From cb1776d6705f810d56c3eb46cb673df8e22506a5 Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Thu, 5 Feb 2026 10:41:29 -0600 Subject: [PATCH] fixing --- modules/servers/nextcloud.nix | 215 +++++++++++++++------------------- 1 file changed, 97 insertions(+), 118 deletions(-) diff --git a/modules/servers/nextcloud.nix b/modules/servers/nextcloud.nix index 9761506..e87f9e9 100644 --- a/modules/servers/nextcloud.nix +++ b/modules/servers/nextcloud.nix @@ -38,7 +38,7 @@ let in { options.my.servers = { - nextcloud = setup.mkOptions "nextcloud" "cloud" 80; + nextcloud = setup.mkOptions "nextcloud" "cloud" 8081; collabora = setup.mkOptions "collabora" "collabora" 9980; go-vod.enable = lib.mkEnableOption "Go-VOD video transcoding service"; }; @@ -68,116 +68,100 @@ in ; }; }; - services = { - nextcloud = { - enable = true; - https = false; # vps - package = pkgs.nextcloud32; - appstoreEnable = true; - configureRedis = true; - extraAppsEnable = true; - enableImagemagick = true; - maxUploadSize = "4096M"; - hostName = cfg.host; - caching = { - redis = true; - memcached = true; - apcu = true; - }; - config = { - adminpassFile = config.sops.secrets.nextcloud-adminpass.path; - dbtype = "pgsql"; - dbhost = config.my.postgresSocket; - dbname = "nextcloud"; - }; - phpOptions = { - catch_workers_output = "yes"; - display_errors = "stderr"; - error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT"; - expose_php = "Off"; - preview_max_x = 2048; - preview_max_y = 2048; - short_open_tag = "Off"; - "opcache.enable_cli" = "1"; - "opcache.fast_shutdown" = "1"; - "opcache.interned_strings_buffer" = "16"; - "opcache.jit" = "1255"; - "opcache.jit_buffer_size" = "256M"; - "opcache.max_accelerated_files" = "10000"; - "opcache.huge_code_pages" = "1"; - "opcache.enable_file_override" = "1"; - "opcache.memory_consumption" = "256"; - "opcache.revalidate_freq" = "60"; - "opcache.save_comments" = "1"; - "opcache.validate_timestamps" = "0"; - "openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt"; - }; - settings = { - log_type = "file"; - loglevel = 1; - trusted_proxies = [ - config.my.localhost - config.my.localhost6 - config.my.ips.router - config.my.ips.wg-vps - ]; - trusted_domains = [ - cfg.host - config.my.ips.${config.networking.hostName} - "localhost" - "cloud.rotehaare.art" - ]; - overwriteprotocol = "https"; - "overwrite.cli.url" = "${cfg.url}"; - forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ]; - default_phone_region = "MX"; - allow_local_remote_servers = true; - mail_smtpmode = "sendmail"; - mail_sendmailmode = "pipe"; - preview_ffmpeg_path = "${pkgs.ffmpeg}/bin/ffmpeg"; - "memories.exiftool" = "${exiftool}/bin/exiftool"; - "memories.ffmpeg_path" = "${pkgs.ffmpeg}/bin/ffmpeg"; - "memories.ffprobe_path" = "${pkgs.ffmpeg}/bin/ffprobe"; - enabledPreviewProviders = [ - "OC\\Preview\\AVI" - "OC\\Preview\\BMP" - "OC\\Preview\\GIF" - "OC\\Preview\\HEIC" - "OC\\Preview\\Image" - "OC\\Preview\\JPEG" - "OC\\Preview\\Krita" - "OC\\Preview\\MKV" - "OC\\Preview\\MP3" - "OC\\Preview\\MP4" - "OC\\Preview\\MarkDown" - "OC\\Preview\\Movie" - "OC\\Preview\\OpenDocument" - "OC\\Preview\\PNG" - "OC\\Preview\\TIFF" - "OC\\Preview\\TXT" - "OC\\Preview\\XBitmap" - ]; - }; - phpExtraExtensions = all: [ - all.pdlib - all.bz2 - ]; - }; - nginx.virtualHosts.