Add onlyoffice service
This commit is contained in:
Théo Barnouin
parent
5f2bbb255c
commit
a802422305
5 changed files with 39 additions and 10 deletions
|
|
@ -79,6 +79,7 @@
|
||||||
networking.hostName = "onlyoffice";
|
networking.hostName = "onlyoffice";
|
||||||
services.vm_onlyoffice = {
|
services.vm_onlyoffice = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
pgsql_ip = pgsql_host;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
|
||||||
18
secrets.nix
18
secrets.nix
|
|
@ -1,16 +1,18 @@
|
||||||
let
|
let
|
||||||
tbarnouin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos";
|
tbarnouin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos";
|
||||||
users = [ tbarnouin ];
|
users = [ tbarnouin ];
|
||||||
|
|
||||||
forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2NAam+nseSCzJV/1UTyO2LgMjx0xT7/vTOOi5EG9HV root@forgejo-runner";
|
forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2NAam+nseSCzJV/1UTyO2LgMjx0xT7/vTOOi5EG9HV root@forgejo-runner";
|
||||||
|
grafana = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
|
||||||
|
onlyoffice = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
|
||||||
|
|
||||||
grafana = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
|
systems = [ forgejo grafana ];
|
||||||
|
|
||||||
systems = [ forgejo grafana ];
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
"secrets/initialPassword.age".publicKeys = users ++ systems;
|
"secrets/initialPassword.age".publicKeys = users ++ systems;
|
||||||
"../services/grafana/secrets/grafana-db.age".publicKeys = [ tbarnouin grafana ];
|
"services/grafana/secrets/grafana-db.age".publicKeys = [ tbarnouin grafana ];
|
||||||
"../services/grafana/secrets/kuma-token.age".publicKeys = [ tbarnouin grafana ];
|
"services/grafana/secrets/kuma-token.age".publicKeys = [ tbarnouin grafana ];
|
||||||
|
"services/onlyoffice/secrets/office-dbpass.age".publicKeys = [ tbarnouin onlyoffice ];
|
||||||
|
"services/onlyoffice/secrets/office-jwtpass.age".publicKeys = [ tbarnouin onlyoffice ];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,15 +5,16 @@ in
|
||||||
{
|
{
|
||||||
options.services.vm_onlyoffice = {
|
options.services.vm_onlyoffice = {
|
||||||
enable = lib.mkEnableOption "Enable OnlyOffice service";
|
enable = lib.mkEnableOption "Enable OnlyOffice service";
|
||||||
|
pgsql_ip = lib.mkEnableOption "Postgres database IP address";
|
||||||
};
|
};
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services = {
|
services = {
|
||||||
onlyoffice = {
|
onlyoffice = {
|
||||||
enable = true;
|
enable = true;
|
||||||
hostname = "office.le43.eu";
|
hostname = "office.le43.eu";
|
||||||
port = "8000";
|
port = 8000;
|
||||||
postgresName = "onlyoffice";
|
postgresName = "onlyoffice";
|
||||||
postgresHost = "${cfg.db_ip}";
|
postgresHost = "${cfg.pgsql_ip}";
|
||||||
postgresUser = "onlyoffice";
|
postgresUser = "onlyoffice";
|
||||||
postgresPasswordFile = "/run/secrets/onlyoffice/office-dbpass";
|
postgresPasswordFile = "/run/secrets/onlyoffice/office-dbpass";
|
||||||
jwtSecretFile = "/run/secrets/onlyoffice/office-jwtpass";
|
jwtSecretFile = "/run/secrets/onlyoffice/office-jwtpass";
|
||||||
|
|
|
||||||
13
services/onlyoffice/secrets/office-dbpass.age
Normal file
13
services/onlyoffice/secrets/office-dbpass.age
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBCVG1B
|
||||||
|
RUtaTGRRQklZWTZqcGQwa2lOd0lEMDJDdnpYYVJwZHdGVG1veldrCmFDSGFOeHRD
|
||||||
|
VDRRSCtJS2ZlS01ZRkFNeTkyWnJFaGVWajdQOFJKMU53STAKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgd25FVXB3IGpFRm9aSzFJK1BYTnZVU1R4cG0yakRTWGl1VXBtQkhUVXhGYngw
|
||||||
|
bHJEa1kKcllxclNWb0FHazNOMWpQbW45MUs0ZjhWNTVsQWNSTTFCU0psWVZ4Q2RX
|
||||||
|
YwotPiBbbVF2LWdyZWFzZQpldWFaOWpPZUMvQlh3aGNwZVErR3VtN0RRYmhveFZX
|
||||||
|
NlEwNFAzY21qbDVPeFpOTWVwbzBPS1lGOXJwMXp1ZnNWCms1WjZCUXF3azJQamQr
|
||||||
|
VDQ5eDl4aWFJN2pvK2lNb2x0d05HeS9NWVQzNVVhVFEwWkFlTkNGbmhaQmVVLzg2
|
||||||
|
cnoKUFZNCi0tLSBmaG1zTWpaSDlLWmxjUDlQS0FDdlV3WHY1VTVLNEV2NjdOcDRX
|
||||||
|
dUMvcVNvCpCNm1wYvouULKX0ykzzHtURSm73FR2pFsk3uXGO9fJqBb6CZFPwOkQu
|
||||||
|
zy2u2HStrYc=
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
12
services/onlyoffice/secrets/office-jwtpass.age
Normal file
12
services/onlyoffice/secrets/office-jwtpass.age
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyB4NnVr
|
||||||
|
cHRPclQ5MFpkRVhDU3JwZFJ3TVFtZU5xMUhkb2NDUXU0MWhWYzNVCnk3c2UrdGpO
|
||||||
|
cHZVUWljV2hpMFVoOEF1TTRBQ0RYQW1SWkFhNGswbm9GSG8KLT4gc3NoLWVkMjU1
|
||||||
|
MTkgd25FVXB3IGtQUEVmcDRxK0hqMWIxcHRONDlQVDdFLzRBeUE1YjBvVWN3WURh
|
||||||
|
NTR1emMKcm0rU0wza2JHaE5kb2FacURuZXE5eXlEeGlZRXZzQkhuVXVUd1BVRkNI
|
||||||
|
dwotPiBvP2AwZyctZ3JlYXNlIEkgMFV3VktaQF4gfT5kJG4KTnVlNko3YmVsZVFD
|
||||||
|
OGpnaHhaVTFoTUpjRHZyc2NqSlRCV1JoV29JVHA0Nm0zUWNJNU4vWFAyS2YrL1kK
|
||||||
|
LS0tIEMzVVdyRW1GYzJnUGxHUVNGanlISjlpSW1mTkM3aFFyUGpVRWltZVZXWXcK
|
||||||
|
fAPdPODCgOrgk2QcZC/ykTjbae7Dew+7QFC6oYvFxN/LmuJzkqdPUsnxsVR1gxy8
|
||||||
|
TZU=
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
Loading…
Reference in a new issue