oqyude/nixos
1
0
Fork 0
mirror of https://github.com/oqyude/nixos.git synced 2026-06-15 06:30:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

213kdsanmfkld

Browse Source
This commit is contained in:
Jor Oqyude
2025-09-20 16:09:28 +03:00
parent 4074b188e9
commit 259a07de8e
3 changed files with 91 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nixosModules/server/nextcloud.nix
+57 -54
View File
@@ -83,75 +83,78 @@
; ;
}; };
}; };
collabora-online = { # collabora-online = {
enable = true;
port = 9980;
settings = {
# Rely on reverse proxy for SSL
server_name = "collabora.zeroq.ru";
ssl = {
enable = false;
termination = true;
ssl_verification = false;
};
net = {
listen = "loopback";
post_allow.host = [
"localhost"
"100.64.0.0"
]; # "::1"
};
storage.wopi = {
"@allow" = true;
host = [ "nextcloud.zeroq.ru" ];
};
};
};
# onlyoffice = {
# enable = false; # enable = false;
# hostname = "localhost"; # port = 9980;
# settings = {
# # Rely on reverse proxy for SSL
# server_name = "collabora.zeroq.ru";
# ssl = {
# enable = false;
# termination = true;
# ssl_verification = false;
# }; # };
# net = {
# listen = "loopback";
# post_allow.host = [
# "localhost"
# "100.64.0.0"
# ]; # "::1"
# };
# storage.wopi = {
# "@allow" = true;
# host = [ "nextcloud.zeroq.ru" ];
# };
# };
# };
onlyoffice = {
enable = true;
hostname = "127.0.0.1";
};
#rabbitmq.enable = false; #rabbitmq.enable = false;
}; };
networking.hosts = { networking.hosts = {
"127.0.0.1" = [ "127.0.0.1" = [
"nextcloud.zeroq.ru" "nextcloud.zeroq.ru"
"collabora.zeroq.com" "office.zeroq.com"
"collabora.zeroq.ru"
]; ];
"::1" = [ "::1" = [
"nextcloud.zeroq.ru" "nextcloud.zeroq.ru"
"collabora.zeroq.ru" "collabora.zeroq.ru"
"collabora.zeroq.ru"
]; ];
}; };
systemd.services.nextcloud-config-collabora = # systemd.services.nextcloud-config-collabora =
let # let
inherit (config.services.nextcloud) occ; # inherit (config.services.nextcloud) occ;
wopi_url = "http://[::1]:${toString config.services.collabora-online.port}"; # wopi_url = "http://[::1]:${toString config.services.collabora-online.port}";
public_wopi_url = "https://collabora.zeroq.ru"; # public_wopi_url = "https://collabora.zeroq.ru";
wopi_allowlist = lib.concatStringsSep "," [ # wopi_allowlist = lib.concatStringsSep "," [
"127.0.0.1" # "127.0.0.1"
"::1" # "::1"
]; # ];
in # in
{ # {
wantedBy = [ "multi-user.target" ]; # wantedBy = [ "multi-user.target" ];
after = [ # after = [
"nextcloud-setup.service" # "nextcloud-setup.service"
"coolwsd.service" # "coolwsd.service"
]; # ];
requires = [ "coolwsd.service" ]; # requires = [ "coolwsd.service" ];
script = '' # script = ''
${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_url --value ${lib.escapeShellArg wopi_url} # ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_url --value ${lib.escapeShellArg wopi_url}
${occ}/bin/nextcloud-occ config:app:set richdocuments public_wopi_url --value ${lib.escapeShellArg public_wopi_url} # ${occ}/bin/nextcloud-occ config:app:set richdocuments public_wopi_url --value ${lib.escapeShellArg public_wopi_url}
${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_allowlist --value ${lib.escapeShellArg wopi_allowlist} # ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_allowlist --value ${lib.escapeShellArg wopi_allowlist}
${occ}/bin/nextcloud-occ richdocuments:setup # ${occ}/bin/nextcloud-occ richdocuments:setup
''; # '';
serviceConfig = { # serviceConfig = {
Type = "oneshot"; # Type = "oneshot";
}; # };
}; # };
fileSystems."/mnt/nextcloud" = { fileSystems."/mnt/nextcloud" = {
device = "${xlib.dirs.nextcloud-folder}"; device = "${xlib.dirs.nextcloud-folder}";
nixosModules/server/nginx.nix
+14 -14
View File
@@ -27,20 +27,20 @@
} }
]; ];
}; };
# "localhost" = { "127.0.0.1" = {
# forceSSL = false; forceSSL = false;
# enableACME = false; enableACME = false;
# listen = [ listen = [
# { {
# addr = "100.64.0.0"; addr = "100.64.0.0";
# port = 80; port = 8000;
# } }
# { {
# addr = "192.168.1.20"; addr = "192.168.1.20";
# port = 80; port = 8000;
# } }
# ]; ];
# }; };
"localhost:9980" = { "localhost:9980" = {
forceSSL = false; forceSSL = false;
enableACME = false; enableACME = false;
nixosModules/vds/nginx.nix
+18 -20
View File
@@ -16,6 +16,22 @@ in
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
virtualHosts = { virtualHosts = {
"office.zeroq.ru" = {
enableACME = true;
forceSSL = true;
kTLS = true;
# locations."/" = {
# proxyPass = "http://${server}:8000";
# proxyWebsockets = true; # onlyoffice uses websockets
# };
extraConfig = ''
reverse_proxy http://${server}:8000 {
# Required to circumvent bug of Onlyoffice loading mixed non-https content
header_up X-Forwarded-Proto https
client_max_body_size 5G;
}
'';
};
"collabora.zeroq.ru" = { "collabora.zeroq.ru" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@@ -106,26 +122,8 @@ in
# }; # };
}; };
}; };
# blocky = { caddy = {
# enable = true; enable = true
# settings = {
# ports.dns = 53; # Port for incoming DNS Queries.
# upstreams.groups.default = [
# "https://dns.quad9.net/dns-query" # Using Cloudflare's DNS over HTTPS server for resolving queries.
# ];
# # For initially solving DoH/DoT Requests when no system Resolver is available.
# bootstrapDns = {
# upstream = "https://dns.quad9.net/dns-query";
# ips = [ "9.9.9.9" ];
# };
# # Custom DNS entries
# customDNS = {
# mapping = {
# "immich.zeroq.ru" = "100.90.0.0";
# };
# };
# };
# };
}; };
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;