Setup Collabora / Nextcloud Office

modules/hosts/nixos/hetznix01/post-install/default.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, username, ... }: let
+{ config, lib, pkgs, username, ... }: let
   domain = "technicalissues.us";
 in {
   imports = [
@@ -31,6 +31,32 @@ in {
   };
 
   services = {
+    collabora-online = {
+      enable = true;
+      port = 9980; # default
+      settings = {
+        # Rely on reverse proxy for SSL
+        ssl = {
+          enable = false;
+          termination = true;
+        };
+
+        # Listen on loopback interface only, and accept requests from ::1
+        net = {
+          listen = "loopback";
+          post_allow.host = ["::1"];
+        };
+
+        # Restrict loading documents from WOPI Host nextcloud.example.com
+        storage.wopi = {
+          "@allow" = true;
+          host = [ "https://cloud.pack1828.org" ];
+        };
+
+        # Set FQDN of server
+        server_name = "collabora.pack1828.org";
+      };
+    };
     nextcloud = {
       enable = true;
       hostName = "cloud.pack1828.org";
@@ -44,12 +70,14 @@ in {
       };
       configureRedis = true;
       database.createLocally = true;
-      #extraApps = with config.services.nextcloud.package.packages.apps; {
+      extraApps = with config.services.nextcloud.package.packages.apps; {
-      #  # List of apps we want to install and are already packaged in
+        # List of apps we want to install and are already packaged in
-      #  # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
+        # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
-      #  inherit calendar contacts cookbook maps notes tasks;
+        inherit 
-      #};
+          richdocuments # Collabora Online for Nextcloud - https://apps.nextcloud.com/apps/richdocuments
-      #extraAppsEnable = true;
+          ;
+      };
+      extraAppsEnable = true;
       home = "/pack1828/nextcloud";
       https = true;
       maxUploadSize = "3G"; # Increase the PHP maximum file upload size
@@ -153,6 +181,34 @@ in {
     };
   };
 
+  systemd.services = {
+    nextcloud-config-collabora = let
+      inherit (config.services.nextcloud) occ;
+
+      wopi_url = "http://[::1]:${toString config.services.collabora-online.port}";
+      public_wopi_url = "https://collabora.pack1828.org";
+      wopi_allowlist = lib.concatStringsSep "," [
+        "127.0.0.1"
+        "::1"
+        "5.161.244.95"
+        "2a01:4ff:f0:977c::1"
+      ];
+    in {
+      wantedBy = ["multi-user.target"];
+      after = ["nextcloud-setup.service" "coolwsd.service"];
+      requires = ["coolwsd.service"];
+      script = ''
+        ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_url --value ${lib.escapeShellArg wopi_url}
+        ${occ}/bin/nextcloud-occ config:app:set richdocuments public_wopi_url --value ${lib.escapeShellArg public_wopi_url}
+        ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_allowlist --value ${lib.escapeShellArg wopi_allowlist}
+        ${occ}/bin/nextcloud-occ richdocuments:setup
+      '';
+      serviceConfig = {
+        Type = "oneshot";
+      };
+    };
+  };
+
   # Enable common container config files in /etc/containers
   virtualisation.containers.enable = true;
   virtualisation = {

modules/hosts/nixos/hetznix01/post-install/nginx.nix

@@ -104,6 +104,15 @@ in {
         acmeRoot = null;
         forceSSL = true;
       };
+      "collabora.pack1828.org" = {
+        enableACME = true;
+        acmeRoot = null;
+        forceSSL = true;
+        locations."/" = {
+          proxyPass = "http://[::1]:${toString config.services.collabora-online.port}";
+          proxyWebsockets = true; # collabora uses websockets
+        };
+      };
       "location.${domain}" = {
         enableACME = true;
         acmeRoot = null;