tbarnouin/nixos-hypervisor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add working OnlyOffice config
Some checks failed
/ Build Nix targets (push) Has been cancelled
Details

Browse source
This commit is contained in:
Théo Barnouin 2025-05-28 16:03:46 +02:00
parent 008ecc2661
commit 2fbeff46e1
2 changed files with 11 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
services/nginx/default.nix
View file

@ -1,6 +1,5 @@
{ {
config, config,
pkgs,
lib, lib,
inputs, inputs,
... ...
@ -114,7 +113,7 @@ in {
# Enable CSP for your services. # Enable CSP for your services.
#add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
add_header Content-Security-Policy "frame-ancestors self *.le43.eu; upgrade-insecure-requests; frame-src 'self' http://office.le43.eu;"; add_header Content-Security-Policy "frame-ancestors self *.le43.eu; upgrade-insecure-requests; frame-src 'self' http://doc.le43.eu;";
# Minimize information leaked to other domains # Minimize information leaked to other domains
@ -138,6 +137,15 @@ in {
enableACME = true; enableACME = true;
globalRedirect = "authentik.le43.eu"; globalRedirect = "authentik.le43.eu";
}; };
"doc.le43.eu" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://192.168.1.20";
proxyWebsockets = true;
recommendedProxySettings = true;
};
};
"logs.le43.eu" = { "logs.le43.eu" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;

2
services/onlyoffice/default.nix
View file

@ -26,7 +26,7 @@ in {
services = { services = {
onlyoffice = { onlyoffice = {
enable = true; enable = true;
hostname = "office.le43.eu"; hostname = "doc.le43.eu";
port = 8000; port = 8000;
postgresName = "onlyoffice"; postgresName = "onlyoffice";
postgresHost = "${cfg.pgsql_ip}"; postgresHost = "${cfg.pgsql_ip}";