{ lib, pkgs, inputs, namespace, system, target, format, virtual, systems, config, ... }: with lib; with lib.custom; let # find link here: https://apps.nextcloud.com/ intros = pkgs.fetchNextcloudApp { sha256 = "sha256-nWvzJ71axWNP9gFD2LaHIq/jS4OqvoceBJv57gDce+o="; url = "https://packages.framasoft.org/projects/nextcloud-apps/intros/intros-1.2.1.tar.gz"; license = "gpl3"; }; external = pkgs.fetchNextcloudApp { sha256 = "sha256-Z+Tt4KtNlHerTG8OyKFcS+lLOX7MIzKdtIX+OxidJGw="; url = "https://github.com/nextcloud-releases/external/releases/download/v7.0.0/external-v7.0.0.tar.gz"; license = "gpl3"; }; welcome = pkgs.fetchNextcloudApp { sha256 = "sha256-tiSkoIiqGrkawpzWgNvTIgGwzM4OjYVKNp42A+6UmlE="; url = "https://github.com/nextcloud-releases/welcome/releases/download/v1.3.0/welcome-v1.3.0.tar.gz"; license = "gpl3"; }; in { sops.secrets."services/nextcloud/dbPassword" = {owner = "nextcloud";}; sops.secrets."services/nextcloud/whiteboard" = {owner = "nextcloud";}; services.nextcloud = { enable = true; package = pkgs.nextcloud32; database.createLocally = true; config = { dbtype = "pgsql"; adminpassFile = config.sops.secrets."services/nextcloud/dbPassword".path; }; phpOptions = { "opcache.interned_strings_buffer" = "64"; "opcache.memory_consumption" = "256"; }; settings = { "maintenance_window_start" = 1; log_type = "syslog"; default_locale = "ru_RU"; default_phone_region = "DE"; allow_user_to_change_display_name = true; enabledPreviewProviders = [ "OC\\Preview\\BMP" "OC\\Preview\\GIF" "OC\\Preview\\JPEG" "OC\\Preview\\Krita" "OC\\Preview\\MarkDown" "OC\\Preview\\MP3" "OC\\Preview\\OpenDocument" "OC\\Preview\\PNG" "OC\\Preview\\TXT" "OC\\Preview\\XBitmap" "OC\\Preview\\Movie" "OC\\Preview\\MSOffice2003" "OC\\Preview\\MSOffice2007" "OC\\Preview\\MSOfficeDoc" "OC\\Preview\\PDF" "OC\\Preview\\Photoshop" "OC\\Preview\\SVG" "OC\\Preview\\TIFF" ]; }; hostName = "nextcloud.kylekrein.com"; https = true; # https://github.com/NixOS/nixpkgs/blob/nixpkgs-unstable/pkgs/servers/nextcloud/packages/nextcloud-apps.json extraApps = { inherit (config.services.nextcloud.package.packages.apps) contacts calendar tasks whiteboard #twofactor_totp spreed integration_paperless deck notes bookmarks richdocuments mail ; inherit intros external #welcome ; }; autoUpdateApps.enable = true; extraAppsEnable = true; configureRedis = true; #appstoreEnable = true; }; environment.systemPackages = with pkgs; [ config.services.nextcloud.occ ]; services.nextcloud-whiteboard-server = { enable = true; settings = { NEXTCLOUD_URL = "https://nextcloud.kylekrein.com"; }; secrets = [ config.sops.secrets."services/nextcloud/whiteboard".path ]; }; # https://diogotc.com/blog/collabora-nextcloud-nixos/ services.collabora-online = { enable = true; port = 9980; settings = { # Rely on reverse proxy for SSL ssl = { enable = false; termination = true; }; # Listen on loopback interface only, and accept requests from ::1 net = { listen = "loopback"; post_allow.host = ["::1"]; }; # Restrict loading documents from WOPI Host nextcloud.kylekrein.com storage.wopi = { "@allow" = true; host = ["nextcloud.kylekrein.com"]; }; # Set FQDN of server server_name = "collabora.kylekrein.com"; }; }; systemd.services.nextcloud-config-collabora = let inherit (config.services.nextcloud) occ; wopi_url = "http://[::1]:${toString config.services.collabora-online.port}"; public_wopi_url = "https://collabora.kylekrein.com"; wopi_allowlist = lib.concatStringsSep "," [ "127.0.0.1" "::1" ]; in { wantedBy = ["multi-user.target"]; after = ["nextcloud-setup.service" "coolwsd.service"]; requires = ["coolwsd.service"]; script = '' ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_url --value ${lib.escapeShellArg wopi_url} ${occ}/bin/nextcloud-occ config:app:set richdocuments public_wopi_url --value ${lib.escapeShellArg public_wopi_url} ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_allowlist --value ${lib.escapeShellArg wopi_allowlist} ${occ}/bin/nextcloud-occ richdocuments:setup ''; serviceConfig = { Type = "oneshot"; }; }; networking.hosts = { "127.0.0.1" = ["nextcloud.kylekrein.com" "collabora.kylekrein.com"]; "::1" = ["nextcloud.kylekrein.com" "collabora.kylekrein.com"]; }; # https://najigram.com/2024/01/setup-signaling-server-high-performance-backend-for-nextcloud-talk/ }