63 lines
1.5 KiB
Nix
63 lines
1.5 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
namespace,
|
|
...
|
|
}:
|
|
let
|
|
inherit (lib.${namespace}) mkOpt mkReverseProxyOpt;
|
|
cfg = config.${namespace}.services.collabora;
|
|
|
|
jwtSecretFile = config.sops.secrets."jallen-nas/onlyoffice-key".path;
|
|
in
|
|
{
|
|
options.${namespace}.services.collabora = with lib; {
|
|
enable = lib.mkEnableOption "";
|
|
|
|
port = mkOpt types.int 9980 "Port for opencloud to be hosted on";
|
|
|
|
configPath = mkOpt types.str "/media/nas/main/nix-app-data/collabora" "Path to the data dir";
|
|
|
|
puid = mkOpt types.str "911" "puid";
|
|
|
|
pgid = mkOpt types.str "1000" "pgid";
|
|
|
|
timeZone = mkOpt types.str "America/Chicago" "container tz";
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
services.collabora-online = {
|
|
enable = true;
|
|
port = cfg.port;
|
|
settings = {
|
|
# Rely on reverse proxy for SSL
|
|
ssl = {
|
|
enable = false;
|
|
termination = true;
|
|
};
|
|
|
|
# Listen on loopback interface only, and accept requests from ::1
|
|
net = {
|
|
listen = "0.0.0.0";
|
|
post_allow.host = [
|
|
"cloud.mjallen.dev"
|
|
"office.mjallen.dev"
|
|
"10.0.1.3"
|
|
"10.0.1.0/24"
|
|
];
|
|
frame_ancestors = "cloud.mjallen.dev";
|
|
};
|
|
|
|
# Restrict loading documents from WOPI Host
|
|
storage.wopi = {
|
|
"@allow" = true;
|
|
host = ["cloud.mjallen.dev"];
|
|
};
|
|
|
|
# Set FQDN of server
|
|
server_name = "office.mjallen.dev";
|
|
};
|
|
};
|
|
};
|
|
}
|