From 7b0cfb5dfa7bc82aa5d2df931cef50a10b40b837 Mon Sep 17 00:00:00 2001 From: Kabbone Date: Sun, 18 Feb 2024 13:50:50 +0100 Subject: [PATCH] add token for onlyoffice --- modules/services/server/nextcloud.nix | 7 ++++++- secrets/secrets.nix | 1 + secrets/services/nextcloud/onlyofficejwt.age | 21 ++++++++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 secrets/services/nextcloud/onlyofficejwt.age diff --git a/modules/services/server/nextcloud.nix b/modules/services/server/nextcloud.nix index 0ca7730..b5ed5fe 100644 --- a/modules/services/server/nextcloud.nix +++ b/modules/services/server/nextcloud.nix @@ -45,11 +45,12 @@ services.onlyoffice = { enable = true; - hostname = "localhost"; + hostname = "docs.cloud.kabtop.de"; postgresName = "onlyoffice"; postgresHost = "localhost"; postgresUser = "onlyoffice"; postgresPasswordFile = config.age.secrets."services/nextcloud/onlyofficedb".path; + jwtSecretFile = config.age.secrets."services/nextcloud/onlyofficejwt".path; }; services.redis = { @@ -86,6 +87,10 @@ file = ../../../secrets/services/nextcloud/onlyofficedb.age; owner = "onlyoffice"; }; + age.secrets."services/nextcloud/onlyofficejwt" = { + file = ../../../secrets/services/nextcloud/onlyofficejwt.age; + owner = "onlyoffice"; + }; systemd.services."nextcloud-setup" = { requires = ["postgresql.service"]; diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 150ca2e..6be31ad 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -70,6 +70,7 @@ in "services/nextcloud/adminpassFile.age".publicKeys = servers ++ users; "services/nextcloud/dbpassFile.age".publicKeys = servers ++ users; "services/nextcloud/onlyofficedb.age".publicKeys = servers ++ users; + "services/nextcloud/onlyofficejwt.age".publicKeys = servers ++ users; "services/gitea/databasePassword.age".publicKeys = servers ++ users; "services/gitea/mailerPassword.age".publicKeys = servers ++ users; "services/gitea/homerunner-token.age".publicKeys = homerunners ++ users; diff --git a/secrets/services/nextcloud/onlyofficejwt.age b/secrets/services/nextcloud/onlyofficejwt.age new file mode 100644 index 0000000..1cb58c1 --- /dev/null +++ b/secrets/services/nextcloud/onlyofficejwt.age @@ -0,0 +1,21 @@ +age-encryption.org/v1 +-> ssh-ed25519 neExcQ mkJ8+lmRdrNs4QMOpRevodtJkZjglDCkUqYGtUPHh2g +eSskP9nocCNUlYI6tEMTgD/ThTDUmUxbxtn+clrJHwo +-> ssh-rsa VtjGpQ +PTarDFRMSn4FIIzf67Vzb+Xn7c1c20pV9a7UiRyUjV2PNduAs3HHQlMMUzMJZH76 +1qanW4IahBDLvmW7+6BJJ0ztr2ZcWU+beMv6JZhKL68R1w5obdpm0tj7ZpnnjHmB +URrrvXDMRBoyOl6ZRpAjc6AGrW/PybMYgJQQnvYmJJTH1eu4sYvyT8Cm/69F40bH +oak3vsFeXrmIrG4AdBYX3uS4lMy/7vgMh1J+QJ7x427C2MeKrb/2s2JqP+4J4BN4 +nM1aItGawTKE9Jd7B5y8fp+S1cNoOdgPk8o6u8UqSD9qy0X4nEygiDZB4Dj0omqw +7nVQ0hORxOQdZ7WkhV3oDhtU1OJfnFHyLC+mEXLYLtYrKRUmHOZgxuSjYLBcYlz2 +jYypES46MLcVfaClipAzVBqwzhsSvzbKnSEE5YWfX6O+iGvh9jEDdJ1K+fcZ1DrY +++WG2ugL0lMl1ouSG5hhG2hvIYotB/ADQGa8vgRvJHrE+Gn0NEEysV1Eos8/Ca0Z +/oSGpwec3Kv2ofFz8BM2dNA4z7vb4REpvxvdtmtk+pUCcj+aBmBxW0JXBHBxxCoJ +0Wojip3qFOqA4nYHzfqH002+pMGgjrFdxi53zLHjaNBexaOYEAVhrIHVvwBoDPaw +UOnZo4XzxmH7v+hHCpkasv0s+nhQR4GI9C8UozqDAdU +-> piv-p256 grR75w Au3yq+Oeyc7FFS7gkP05LQAYUWnwdKvdmLheHFTNqPCg +gj8+K9oZLG1C9Mr94GsMAEk07lp1u0fzUwL4003h/dM +-> piv-p256 RQguQQ Az0XZX/XQeaVNV+r0PmKcX/W/6pSey7gDVszu4aBj+nP +JLyAyWjyVDTTw2wKoD2w/bSwYd5tvfCEf+YaiVOXArc +--- QWEQoeMHdG5/5fZaewZhvbB6kpCMJZSu35MZX5mGL6s +N-VX}7`(Xk#xK̻ȶeMwR5 \ No newline at end of file