DGNum/infrastructure
9
6
Fork 1
Code Issues 13 Pull requests 4 Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: DGNum:6f136c5233a8f24e25997c85f4a8318fa546c9c2
Branches Tags
DGNum:main
DGNum:npins-update
DGNum:ds-update
DGNum:tvix-store
DGNum:colmena-liminix
DGNum:nixpkgs
DGNum:liminix-v1
...
compare: DGNum:c2d7adfcd07afa799d7b62368281245f81037711
Branches Tags
DGNum:npins-update
DGNum:ds-update
DGNum:main
DGNum:tvix-store
DGNum:colmena-liminix
DGNum:nixpkgs
DGNum:liminix-v1

2 commits
6f136c5233 ... c2d7adfcd0

Author SHA1 Message Date
Tom Hubrecht c2d7adfcd0 feat(compute01): Deploy hedgedoc on pads.dgnum.eu 2023-10-05 09:52:13 +02:00
Tom Hubrecht 7873680895 fix(onlyoffice): Remove unusable patches 2023-10-05 09:17:06 +02:00
5 changed files with 54 additions and 4 deletions
Show stats Expand all files Collapse all files

1
machines/compute01/_configuration.nix
View file

@ -10,6 +10,7 @@ lib.extra.mkConfig {
enabledServices = [
# List of services to enable
"ds-fr"
"hedgedoc"
"kanidm"
"mastodon"
"nextcloud"

51
machines/compute01/hedgedoc.nix Normal file
View file

@ -0,0 +1,51 @@
{ config, lib, ... }:
let
host = "pads.dgnum.eu";
port = 3007;
in {
services = {
hedgedoc = {
enable = true;
environmentFile = config.age.secrets."hedgedoc-environment_file".path;
settings = {
inherit port;
domain = host;
host = "127.0.0.1";
allowOrigin = [ host ];
db = {
dialect = "postgres";
host = "/run/postgresql";
};
};
};
nginx.virtualHosts.${host} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${builtins.toString port}";
proxyWebsockets = true;
};
};
postgresql = {
enable = true;
ensureDatabases = [ "hedgedoc" ];
ensureUsers = [{
name = "hedgedoc";
ensurePermissions = { "DATABASE hedgedoc" = "ALL PRIVILEGES"; };
}];
};
};
systemd.services.hedgedoc.serviceConfig.StateDirectory =
lib.mkForce [ "hedgedoc" "hedgedoc/uploads" ];
}

5
machines/compute01/onlyoffice/default.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, ... }:
{ config, ... }:
let hostname = "documentserver.dgnum.eu";
in {
@ -10,9 +10,6 @@ in {
jwtSecretFile = config.age.secrets."onlyoffice-jwt_secret_file".path;
port = 8015;
package = pkgs.onlyoffice-documentserver.overrideAttrs
(old: { patches = (old.patches or [ ]) ++ [ ./secrets.patch ]; });
};
services.nginx.virtualHosts.${hostname} = {

BIN
machines/compute01/secrets/hedgedoc-environment_file Normal file
View file

Binary file not shown.

1
machines/compute01/secrets/secrets.nix
View file

@ -5,6 +5,7 @@ in
lib.setDefault { inherit publicKeys; } [
"ds_fr-secret_file"
"hedgedoc-environment_file"
"mastodon-extra_env_file"
"nextcloud-adminpass_file"
"nextcloud-s3_secret_file"