From bdce4c09085aed78ad08ff532c20bc708f7bbdf8 Mon Sep 17 00:00:00 2001
From: s-prechtl <stefan@tague.at>
Date: Mon, 30 Jun 2025 13:23:40 +0200
Subject: [PATCH] feat: nextcloud to subdomain

---
 hosts/goingmerry/configuration.nix |  5 ++-
 hosts/hitsugibune/nextcloud.nix    | 51 ++----------------------------
 2 files changed, 5 insertions(+), 51 deletions(-)

diff --git a/hosts/goingmerry/configuration.nix b/hosts/goingmerry/configuration.nix
index 43b82a6..cba3510 100644
--- a/hosts/goingmerry/configuration.nix
+++ b/hosts/goingmerry/configuration.nix
@@ -296,11 +296,10 @@
   # networking.firewall.allowedUDPPorts = [ ... ];
   # Or disable the firewall altogether.
   # networking.firewall.enable = false;
-  security.pam.services = 
-  {
+  security.pam.services = {
     hyprlock = {};
     "kdewallet" = {
-        kwallet.enable = true;
+      kwallet.enable = true;
     };
   };
   networking.firewall.checkReversePath = false;
diff --git a/hosts/hitsugibune/nextcloud.nix b/hosts/hitsugibune/nextcloud.nix
index ca120eb..ef36916 100644
--- a/hosts/hitsugibune/nextcloud.nix
+++ b/hosts/hitsugibune/nextcloud.nix
@@ -9,26 +9,12 @@
   networking.firewall.allowedTCPPorts = [80 443];
   services.nextcloud = {
     enable = true;
-    hostName = "sprechtl.ddns.net";
-    https = true;
+    hostName = "nextcloud.sprechtl.ddns.net";
+    https = false;
     configureRedis = true;
     caching.redis = true;
     autoUpdateApps.enable = true;
     package = pkgs.nextcloud31;
-    settings = let
-      prot = "https";
-      host = config.services.nextcloud.hostName;
-      dir = "/nextcloud";
-      proxies = [ "127.0.0.1" ];
-    in {
-      overwriteprotocol = prot;
-      overwritehost = host;
-      overwritewebroot = dir;
-      overwrite.cli.url = "${prot}://${host}${dir}/";
-      htaccess.RewriteBase = dir;
-      log_type = "file";
-      trusted_proxies = proxies;
-    };
     config = {
       adminuser = "admin";
       adminpassFile = "/etc/nextcloud-admin-pass";
@@ -46,44 +32,13 @@
     virtualHosts.${config.services.nextcloud.hostName} = {
       forceSSL = true;
       enableACME = true;
-      listen = [
-        {
-          addr = "0.0.0.0";
-          port = 80;
-        }
-        {
-          addr = "0.0.0.0";
-          port = 443;
-          ssl = true;
-        }
-        {
-          addr = "127.0.0.1";
-          port = 8080;
-        }
-      ];
-      locations = {
-        "/nextcloud/" = {
-          priority = 9999;
-          extraConfig = ''
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-NginX-Proxy true;
-            proxy_set_header X-Forwarded-Proto https;
-            rewrite ^/nextcloud(.*)$ $1 break;
-            proxy_pass http://127.0.0.1:8080/; # tailing / is important!
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_redirect off;
-          '';
-        };
-      };
     };
   };
 
   security.acme = {
     acceptTerms = true;
     certs = {
-      ${config.services.nextcloud.hostName}.email = "stefan@tague.at";
+      ${config.services.nextcloud.hostName}.email = "your-letsencrypt-email@example.com";
     };
   };
 }