systems/makanek/onlyoffice.nix

{config, ...}: {
  services.onlyoffice = {
    enable = true;
    port = 8111;
    hostname = "onlyoffice.kmein.de";
    jwtSecretFile = config.age.secrets.onlyoffice-key.path;
  };

  age.secrets.onlyoffice-key = {
    file = ../../secrets/onlyoffice-jwt-key.age;
    owner = "onlyoffice";
  };

  # otherwise this leads to nginx
  # open() "/var/lib/onlyoffice/documentserver/App_Data/cache/files/data/conv_check_1138411943_docx/output.docx" failed (13: Permission denied)
  # and mysterious 403 errors
  system.activationScripts.onlyoffice-readable.text = ''
    chmod a+x /var/lib/onlyoffice/documentserver/
  '';

  services.nginx.virtualHosts.${config.services.onlyoffice.hostname} = {
    enableACME = true;
    forceSSL = true;
  };
}
feat(makanek): do not need onlyoffice 2024-01-09 12:47:32 +01:00			`{config, ...}: {`
feat(nextcloud): enable onlyoffice 2023-04-18 16:06:52 +02:00			`services.onlyoffice = {`
			`enable = true;`
			`port = 8111;`
			`hostname = "onlyoffice.kmein.de";`
			`jwtSecretFile = config.age.secrets.onlyoffice-key.path;`
			`};`

			`age.secrets.onlyoffice-key = {`
Revert "chore: get secrets via input, mock for CI" This reverts commit 3138fd23ef855a5925eb370bf0c976316c6c96b4. 2023-07-04 16:28:26 +02:00			`file = ../../secrets/onlyoffice-jwt-key.age;`
feat(nextcloud): enable onlyoffice 2023-04-18 16:06:52 +02:00			`owner = "onlyoffice";`
			`};`

fix(onlyoffice): make readable 2023-04-24 06:38:37 +02:00			`# otherwise this leads to nginx`
			`# open() "/var/lib/onlyoffice/documentserver/App_Data/cache/files/data/conv_check_1138411943_docx/output.docx" failed (13: Permission denied)`
			`# and mysterious 403 errors`
			`system.activationScripts.onlyoffice-readable.text = ''`
			`chmod a+x /var/lib/onlyoffice/documentserver/`
			`'';`
feat(nextcloud): enable onlyoffice 2023-04-18 16:06:52 +02:00
			`services.nginx.virtualHosts.${config.services.onlyoffice.hostname} = {`
			`enableACME = true;`
			`forceSSL = true;`
			`};`
			`}`