NixOS-Config/nixos/server/package-configs/caddy/default.nix

{config, ...}: {
  services.phpfpm.pools.nextcloud.settings = {
    "listen.owner" = config.services.caddy.user;
    "listen.group" = config.services.caddy.group;
  };

  users.users.caddy.extraGroups = ["nextcloud"];

  services.caddy = {
    enable = true;

    # Setup Nextcloud virtual host to listen on ports
    virtualHosts = {
      "${config.services.nextcloud.hostName}" = {
        useACMEHost = "${config.services.nextcloud.hostName}";
        extraConfig = ''
           redir /.well-known/carddav /remote.php/dav 301
           redir /.well-known/caldav /remote.php/dav 301
           redir /.well-known/webfinger /index.php/.well-known/webfinger 301
           redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301

           encode gzip
           reverse_proxy localhost:9000
           header Strict-Transport-Security max-age=31536000;
           @forbidden {
            path /.htaccess
            path /data/*
            path /config/*
            path /db_structure
            path /.xml
            path /README
            path /3rdparty/*
            path /lib/*
            path /templates/*
            path /occ
            path /console.php
          }
          handle @forbidden {
            respond 404
          }

          handle {
          	root * /var/www/html
          	php_fastcgi 127.0.0.1:9000 {
          		# Tells nextcloud to remove /index.php from URLs in links
          		env front_controller_active true
          	}
          	file_server
          }
        '';
      };
      "onlyoffice.gladtherescake.eu" = {
      };
    };
  };
}
get freetube from edge 2025-02-01 14:38:19 +01:00			`{config, ...}: {`
			`services.phpfpm.pools.nextcloud.settings = {`
			`"listen.owner" = config.services.caddy.user;`
			`"listen.group" = config.services.caddy.group;`
			`};`

			`users.users.caddy.extraGroups = ["nextcloud"];`

			`services.caddy = {`
			`enable = true;`

			`# Setup Nextcloud virtual host to listen on ports`
			`virtualHosts = {`
			`"${config.services.nextcloud.hostName}" = {`
			`useACMEHost = "${config.services.nextcloud.hostName}";`
			`extraConfig = ''`
			`redir /.well-known/carddav /remote.php/dav 301`
			`redir /.well-known/caldav /remote.php/dav 301`
			`redir /.well-known/webfinger /index.php/.well-known/webfinger 301`
			`redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301`

			`encode gzip`
			`reverse_proxy localhost:9000`
			`header Strict-Transport-Security max-age=31536000;`
			`@forbidden {`
			`path /.htaccess`
			`path /data/*`
			`path /config/*`
			`path /db_structure`
			`path /.xml`
			`path /README`
			`path /3rdparty/*`
			`path /lib/*`
			`path /templates/*`
			`path /occ`
			`path /console.php`
			`}`
			`handle @forbidden {`
			`respond 404`
			`}`

			`handle {`
			`root * /var/www/html`
			`php_fastcgi 127.0.0.1:9000 {`
			`# Tells nextcloud to remove /index.php from URLs in links`
			`env front_controller_active true`
			`}`
			`file_server`
			`}`
			`'';`
			`};`
			`"onlyoffice.gladtherescake.eu" = {`
			`};`
			`};`
			`};`
			`}`