${cfg.host} = { - forceSSL = false; - enableACME = false; - http2 = false; - listen = [ - { - addr = config.my.ips.wg-server; - port = 8081; - } - { - addr = config.my.localhost; - port = 8081; - } + services.nextcloud = { + enable = true; + https = false; # vps + package = pkgs.nextcloud32; + appstoreEnable = true; + configureRedis = true; + extraAppsEnable = true; + enableImagemagick = true; + maxUploadSize = "4096M"; + hostName = cfg.host; + caching = { + redis = true; + memcached = true; + apcu = true; + }; + config = { + adminpassFile = config.sops.secrets.nextcloud-adminpass.path; + dbtype = "pgsql"; + dbhost = config.my.postgresSocket; + dbname = "nextcloud"; + }; + phpOptions = { + catch_workers_output = "yes"; + display_errors = "stderr"; + error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT"; + expose_php = "Off"; + preview_max_x = 2048; + preview_max_y = 2048; + short_open_tag = "Off"; + "opcache.enable_cli" = "1"; + "opcache.fast_shutdown" = "1"; + "opcache.interned_strings_buffer" = "16"; + "opcache.jit" = "1255"; + "opcache.jit_buffer_size" = "256M"; + "opcache.max_accelerated_files" = "10000"; + "opcache.huge_code_pages" = "1"; + "opcache.enable_file_override" = "1"; + "opcache.memory_consumption" = "256"; + "opcache.revalidate_freq" = "60"; + "opcache.save_comments" = "1"; + "opcache.validate_timestamps" = "0"; + "openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt"; + }; + settings = { + log_type = "file"; + loglevel = 1; + trusted_proxies = [ + config.my.localhost + config.my.localhost6 + config.my.ips.router + config.my.ips.wg-vps + ]; + trusted_domains = [ + cfg.host + config.my.ips.${config.networking.hostName} + "localhost" + "cloud.rotehaare.art" + ]; + overwriteprotocol = "https"; + "overwrite.cli.url" = "${cfg.url}"; + forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ]; + default_phone_region = "MX"; + allow_local_remote_servers = true; + mail_smtpmode = "sendmail"; + mail_sendmailmode = "pipe"; + preview_ffmpeg_path = "${pkgs.ffmpeg}/bin/ffmpeg"; + "memories.exiftool" = "${exiftool}/bin/exiftool"; + "memories.ffmpeg_path" = "${pkgs.ffmpeg}/bin/ffmpeg"; + "memories.ffprobe_path" = "${pkgs.ffmpeg}/bin/ffprobe"; + enabledPreviewProviders = [ + "OC\\Preview\\AVI" + "OC\\Preview\\BMP" + "OC\\Preview\\GIF" + "OC\\Preview\\HEIC" + "OC\\Preview\\Image" + "OC\\Preview\\JPEG" + "OC\\Preview\\Krita" + "OC\\Preview\\MKV" + "OC\\Preview\\MP3" + "OC\\Preview\\MP4" + "OC\\Preview\\MarkDown" + "OC\\Preview\\Movie" + "OC\\Preview\\OpenDocument" + "OC\\Preview\\PNG" + "OC\\Preview\\TIFF" + "OC\\Preview\\TXT" + "OC\\Preview\\XBitmap" ]; }; + phpExtraExtensions = all: [ + all.pdlib + all.bz2 + ]; + }; virtualisation.oci-containers.containers = { go-vod = lib.mkIf config.my.servers.go-vod.enable { @@ -254,10 +238,10 @@ in my.servers.nextcloud.useDefaultProxy = false; services.nginx.virtualHosts = { "${cfg.host}" = { - forceSSL = true; - enableACME = true; - http2 = true; - default = true; + forceSSL = false; + enableACME = false; + http2 = false; + default = false; serverAliases = [ "cloud.rotehaare.art" ]; extraConfig = '' add_header X-XSS-Protection "1; mode=block" always; @@ -272,11 +256,6 @@ in "~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" = { }; }; - } - // lib.optionalAttrs cfg.enable { - forceSSL = false; - enableACME = false; - http2 = false; listen = [ { addr = config.my.ips.wg-server;