rarias/jungle
2
0
Fork 3
Code Issues 61 Pull Requests 10 Actions Packages Projects 1 Releases Wiki Activity
Files
add-nextcloud
jungle/m/tent/nextcloud.nix
Rodrigo Arias Mallo b180ea43b5
All checks were successful
CI / build:cross (pull_request) Successful in 8s
Details
CI / build:all (pull_request) Successful in 16s
Details
Add Nextcloud service in tent
2026-03-11 13:06:54 +01:00

72 lines
2.2 KiB
Nix
Raw Permalink Blame History

{ pkgs, config, ... }:
{
age.secrets.tent-nextcloud-admin-pass.file = ../../secrets/tent-nextcloud-admin-pass.age;
services.nextcloud = {
package = pkgs.nextcloud32;
enable = true;
hostName = "localhost";
config.adminpassFile = config.age.secrets.tent-nextcloud-admin-pass.path;
config.dbtype = "sqlite";
extraApps = {
inherit (config.services.nextcloud.package.packages.apps)
news
contacts
calendar
tasks;
# The app richdocuments (i.e. office) is not enabled yet as there are
# problems with the WOPI protocol in a subdir.
};
extraAppsEnable = true;
settings = let
prot = "https";
host = "jungle.bsc.es";
dir = "/nextcloud";
in {
overwriteprotocol = prot;
overwritehost = host;
overwritewebroot = dir;
overwrite.cli.url = "${prot}://${host}${dir}/";
htaccess.RewriteBase = dir;
};
};
services.nginx.virtualHosts."${config.services.nextcloud.hostName}".listen = [ {
addr = "127.0.0.1";
port = 8066; # NOT an exposed port
} ];
services.nginx.virtualHosts."jungle.bsc.es".locations = {
"^~ /.well-known" = {
priority = 9000;
extraConfig = ''
absolute_redirect off;
location ~ ^/\\.well-known/(?:carddav|caldav)$ {
return 301 /nextcloud/remote.php/dav;
}
location ~ ^/\\.well-known/host-meta(?:\\.json)?$ {
return 301 /nextcloud/public.php?service=host-meta-json;
}
location ~ ^/\\.well-known/(?!acme-challenge|pki-validation) {
return 301 /nextcloud/index.php$request_uri;
}
try_files $uri $uri/ =404;
'';
};
"/nextcloud/" = {
priority = 9999;
extraConfig = ''
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto http;
proxy_pass http://127.0.0.1:8066/; # tailing / is important!
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
'';
};
};
}
Reference in New Issue View Git Blame Copy Permalink