Gleipnir/nixos-systems
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos-systems/modules/system/seafile.nix

101 lines
4.2 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
with lib;
let
domain = "filez.gleipnir.technology";
stripTabs = text: let
# Whether all lines start with a tab (or is empty)
shouldStripTab = lines: builtins.all (line: (line == "") || (pkgs.lib.strings.hasPrefix " " line)) lines;
# Strip a leading tab from all lines
stripTab = lines: builtins.map (line: pkgs.lib.strings.removePrefix " " line) lines;
# Strip tabs recursively until there are none
stripTabs = lines: if (shouldStripTab lines) then (stripTabs (stripTab lines)) else lines;
in
# Split into lines. Strip leading tabs. Concat back to string.
builtins.concatStringsSep "\n" (stripTabs (pkgs.lib.strings.splitString "\n" text));
in {
options.myModules.seafile.enable = mkEnableOption "custom seafile configuration";
config = mkIf config.myModules.seafile.enable {
services.caddy.virtualHosts."filez.gleipnir.technology".extraConfig = ''
handle /seafhttp* {
reverse_proxy unix//run/seafile/server.sock
}
handle {
reverse_proxy unix//run/seahub/gunicorn.sock
}
'';
services.seafile = {
adminEmail = "eli@gleipnir.technology";
ccnetSettings = {
General.SERVICE_URL = "https://${domain}";
};
enable = true;
gc = {
enable = true;
dates = [ "Sun 03:00:00" ];
};
initialAdminPassword = "change this later!";
seafileSettings = {
fileserver = {
host = "unix:/run/seafile/server.sock";
use_go_fileserver = "false";
};
# Enable weekly collection of freed blocks
history.keep_days = "14"; # Remove deleted files after 14 days
quota.default = "50"; # Amount of GB allotted to users
};
seahubExtraConf = stripTabs(''
DEBUG = True
# Enable edit files through LibreOffice Online
ENABLE_OFFICE_WEB_APP_EDIT = True
# types of files should be editable through LibreOffice Online
ENABLE_OFFICE_WEB_APP = True
OFFICE_SERVER_TYPE = 'CollaboraOffice'
OFFICE_WEB_APP_BASE_URL = 'https://collabora.gleipnir.technology/hosting/discovery'
OFFICE_WEB_APP_EDIT_FILE_EXTENSION = ('odp', 'ods', 'odt', 'xls', 'xlsb', 'xlsm', 'xlsx','ppsx', 'ppt', 'pptm', 'pptx', 'doc', 'docm', 'docx')
OFFICE_WEB_APP_FILE_EXTENSION = ('odp', 'ods', 'odt', 'xls', 'xlsb', 'xlsm', 'xlsx','ppsx', 'ppt', 'pptm', 'pptx', 'doc', 'docm', 'docx')
# Expiration of WOPI access token
# WOPI access token is a string used by Seafile to determine the file's
# identity and permissions when use LibreOffice Online view it online
# And for security reason, this token should expire after a set time period
WOPI_ACCESS_TOKEN_EXPIRATION = 24 * 60 * 60 # seconds
ENABLE_OAUTH = True
# If create new user when he/she logs in Seafile for the first time, defalut `True`.
OAUTH_CREATE_UNKNOWN_USER = True
# If active new user when he/she logs in Seafile for the first time, defalut `True`.
OAUTH_ACTIVATE_USER_AFTER_CREATION = True
# Usually OAuth works through SSL layer. If your server is not parametrized to allow HTTPS, some method will raise an "oauthlib.oauth2.rfc6749.errors.InsecureTransportError". Set this to `True` to avoid this error.
#OAUTH_ENABLE_INSECURE_TRANSPORT = True
# Client id/secret generated by authorization server when you register your client application.
OAUTH_CLIENT_ID = "secret"
OAUTH_CLIENT_SECRET = "secret"
# Callback url when user authentication succeeded. Note, the redirect url you input when you register your client application MUST be exactly the same as this value.
OAUTH_REDIRECT_URL = 'https://filez.gleipnir.technology/oauth/callback/'
# The following should NOT be changed if you are using Github as OAuth provider.
OAUTH_PROVIDER_DOMAIN = 'gleipnir.technology'
OAUTH_PROVIDER = 'Authentik'
OAUTH_AUTHORIZATION_URL = 'https://auth.gleipnir.technology/application/o/authorize/'
OAUTH_TOKEN_URL = 'https://auth.gleipnir.technology/application/o/token/'
OAUTH_USER_INFO_URL = 'https://auth.gleipnir.technology/application/o/userinfo/'
OAUTH_SCOPE = ["openid", "profile", "email"]
OAUTH_ATTRIBUTE_MAP = {
"id": (False, "not used"),
"name": (True, "name"),
"email": (True, "email"),
}
SEAHUB_DATA_ROOT = "/var/lib/seafile/seahub/data"
'');
};
};
}
Reference in a new issue View git blame Copy permalink