From 138d4d2bd9d7460dbe2bb48c1473c5bf9a07522e Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Fri, 15 Nov 2024 21:36:11 +0100
Subject: [PATCH] nixos: services: nextcloud: add collabora

This needs to be configured through the "Nextcloud Office" app,
specifically the WOPI setting is important for security (I put both the
external IP, as well as `::1` and `127.0.0.1`).
---
 .../nixos/services/nextcloud/collabora.nix    | 58 +++++++++++++++++++
 modules/nixos/services/nextcloud/default.nix  |  4 ++
 2 files changed, 62 insertions(+)
 create mode 100644 modules/nixos/services/nextcloud/collabora.nix

diff --git a/modules/nixos/services/nextcloud/collabora.nix b/modules/nixos/services/nextcloud/collabora.nix
new file mode 100644
index 0000000..d62181f
--- /dev/null
+++ b/modules/nixos/services/nextcloud/collabora.nix
@@ -0,0 +1,58 @@
+# Document editor with Nextcloud
+{ config, lib, ... }:
+let
+  cfg = config.my.services.nextcloud.collabora;
+in
+{
+  options.my.services.nextcloud.collabora = with lib; {
+    enable = mkEnableOption "Collabora integration";
+
+    port = mkOption {
+      type = types.port;
+      default = 9980;
+      example = 8080;
+      description = "Internal port for API";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.collabora-online = {
+      enable = true;
+      inherit (cfg) port;
+
+      aliasGroups = [
+        {
+          host = "https://collabora.${config.networking.domain}";
+          # Allow using from nextcloud
+          aliases = [ "https://${config.services.nextcloud.hostName}" ];
+        }
+      ];
+
+      settings = {
+        # Rely on reverse proxy for SSL
+        ssl = {
+          enable = false;
+          termination = true;
+        };
+      };
+    };
+
+    my.services.nginx.virtualHosts = {
+      collabora = {
+        inherit (cfg) port;
+
+        extraConfig = {
+          # Too bad for the repetition...
+          locations."~ ^/cool/(.*)/ws$" = {
+            proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}";
+            proxyWebsockets = true;
+          };
+          locations."^~ /cool/adminws" = {
+            proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}";
+            proxyWebsockets = true;
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix
index e2c4746..fe94177 100644
--- a/modules/nixos/services/nextcloud/default.nix
+++ b/modules/nixos/services/nextcloud/default.nix
@@ -4,6 +4,10 @@ let
   cfg = config.my.services.nextcloud;
 in
 {
+  imports = [
+    ./collabora.nix
+  ];
+
   options.my.services.nextcloud = with lib; {
     enable = mkEnableOption "Nextcloud";
     maxSize = mkOption {