diff --git a/modules/services/collabora-online.nix b/modules/services/collabora-online.nix new file mode 100644 index 0000000..b95171e --- /dev/null +++ b/modules/services/collabora-online.nix @@ -0,0 +1,75 @@ +{ + lib, + config, + pkgs, + ... +}: +let + cfg = config.my.services.collabora-online; +in +{ + + options.my.services.collabora-online = { + enable = lib.mkEnableOption "Enable Collabora Online module"; + + proxy = { + enable = lib.mkEnableOption "Set the proxy entry for this service"; + + domain = lib.mkOption { + default = "example.com"; + type = lib.types.str; + description = '' + The domain where Caddy is reachable + ''; + }; + + subdomain = lib.mkOption { + default = "collabora"; + type = lib.types.str; + description = '' + The subdomain where Collabora Online is reachable + ''; + }; + + host = lib.mkOption { + default = "localhost"; + type = lib.types.str; + description = '' + Host name where Collabora Online is running + ''; + }; + }; + }; + + config = lib.mkMerge [ + (lib.mkIf cfg.enable { + + services.collabora-online = { + enable = true; + # settings = { + # host = [ + # ''127\.0\.0\.1'' + # ]; + # storage.wopi."@allow" = true; + # }; + }; + + networking.firewall.allowedTCPPorts = [ + config.services.collabora-online.port + ]; + }) + + (lib.mkIf cfg.proxy.enable { + services.caddy = with cfg.proxy; { + virtualHosts."${subdomain}.${domain}".extraConfig = '' + import cloudflare_${domain} + reverse_proxy http://${host}:${toString config.services.collabora-online.port} { + # Required to circumvent bug of Onlyoffice loading mixed non-https content + header_up X-Forwarded-Proto https + } + ''; + }; + }) + ]; +} + diff --git a/modules/services/default.nix b/modules/services/default.nix index f18ab3d..53984e0 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -3,6 +3,7 @@ ./authentik.nix ./dashy.nix ./firefly-iii.nix + ./collabora-online.nix ./forgejo.nix ./forgejo-runner.nix ./ilpost-addict.nix