diff --git a/hosts/hitsugibune/configuration.nix b/hosts/hitsugibune/configuration.nix index 962e952..3680772 100644 --- a/hosts/hitsugibune/configuration.nix +++ b/hosts/hitsugibune/configuration.nix @@ -156,5 +156,5 @@ in { }; }; - system.stateVersion = "24.11"; + system.stateVersion = "25.11"; } diff --git a/hosts/hitsugibune/nextcloud.nix b/hosts/hitsugibune/nextcloud.nix index 760472e..31bcc32 100644 --- a/hosts/hitsugibune/nextcloud.nix +++ b/hosts/hitsugibune/nextcloud.nix @@ -13,6 +13,11 @@ owner = "onlyoffice"; group = "onlyoffice"; }; + age.secrets.onlyoffice-nonce = { + file = ../../secrets/onlyoffice-nonce.age; + owner = "onlyoffice"; + group = "onlyoffice"; + }; networking.firewall.allowedTCPPorts = [80 443]; services.nextcloud = { enable = true; @@ -43,6 +48,7 @@ enable = true; hostname = "onlyoffice.sprechtl.me"; jwtSecretFile = config.age.secrets.onlyoffice.path; + securityNonceFile = config.age.secrets.onlyoffice-nonce.path; }; services.nginx = { diff --git a/secrets/onlyoffice-nonce.age b/secrets/onlyoffice-nonce.age new file mode 100644 index 0000000..c80580c --- /dev/null +++ b/secrets/onlyoffice-nonce.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> ssh-ed25519 7PLkJg zwMnfFJkWY5tx+NBwDtRwX9XP5XW4+uObnHRqlIfaDI +gnCXhEEyj+jaQrrGFNsEbS8X9q8DPOifbg5/L7yHB1I +-> ssh-rsa LgF3EQ +Pjj1CfQliSGPxzwdTb6MRCckUSDHZ/VT7vmQpfucXhHYPq0kjSAGgUurq37OaQS7 +4Wi1j0xDYYP8hKtCv3HmbRIeDDteMpM366/7QBxuC0A0mZd79TbPc1NT3r2Q+8l0 +KAERdvh0hXprA8fh3rCTukuioArdN5vZ+0n4mD/G2hnitbhCo9l1Jlk0g2k8KG75 +5B1XQt52XtRFZZtyYqCYSlqn8UsmSrCeXYUC2+vPiri9ESJ3XdVCJshIRzpmVLJY +Syptg3eiyqMZ0/dRpajpYj1M0xNT9yo8fDxzEovEr7UAsEpo99+4DKIHuIU0nG3L +xfjavGEIrazFhDNOVRB1ICi6S7wpPm7uJstGqAVQgxLcYGuIY+DNQEhwBp6iF85z +61d/ElGAqbfk8czkQItO3Z1/jKWYrIKHL+LMynMeRBF19DbEdHglrIy3G0Sx/7Uq +NqQyunJR20r3TKYRBFkIihI0yBhCeIasZXSoHtaUOl9pUHCPpGiH8ZziXLtpE/+X + +--- sYvD2qjskuiAe0JqsUo0ONMIrN/lg5pMi5hx6ZdHjSk +Ñ_’ `W »b‹é±¤iEjJƨºè;ê}™˜«;¹f³ÃÞ\SÚÊ+î©öX;1ô‘œ ±Qåf<fi´Û£œR