Add onlyoffice service

2025-01-07 14:06:00 +01:00 · 2025-01-07 14:06:00 +01:00 · a802422305
commit a802422305
parent 5f2bbb255c
5 changed files with 39 additions and 10 deletions
--- a/flake.nix
+++ b/flake.nix
@ -79,6 +79,7 @@
              networking.hostName = "onlyoffice";
              services.vm_onlyoffice = {
                enable = true;
                pgsql_ip = pgsql_host;
              };
            }
          ];
--- a/secrets.nix
+++ b/secrets.nix
@ -3,14 +3,16 @@ let
  users      = [ tbarnouin ];
  forgejo    = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2NAam+nseSCzJV/1UTyO2LgMjx0xT7/vTOOi5EG9HV root@forgejo-runner";
  grafana    = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
  onlyoffice = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
  systems    = [ forgejo grafana ];
 in
 {
  "secrets/initialPassword.age".publicKeys = users ++ systems;
-  "../services/grafana/secrets/grafana-db.age".publicKeys = [ tbarnouin grafana ];
+  "services/grafana/secrets/grafana-db.age".publicKeys = [ tbarnouin grafana ];
-  "../services/grafana/secrets/kuma-token.age".publicKeys = [ tbarnouin grafana ];
+  "services/grafana/secrets/kuma-token.age".publicKeys = [ tbarnouin grafana ];
  "services/onlyoffice/secrets/office-dbpass.age".publicKeys  = [ tbarnouin onlyoffice ];
  "services/onlyoffice/secrets/office-jwtpass.age".publicKeys = [ tbarnouin onlyoffice ];
 }
--- a/services/onlyoffice/default.nix
+++ b/services/onlyoffice/default.nix
@ -5,15 +5,16 @@ in
 {
  options.services.vm_onlyoffice = {
    enable = lib.mkEnableOption "Enable OnlyOffice service";
    pgsql_ip = lib.mkEnableOption "Postgres database IP address";
  };
  config = lib.mkIf cfg.enable {
    services = {
      onlyoffice = {
        enable = true;
        hostname = "office.le43.eu";
-        port = "8000";
+        port = 8000;
        postgresName = "onlyoffice";
-        postgresHost = "${cfg.db_ip}";
+        postgresHost = "${cfg.pgsql_ip}";
        postgresUser = "onlyoffice";
        postgresPasswordFile = "/run/secrets/onlyoffice/office-dbpass";
        jwtSecretFile = "/run/secrets/onlyoffice/office-jwtpass";
--- a/services/onlyoffice/secrets/office-dbpass.age
+++ b/services/onlyoffice/secrets/office-dbpass.age
@ -0,0 +1,13 @@
 -----BEGIN AGE ENCRYPTED FILE-----
 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBCVG1B
 RUtaTGRRQklZWTZqcGQwa2lOd0lEMDJDdnpYYVJwZHdGVG1veldrCmFDSGFOeHRD
 VDRRSCtJS2ZlS01ZRkFNeTkyWnJFaGVWajdQOFJKMU53STAKLT4gc3NoLWVkMjU1
 MTkgd25FVXB3IGpFRm9aSzFJK1BYTnZVU1R4cG0yakRTWGl1VXBtQkhUVXhGYngw
 bHJEa1kKcllxclNWb0FHazNOMWpQbW45MUs0ZjhWNTVsQWNSTTFCU0psWVZ4Q2RX
 YwotPiBbbVF2LWdyZWFzZQpldWFaOWpPZUMvQlh3aGNwZVErR3VtN0RRYmhveFZX
 NlEwNFAzY21qbDVPeFpOTWVwbzBPS1lGOXJwMXp1ZnNWCms1WjZCUXF3azJQamQr
 VDQ5eDl4aWFJN2pvK2lNb2x0d05HeS9NWVQzNVVhVFEwWkFlTkNGbmhaQmVVLzg2
 cnoKUFZNCi0tLSBmaG1zTWpaSDlLWmxjUDlQS0FDdlV3WHY1VTVLNEV2NjdOcDRX
 dUMvcVNvCpCNm1wYvouULKX0ykzzHtURSm73FR2pFsk3uXGO9fJqBb6CZFPwOkQu
 zy2u2HStrYc=
 -----END AGE ENCRYPTED FILE-----
--- a/services/onlyoffice/secrets/office-jwtpass.age
+++ b/services/onlyoffice/secrets/office-jwtpass.age
@ -0,0 +1,12 @@
 -----BEGIN AGE ENCRYPTED FILE-----
 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyB4NnVr
 cHRPclQ5MFpkRVhDU3JwZFJ3TVFtZU5xMUhkb2NDUXU0MWhWYzNVCnk3c2UrdGpO
 cHZVUWljV2hpMFVoOEF1TTRBQ0RYQW1SWkFhNGswbm9GSG8KLT4gc3NoLWVkMjU1
 MTkgd25FVXB3IGtQUEVmcDRxK0hqMWIxcHRONDlQVDdFLzRBeUE1YjBvVWN3WURh
 NTR1emMKcm0rU0wza2JHaE5kb2FacURuZXE5eXlEeGlZRXZzQkhuVXVUd1BVRkNI
 dwotPiBvP2AwZyctZ3JlYXNlIEkgMFV3VktaQF4gfT5kJG4KTnVlNko3YmVsZVFD
 OGpnaHhaVTFoTUpjRHZyc2NqSlRCV1JoV29JVHA0Nm0zUWNJNU4vWFAyS2YrL1kK
 LS0tIEMzVVdyRW1GYzJnUGxHUVNGanlISjlpSW1mTkM3aFFyUGpVRWltZVZXWXcK
 fAPdPODCgOrgk2QcZC/ykTjbae7Dew+7QFC6oYvFxN/LmuJzkqdPUsnxsVR1gxy8
 TZU=
 -----END AGE ENCRYPTED FILE-----