diff --git a/flake.nix b/flake.nix index 4659243..834a88e 100644 --- a/flake.nix +++ b/flake.nix @@ -68,6 +68,21 @@ } ]; }; + onlyoffice = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + agenix.nixosModules.default + "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix" + "${inputs.self}/systems/minimalLXCConfig.nix" + "${inputs.self}/services" + { + networking.hostName = "onlyoffice"; + services.vm_onlyoffice = { + enable = true; + }; + } + ]; + }; template = nixpkgs.lib.nixosSystem { inherit system; modules = [ diff --git a/services/default.nix b/services/default.nix index 0193eff..0b1e474 100644 --- a/services/default.nix +++ b/services/default.nix @@ -9,5 +9,6 @@ ./grafana ./authentik ./postgresql + ./onlyoffice ]; } diff --git a/services/nginx/default.nix b/services/nginx/default.nix index ffebf9f..2d265c6 100644 --- a/services/nginx/default.nix +++ b/services/nginx/default.nix @@ -109,11 +109,11 @@ in recommendedProxySettings = true; }; }; - "collabora.le43.eu" = { + "office.le43.eu" = { forceSSL = true; enableACME = true; locations."/" = { - proxyPass = "http://192.168.1.46:9980"; + proxyPass = "http://192.168.1.46:8000"; proxyWebsockets = true; recommendedProxySettings = true; }; @@ -135,15 +135,6 @@ in proxyWebsockets = true; }; }; - "netbox.le43.eu" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://192.168.1.45"; - recommendedProxySettings = true; - proxyWebsockets = true; - }; - }; "uptime.le43.eu" = { forceSSL = true; enableACME = true; diff --git a/services/onlyoffice/default.nix b/services/onlyoffice/default.nix new file mode 100644 index 0000000..f8115c8 --- /dev/null +++ b/services/onlyoffice/default.nix @@ -0,0 +1,24 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.services.vm_onlyoffice; +in +{ + options.services.vm_onlyoffice = { + enable = lib.mkEnableOption "Enable OnlyOffice service"; + }; + config = lib.mkIf cfg.enable { + services = { + onlyoffice = { + enable = true; + hostname = "office.le43.eu"; + port = "8000"; + postgresName = "onlyoffice"; + postgresHost = "${cfg.db_ip}"; + postgresUser = "onlyoffice"; + postgresPasswordFile = "/run/secrets/onlyoffice/office-dbpass"; + jwtSecretFile = "/run/secrets/onlyoffice/office-jwtpass"; + }; + }; + networking.firewall.allowedTCPPorts = [ 8000 ]; + }; +}