Try this onlyoffice config

This commit is contained in:
Lillian Violet 2023-11-23 19:24:27 +01:00
parent 61f87d59b9
commit 002a9676c5
3 changed files with 37 additions and 4 deletions

View file

@ -56,6 +56,8 @@
sops.secrets."nextcloudadmin".owner = config.users.users.nextcloud.name; sops.secrets."nextcloudadmin".owner = config.users.users.nextcloud.name;
sops.secrets."nextclouddb".mode = "0440"; sops.secrets."nextclouddb".mode = "0440";
sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name; sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name;
sops.secrets."local.json".mode = "0440";
sops.secrets."local.json".owner = config.users.users.onlyoffice.name;
nix = { nix = {
gc = { gc = {
@ -146,7 +148,7 @@
extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"]; extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
nextcloud.extraGroups = [config.users.groups.keys.name "aria2"]; nextcloud.extraGroups = [config.users.groups.keys.name "aria2" "onlyoffice"];
}; };
# Enable completion of system packages by zsh # Enable completion of system packages by zsh

View file

@ -24,6 +24,10 @@
## LetsEncrypt ## LetsEncrypt
enableACME = true; enableACME = true;
}; };
"onlyoffice.example.com" = {
forceSSL = true;
enableACME = true;
};
}; };
}; };
@ -41,11 +45,16 @@
autoUpdateApps.enable = true; autoUpdateApps.enable = true;
# Set what time makes sense for you # Set what time makes sense for you
autoUpdateApps.startAt = "05:00:00"; autoUpdateApps.startAt = "05:00:00";
configureRedis = true;
maxUploadSize = "16G";
enableBrokenCiphersForSSE = false;
config = { config = {
# Further forces Nextcloud to use HTTPS # Further forces Nextcloud to use HTTPS
overwriteProtocol = "https"; overwriteProtocol = "https";
defaultPhoneRegion = "NL";
# Nextcloud PostegreSQL database configuration, recommended over using SQLite # Nextcloud PostegreSQL database configuration, recommended over using SQLite
dbtype = "pgsql"; dbtype = "pgsql";
dbuser = "nextcloud"; dbuser = "nextcloud";
@ -58,6 +67,12 @@
}; };
}; };
onlyoffice = {
enable = true;
hostname = "onlyoffice.example.com";
jwtSecretFile = config.sops.secrets."local.json".path;
};
# Enable PostgreSQL # Enable PostgreSQL
services.postgresql = { services.postgresql = {
enable = true; enable = true;
@ -78,7 +93,7 @@
}; };
systemd.services."sops-nix.service" = { systemd.services."sops-nix.service" = {
before = ["nextcloud-setup.service" "postgresql.service"]; before = ["nextcloud-setup.service" "postgresql.service" "onlyoffice.service"];
}; };
# Ensure that postgres is running before running the setup # Ensure that postgres is running before running the setup

