rarias/jungle
2
0
Fork 3
Code Issues 63 Pull Requests 10 Actions Packages Projects Releases Wiki Activity

Add Nextcloud service in tent #240

Open
rarias wants to merge 1 commits from add-nextcloud into master
pull from: add-nextcloud
merge into: rarias:master
Conversation 1 Commits 1 Files Changed 4 +73
rarias commented 2026-03-11 13:15:10 +01:00
Owner
Copy Link
No description provided.
rarias added 1 commit 2026-03-11 13:15:11 +01:00
Add Nextcloud service in tent
All checks were successful
CI / build:cross (pull_request) Successful in 8s
Details
CI / build:all (pull_request) Successful in 16s
Details
b180ea43b5
rarias requested review from abonerib 2026-03-11 13:15:17 +01:00
abonerib reviewed 2026-03-12 13:16:25 +01:00
m/tent/nextcloud.nix
@@ -0,0 +3,4 @@
age.secrets.tent-nextcloud-admin-pass.file = ../../secrets/tent-nextcloud-admin-pass.age;
services.nextcloud = {
package = pkgs.nextcloud32;
abonerib commented 2026-03-12 13:11:28 +01:00
Collaborator
Copy Link

End of life for 32 is this September:

https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule

End of life for 32 is this September: https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule
m/tent/nextcloud.nix
@@ -0,0 +37,4 @@
} ];
services.nginx.virtualHosts."jungle.bsc.es".locations = {
"^~ /.well-known" = {
abonerib commented 2026-03-12 13:08:57 +01:00
Collaborator
Copy Link

Can't we use proxy_pass http://127.0.0.1:8066 (without the slash), since the localhost nginx has the same .well-known rule?

Can't we use `proxy_pass http://127.0.0.1:8066` (without the slash), since the localhost nginx has the same `.well-known` rule?
m/tent/nextcloud.nix
@@ -0,0 +50,4 @@
location ~ ^/\\.well-known/(?!acme-challenge|pki-validation) {
return 301 /nextcloud/index.php$request_uri;
}
try_files $uri $uri/ =404;
abonerib commented 2026-03-12 12:22:18 +01:00
Collaborator
Copy Link

Noticed that the nextcloud 32 docs have the rules for acme/pki the other way around to what it's done in the NixOS module.

I am not sure if these are used, we can keep it in line with the NixOS version for now if it's not broken, but good to keep in mind:

# nextcloud docs
location ^~ /.well-known {
    # The rules in this block are an adaptation of the rules
    # in the Nextcloud `.htaccess` that concern `/.well-known`.

    location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; }
    location = /.well-known/caldav  { return 301 /nextcloud/remote.php/dav/; }

    location /.well-known/acme-challenge    { try_files $uri $uri/ =404; }
    location /.well-known/pki-validation    { try_files $uri $uri/ =404; }

    # Let Nextcloud's API for `/.well-known` URIs handle all other
    # requests by passing them to the front-end controller.
    return 301 /nextcloud/index.php$request_uri;
}

NixOS version taken from tent localhost:

# nix eval .#nixosConfigurations.tent.config.services.nginx.virtualHosts.localhost.locations --json | jq '."^~ /.well-known".extraConfig' --raw-output
absolute_redirect off;
location = /.well-known/carddav {
  return 301 /remote.php/dav/;
}
location = /.well-known/caldav {
  return 301 /remote.php/dav/;
}
location ~ ^/\.well-known/(?!acme-challenge|pki-validation) {
  return 301 /index.php$request_uri;
}
try_files $uri $uri/ =404;
Noticed that the [nextcloud 32 docs][1] have the rules for acme/pki the other way around to what it's done in the NixOS module. I am not sure if these are used, we can keep it in line with the NixOS version for now if it's not broken, but good to keep in mind: ```nginx # nextcloud docs location ^~ /.well-known { # The rules in this block are an adaptation of the rules # in the Nextcloud `.htaccess` that concern `/.well-known`. location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; } location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; } location /.well-known/acme-challenge { try_files $uri $uri/ =404; } location /.well-known/pki-validation { try_files $uri $uri/ =404; } # Let Nextcloud's API for `/.well-known` URIs handle all other # requests by passing them to the front-end controller. return 301 /nextcloud/index.php$request_uri; } ``` NixOS version taken from tent localhost: ```nginx # nix eval .#nixosConfigurations.tent.config.services.nginx.virtualHosts.localhost.locations --json | jq '."^~ /.well-known".extraConfig' --raw-output absolute_redirect off; location = /.well-known/carddav { return 301 /remote.php/dav/; } location = /.well-known/caldav { return 301 /remote.php/dav/; } location ~ ^/\.well-known/(?!acme-challenge|pki-validation) { return 301 /index.php$request_uri; } try_files $uri $uri/ =404; ``` [1]: https://docs.nextcloud.com/server/32/admin_manual/installation/nginx.html#nextcloud-in-a-subdir-of-the-nginx-webroot
All checks were successful
CI / build:cross (pull_request) Successful in 8s
Details
CI / build:all (pull_request) Successful in 16s
Details
This pull request can be merged automatically.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin add-nextcloud:add-nextcloud
git checkout add-nextcloud
Sign in to join this conversation.
Reviewers
No Reviewers
abonerib
Labels
Clear labels
bug
ceph
ci
config
cross
hw
io
kernel
mpi
net
nix
ops
repair
slurm
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
abonerib anavarro arocanon varcila rarias
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: rarias/jungle#240
Delete Branch "add-nextcloud"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?