Compare commits
2 commits
6f136c5233
...
c2d7adfcd0
Author | SHA1 | Date | |
---|---|---|---|
|
c2d7adfcd0 | ||
|
7873680895 |
5 changed files with 54 additions and 4 deletions
|
@ -10,6 +10,7 @@ lib.extra.mkConfig {
|
||||||
enabledServices = [
|
enabledServices = [
|
||||||
# List of services to enable
|
# List of services to enable
|
||||||
"ds-fr"
|
"ds-fr"
|
||||||
|
"hedgedoc"
|
||||||
"kanidm"
|
"kanidm"
|
||||||
"mastodon"
|
"mastodon"
|
||||||
"nextcloud"
|
"nextcloud"
|
||||||
|
|
51
machines/compute01/hedgedoc.nix
Normal file
51
machines/compute01/hedgedoc.nix
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
host = "pads.dgnum.eu";
|
||||||
|
port = 3007;
|
||||||
|
in {
|
||||||
|
services = {
|
||||||
|
hedgedoc = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
environmentFile = config.age.secrets."hedgedoc-environment_file".path;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
inherit port;
|
||||||
|
|
||||||
|
domain = host;
|
||||||
|
host = "127.0.0.1";
|
||||||
|
allowOrigin = [ host ];
|
||||||
|
|
||||||
|
db = {
|
||||||
|
dialect = "postgres";
|
||||||
|
host = "/run/postgresql";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
nginx.virtualHosts.${host} = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:${builtins.toString port}";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
postgresql = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
ensureDatabases = [ "hedgedoc" ];
|
||||||
|
|
||||||
|
ensureUsers = [{
|
||||||
|
name = "hedgedoc";
|
||||||
|
ensurePermissions = { "DATABASE hedgedoc" = "ALL PRIVILEGES"; };
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.hedgedoc.serviceConfig.StateDirectory =
|
||||||
|
lib.mkForce [ "hedgedoc" "hedgedoc/uploads" ];
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, ... }:
|
||||||
|
|
||||||
let hostname = "documentserver.dgnum.eu";
|
let hostname = "documentserver.dgnum.eu";
|
||||||
in {
|
in {
|
||||||
|
@ -10,9 +10,6 @@ in {
|
||||||
jwtSecretFile = config.age.secrets."onlyoffice-jwt_secret_file".path;
|
jwtSecretFile = config.age.secrets."onlyoffice-jwt_secret_file".path;
|
||||||
|
|
||||||
port = 8015;
|
port = 8015;
|
||||||
|
|
||||||
package = pkgs.onlyoffice-documentserver.overrideAttrs
|
|
||||||
(old: { patches = (old.patches or [ ]) ++ [ ./secrets.patch ]; });
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts.${hostname} = {
|
services.nginx.virtualHosts.${hostname} = {
|
||||||
|
|
BIN
machines/compute01/secrets/hedgedoc-environment_file
Normal file
BIN
machines/compute01/secrets/hedgedoc-environment_file
Normal file
Binary file not shown.
|
@ -5,6 +5,7 @@ in
|
||||||
|
|
||||||
lib.setDefault { inherit publicKeys; } [
|
lib.setDefault { inherit publicKeys; } [
|
||||||
"ds_fr-secret_file"
|
"ds_fr-secret_file"
|
||||||
|
"hedgedoc-environment_file"
|
||||||
"mastodon-extra_env_file"
|
"mastodon-extra_env_file"
|
||||||
"nextcloud-adminpass_file"
|
"nextcloud-adminpass_file"
|
||||||
"nextcloud-s3_secret_file"
|
"nextcloud-s3_secret_file"
|
||||||
|
|
Loading…
Reference in a new issue