{ config, lib, namespace, ... }: with lib; let inherit (lib.${namespace}) mkOpt mkReverseProxyOpt; cfg = config.${namespace}.services.opencloud; opencloudConfig = { sops.templates = { "opencloud.env" = { content = '' OC_JWT_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"} OC_TRANSFER_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"} OC_MACHINE_AUTH_API_KEY=${config.sops.placeholder."jallen-nas/onlyoffice-key"} ''; }; }; virtualisation.oci-containers.containers.opencloud = { autoStart = true; image = "opencloudeu/opencloud-rolling"; ports = [ "${toString cfg.port}:9200" ]; volumes = [ "${cfg.dataPath}:/var/lib/opencloud" "${cfg.configPath}:/etc/opencloud" ]; environmentFiles = [ config.sops.templates."opencloud.env".path ]; environment = { OC_ADD_RUN_SERVICES = "collaboration,app-provider"; OC_REVA_GATEWAY = "eu.opencloud.api.gateway"; APP_PROVIDER_WOPI_APP_NAME = "Collabora"; APP_PROVIDER_ENABLE = "true"; APP_PROVIDER_SERVICE_NAME = "app-provider-collabora"; COLLABORATION_APP_NAME = "Collabora"; COLLABORATION_APP_PRODUCT = "Collabora"; COLLABORATION_WOPI_DISCOVERY_URL = "https://office.mjallen.dev/hosting/discovery"; COLLABORATION_WOPI_SRC = "https://office.mjallen.dev"; OC_COLLABORATION_WOPI_URL = "https://office.mjallen.dev"; COLLABORATION_APP_ADDR = "https://office.mjallen.dev"; COLLABORATION_APP_INSECURE = "false"; COLLABORATION_APP_PROOF_DISABLE = "true"; COLLABORATION_WOPI_SHORTTOKENS = "false"; # COLLABORATION_GRPC_ADDR = "0.0.0.0:9301"; # COLLABORATION_HTTP_ADDR = "0.0.0.0:9200"; MICRO_REGISTRY = "nats-js-kv"; MICRO_REGISTRY_ADDRESS = "127.0.0.1:9233"; OC_SYSTEM_USER_ID = cfg.puid; OC_LOG_LEVEL = "info"; APP_PROVIDER_PROVIDERS = "collabora"; APP_PROVIDER_COLLABORA_NAME = "Collabora"; APP_PROVIDER_COLLABORA_PRODUCT = "Collabora Online"; APP_PROVIDER_COLLABORA_ADDR = "https://office.mjallen.dev"; APP_PROVIDER_COLLABORA_ICON = "https://office.mjallen.dev/favicon.ico"; APP_PROVIDER_COLLABORA_MIME_TYPES = '' application/vnd.openxmlformats-officedocument.wordprocessingml.document application/vnd.openxmlformats-officedocument.spreadsheetml.sheet application/vnd.openxmlformats-officedocument.presentationml.presentation application/msword application/vnd.ms-excel application/vnd.ms-powerpoint text/plain ''; NATS_NATS_HOST = "0.0.0.0"; GATEWAY_GRPC_ADDR = "0.0.0.0:9142"; OC_DB_TYPE = "postgres"; OC_DB_HOST = "10.0.1.3"; OC_DB_PORT = "5432"; OC_DB_USER = "opencloud"; OC_DB_NAME = "opencloud"; OC_INSECURE = "true"; PROXY_TLS = "false"; PROXY_HTTP_ADDR = "0.0.0.0:9200"; OC_URL = "https://cloud.mjallen.dev"; OC_PUBLIC_URL = "https://cloud.mjallen.dev"; PUID = cfg.puid; PGID = cfg.pgid; TZ = cfg.timeZone; }; }; }; # Create reverse proxy configuration using mkReverseProxy reverseProxyConfig = lib.${namespace}.mkReverseProxy { name = "cloud"; subdomain = cfg.reverseProxy.subdomain; url = "http://${cfg.localAddress}:${toString cfg.port}"; middlewares = cfg.reverseProxy.middlewares; }; fullConfig = { "${namespace}".services.traefik = lib.mkIf cfg.reverseProxy.enable { reverseProxies = [ reverseProxyConfig ]; }; } // opencloudConfig; in { options.${namespace}.services.opencloud = { enable = mkEnableOption "opencloud service"; port = mkOpt types.int 9200 "Port for opencloud to be hosted on"; localAddress = mkOpt types.str "127.0.0.1" "local address of the service"; dataPath = mkOpt types.str "/media/nas/main/opencloud" "Path to the data dir"; configPath = mkOpt types.str "/media/nas/main/nix-app-data/opencloud" "Path to the data dir"; puid = mkOpt types.str "911" "puid"; pgid = mkOpt types.str "1000" "pgid"; timeZone = mkOpt types.str "America/Chicago" "container tz"; reverseProxy = mkReverseProxyOpt; }; config = mkIf cfg.enable fullConfig; }