nix/container/Office.nix

42 lines
1.2 KiB
Nix
Raw Normal View History

2024-06-15 18:38:17 +03:00
# NOTE: Imperative part:
# 1. You need to change PSQL tables owner from root to onlyoffice, too. They don't do that automatically for some reason.
# 2. TODO: Generate JWT secret at /var/lib/onlyoffice/jwt, i.e. 9wLfMGha1YrfvWpb5hyYjZf8pvJQ3swS
# See https://git.voronind.com/voronind/nixos/issues/74
2024-06-20 22:13:59 +03:00
{ container, pkgs, util, lib, ... } @args: let
2024-06-09 23:35:53 +03:00
cfg = container.config.office;
in {
2024-06-15 18:38:17 +03:00
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
2024-06-09 23:35:53 +03:00
containers.office = container.mkContainer cfg {
2024-06-15 18:38:17 +03:00
bindMounts = {
"/var/lib/onlyoffice" = {
hostPath = "${cfg.storage}/data";
isReadOnly = false;
};
};
2024-06-09 23:35:53 +03:00
config = { ... }: container.mkContainerConfig cfg {
services.onlyoffice = let
dbName = "onlyoffice";
in {
enable = true;
hostname = cfg.domain;
postgresName = dbName;
postgresHost = container.config.postgres.address;
postgresUser = dbName;
postgresPasswordFile = "${pkgs.writeText "OfficeDbPassword" dbName}";
2024-06-15 18:38:17 +03:00
jwtSecretFile = "/var/lib/onlyoffice/jwt";
2024-06-20 17:24:03 +03:00
rabbitmqUrl = "amqp://guest:guest@${container.config.rabbitmq.address}:${toString container.config.rabbitmq.port}";
2024-06-09 23:35:53 +03:00
examplePort = cfg.port;
enableExampleServer = true;
};
};
};
}