVIDERS=collabora # APP_PROVIDER_COLLABORA_NAME=Collabora # APP_PROVIDER_COLLABORA_PRODUCT=Collabora Online # APP_PROVIDER_COLLABORA_ADDR=https://office.mjallen.dev # APP_PROVIDER_COLLABORA_ICON=https://office.mjallen.dev/favicon.ico # APP_PROVIDER_COLLABORA_MIME_TYPES=application/vnd.openxmlformats-officedocument.wordprocessingml.document application/vnd.openxmlformats-officedocument.spreadsheetml.sheet application/vnd.openxmlformats-officedocument.presentationml.presentation application/msword application/vnd.ms-excel application/vnd.ms-powerpoint text/plain # NATS_NATS_HOST=${cfg.listenAddress} # GATEWAY_GRPC_ADDR=${cfg.listenAddress}:9142 # OC_DB_TYPE=postgres # OC_DB_HOST=10.0.1.3 # OC_DB_PORT=5432 # OC_DB_USER=opencloud # OC_DB_NAME=opencloud # OC_INSECURE=true # PROXY_TLS=false # PROXY_HTTP_ADDR=${cfg.listenAddress}:9200 # OC_URL=https://cloud.mjallen.dev # OC_PUBLIC_URL=https://cloud.mjallen.dev # PUID=${cfg.puid} # PGID=${cfg.pgid} # TZ=${cfg.timeZone} # ''; opencloudConfig = lib.${namespace}.mkModule { inherit config name; serviceName = "opencloud"; description = "OpenCloud - Secure and private file sharing and storage"; options = { }; moduleConfig = { services.opencloud = { enable = true; url = "https://cloud.mjallen.dev"; address = cfg.listenAddress; port = cfg.port; stateDir = "${cfg.configDir}/opencloud"; environment = { PROXY_TLS = "false"; # disable https when behind reverse-proxy INITIAL_ADMIN_PASSWORD = "BogieDudie1"; OC_DB_TYPE = "postgres"; OC_DB_HOST = "10.0.1.3"; OC_DB_PORT = "5432"; OC_DB_USER = "opencloud"; OC_DB_NAME = "opencloud"; OC_INSECURE = "true"; OC_LOG_LEVEL = "debug"; # PROXY_TLS = "false"; # PROXY_HTTP_ADDR= "${cfg.listenAddress}:9200"; # OC_URL = "https://cloud.mjallen.dev" # OC_PUBLIC_URL = "https://cloud.mjallen.dev" }; }; # Create the secret template sops.templates = { "opencloud.env" = { content = '' OC_JWT_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"} OC_TRANSFER_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"} OC_MACHINE_AUTH_API_KEY=${config.sops.placeholder."jallen-nas/onlyoffice-key"} ''; }; }; # # Create directories # systemd.tmpfiles.rules = [ # "d '${cfg.dataDir}/opencloud' 0750 ${cfg.user} ${cfg.group} - -" # "d '${cfg.configDir}/opencloud' 0750 ${cfg.user} ${cfg.group} - -" # ]; }; }; in { imports = [ opencloudConfig ]; }