From 98d503ea10bc8223da8dcab3316500b0dcb101d0 Mon Sep 17 00:00:00 2001
From: pazpi <pasettodavide@gmail.com>
Date: Thu, 2 Jan 2025 12:41:59 +0100
Subject: [PATCH] minor modification. Office needs a valid https endpoint

---
 modules/services/nextcloud.nix | 31 +++++++++++++++++++++----------
 1 file changed, 21 insertions(+), 10 deletions(-)

diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix
index 9cc750e..a045cb4 100644
--- a/modules/services/nextcloud.nix
+++ b/modules/services/nextcloud.nix
@@ -57,7 +57,7 @@ in
 
           settings = {
             overwriteProtocol = "https";
-            default_phone_region = "IT";
+            defaultPhoneRegion = "IT";
             trusted_proxies = [ "192.168.1.150" ];
             trusted_domains = [ "cloud.${cfg.proxy.domain}" ];
             maintenance_window_start = 1;
@@ -82,10 +82,12 @@ in
             };
           };
 
-          phpOptions."opcache.interned_strings_buffer" = "64";
+          phpOptions = {
+            "opcache.interned_strings_buffer" = "64";
+            "opcache.memory_consumption" = "256";
+          };
 
           config = {
-            defaultPhoneRegion = "IT";
             dbtype = "pgsql";
             adminuser = "admin";
             adminpassFile = config.age.secrets.nextcloud-admin-pwd.path;
@@ -113,17 +115,24 @@ in
               cospend
               memories
               tasks
-              onlyoffice
-              # twofactor_totp
-              user_oidc
+              # onlyoffice
+              # oidc
+              richdocuments
               ;
           };
 
         };
 
-        onlyoffice = {
+        collabora-online = {
           enable = true;
-          hostname = "onlyoffice.${cfg.proxy.domain}";
+          settings = {
+            host = [
+              ''127\.0\.0\.1''
+              "::1"
+            ];
+            storage.wopi."@allow" = true;
+          };
+          # hostname = "office.${cfg.proxy.domain}";
         };
 
         nginx.virtualHosts = {
@@ -135,6 +144,8 @@ in
 
       };
 
+      networking.firewall.allowedTCPPorts = [ 9980 ];
+
       environment.systemPackages = with pkgs; [
         exiftool
         ffmpeg
@@ -153,9 +164,9 @@ in
           reverse_proxy http://${host}:80
           import cloudflare
         '';
-        virtualHosts."onlyoffice.${domain}".extraConfig = ''
+        virtualHosts."office.${domain}".extraConfig = ''
           import cloudflare
-          reverse_proxy http://${host}:${toString config.services.onlyoffice.port} {
+          reverse_proxy http://${host}:${toString config.services.collabora-online.port} {
             # Required to circumvent bug of Onlyoffice loading mixed non-https content
             header_up X-Forwarded-Proto https
           }