feat: nextcloud to subdomain

2025-06-30 13:23:40 +02:00 · 2025-06-30 13:23:40 +02:00 · bdce4c0908
commit bdce4c0908
parent f8eb02b725
2 changed files with 5 additions and 51 deletions
--- a/hosts/goingmerry/configuration.nix
+++ b/hosts/goingmerry/configuration.nix
@ -296,8 +296,7 @@
  # networking.firewall.allowedUDPPorts = [ ... ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;
-  security.pam.services = 
-  {
+  security.pam.services = {
    hyprlock = {};
    "kdewallet" = {
      kwallet.enable = true;
--- a/hosts/hitsugibune/nextcloud.nix
+++ b/hosts/hitsugibune/nextcloud.nix
@ -9,26 +9,12 @@
  networking.firewall.allowedTCPPorts = [80 443];
  services.nextcloud = {
    enable = true;
-    hostName = "sprechtl.ddns.net";
-    https = true;
+    hostName = "nextcloud.sprechtl.ddns.net";
+    https = false;
    configureRedis = true;
    caching.redis = true;
    autoUpdateApps.enable = true;
    package = pkgs.nextcloud31;
-    settings = let
-      prot = "https";
-      host = config.services.nextcloud.hostName;
-      dir = "/nextcloud";
-      proxies = [ "127.0.0.1" ];
-    in {
-      overwriteprotocol = prot;
-      overwritehost = host;
-      overwritewebroot = dir;
-      overwrite.cli.url = "${prot}://${host}${dir}/";
-      htaccess.RewriteBase = dir;
-      log_type = "file";
-      trusted_proxies = proxies;
-    };
    config = {
      adminuser = "admin";
      adminpassFile = "/etc/nextcloud-admin-pass";
@ -46,44 +32,13 @@
    virtualHosts.${config.services.nextcloud.hostName} = {
      forceSSL = true;
      enableACME = true;
-      listen = [
-        {
-          addr = "0.0.0.0";
-          port = 80;
-        }
-        {
-          addr = "0.0.0.0";
-          port = 443;
-          ssl = true;
-        }
-        {
-          addr = "127.0.0.1";
-          port = 8080;
-        }
-      ];
-      locations = {
-        "/nextcloud/" = {
-          priority = 9999;
-          extraConfig = ''
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-NginX-Proxy true;
-            proxy_set_header X-Forwarded-Proto https;
-            rewrite ^/nextcloud(.*)$ $1 break;
-            proxy_pass http://127.0.0.1:8080/; # tailing / is important!
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_redirect off;
-          '';
-        };
-      };
    };
  };

  security.acme = {
    acceptTerms = true;
    certs = {
-      ${config.services.nextcloud.hostName}.email = "stefan@tague.at";
+      ${config.services.nextcloud.hostName}.email = "your-letsencrypt-email@example.com";
    };
  };
 }