Add working OnlyOffice config

services/nginx/default.nix

@@ -1,6 +1,5 @@
 {
   config,
-  pkgs,
   lib,
   inputs,
   ...
@@ -114,7 +113,7 @@ in {
 
           # Enable CSP for your services.
           #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
-          add_header Content-Security-Policy "frame-ancestors self *.le43.eu; upgrade-insecure-requests; frame-src 'self' http://office.le43.eu;";
+          add_header Content-Security-Policy "frame-ancestors self *.le43.eu; upgrade-insecure-requests; frame-src 'self' http://doc.le43.eu;";
 
 
           # Minimize information leaked to other domains
@@ -138,6 +137,15 @@ in {
             enableACME = true;
             globalRedirect = "authentik.le43.eu";
           };
+          "doc.le43.eu" = {
+            forceSSL = true;
+            enableACME = true;
+            locations."/" = {
+              proxyPass = "http://192.168.1.20";
+              proxyWebsockets = true;
+              recommendedProxySettings = true;
+            };
+          };
           "logs.le43.eu" = {
             forceSSL = true;
             enableACME = true;

services/onlyoffice/default.nix

@@ -26,7 +26,7 @@ in {
     services = {
       onlyoffice = {
         enable = true;
-        hostname = "office.le43.eu";
+        hostname = "doc.le43.eu";
         port = 8000;
         postgresName = "onlyoffice";
         postgresHost = "${cfg.pgsql_ip}";