View file

@ -1,5 +1,21 @@
nextcloudadmin: ENC[AES256_GCM,data:LqgutUXs1msmFUNa+4JI1BEq0R8=,iv:sLP52reqsJfUNQnA9MbtbcZjGeluHDaO3dlHpWCLU4M=,tag:ChG/hZIMcmc0wt2AWOBNCA==,type:str] nextcloudadmin: ENC[AES256_GCM,data:LqgutUXs1msmFUNa+4JI1BEq0R8=,iv:sLP52reqsJfUNQnA9MbtbcZjGeluHDaO3dlHpWCLU4M=,tag:ChG/hZIMcmc0wt2AWOBNCA==,type:str]
nextclouddb: ENC[AES256_GCM,data:EFwVtVD4KnEiZ5SM+1XW0U0mR/I2IXcRYXhQTgwv788=,iv:blHbNqI/Gq4tUQuqKWgrX9tYj6XKLRrWl1LFN+cn71M=,tag:H/7vobp5OwPbqsapvw7mUw==,type:str] nextclouddb: ENC[AES256_GCM,data:EFwVtVD4KnEiZ5SM+1XW0U0mR/I2IXcRYXhQTgwv788=,iv:blHbNqI/Gq4tUQuqKWgrX9tYj6XKLRrWl1LFN+cn71M=,tag:H/7vobp5OwPbqsapvw7mUw==,type:str]
local.json:
services:
CoAuthoring:
token:
enable:
request:
inbox: ENC[AES256_GCM,data:lEB5UA==,iv:mvTrV1LIenxW/HUkEmpuSmU55oI4a4OxAyvnRzFoW5Y=,tag:pyT/QvpCf6Al9J7UHAHjFw==,type:bool]
outbox: ENC[AES256_GCM,data:LTKWdA==,iv:gNqHxkkYCWAxyUHixpN9dKhD96DykctuFsBtBcqqQLM=,tag:whh2tJ6VgQuT8aOiHoz8+w==,type:bool]
browser: ENC[AES256_GCM,data:FHnX8w==,iv:7mtRZiPQwtfIVbgsbGb/6wLX9VhAXXeAgQvIXgK7ldo=,tag:+74AKU2cjgXS16Iy+Z5T2Q==,type:bool]
secret:
inbox:
string: ENC[AES256_GCM,data:jvd3/hiLjwQPwdKSqGqoB7jYXxMlx+94gudsvCWPKdw=,iv:MPork/F2AMzRnmBVdN3S3YobAyxOJWdwZHYll/3rJ68=,tag:AwGMsFKCVZsdoLBHIYVBzg==,type:str]
outbox:
string: ENC[AES256_GCM,data:Rktq5FYhgrAcWKvlmmKBGf1ZW7r93o7nA9cGfwbZnoY=,iv:NsRodeTTkMFsLshdK5FrReCCXvtH4xuPFP0Cnsm4ito=,tag:AMSktqB+Ho6naOwWzIalIA==,type:str]
session:
string: ENC[AES256_GCM,data:fDVVoivTZswECVStgBKWKkOeXrW449fBUMNpESAbXks=,iv:UBiYgap28ZwvZJH/ETZZY1CvZfHzJ175FVPHwMhLlrw=,tag:Gtv9XjsGL6Svx5JHEIj9EA==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -15,8 +31,8 @@ sops:
KzNBMCtUaS9sU21Xc1JUd1FSR29tSkEKyqaDM/WUWjK2l+ahE6sIFYsQ6Qtkf7yz KzNBMCtUaS9sU21Xc1JUd1FSR29tSkEKyqaDM/WUWjK2l+ahE6sIFYsQ6Qtkf7yz
NWFTzsDZBmm9kpSIjchf+PuBuoRHeEKbEH8jnMlYB3J8boEnUnXMlw== NWFTzsDZBmm9kpSIjchf+PuBuoRHeEKbEH8jnMlYB3J8boEnUnXMlw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-11-20T16:04:50Z" lastmodified: "2023-11-23T18:20:20Z"
mac: ENC[AES256_GCM,data:eXTRcUy7s6NGN7ziA4CFz1Z3bhF0nNWtVI5o/WwMg7UFmW8AhJ2Hjzp0AJSkQxZOav2Fu/t9ENsu3OTdx3khxk9a1M8BV5VqJQ/DmXXfuZjjJ5cqYDBdQqDI+E6Ai6BJHHN0A4r5xkQ7fpdXsolshJKXi9sNiAjYY3zoJi3id9Y=,iv:d214ZHFIm/KmgzYBZrRm58yFZol/dfw6twZthFOAgvY=,tag:2Z4P0iCYNSNiIc2PwW733Q==,type:str] mac: ENC[AES256_GCM,data:c6CaVuNPHq1Qaiklxzszqnb1UoFU7uyHYXr1FGvLssMVA6qhmEgXwFBi7iHvkK9FG+zSIgPf3ZhY7rpd3ddp42Z2WL9dOEVBpJ6SZcbG+k8gg6oq/PX/9/F0NIEuBUXgSz8vnLtqaOTxF++3TZvHWK0drP4bqck546tpcTpXVtU=,iv:hwwYCaC2OZftJVFYxA39KPiH0lwFA8X4GrDm9vKNb0I=,tag:W9sCVNyOfNy7g33iTIc+gA==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1