feat: nextcloud whiteboard server

features: nextcloud whiteboard server nextcloud memories with recognize patch
2025-10-15 23:10:28 +08:00 · 2025-10-15 23:10:28 +08:00 · dfda745829
commit dfda745829
parent 6a71b601f5
13 changed files with 165 additions and 23 deletions
--- a/system/modules/nextcloud.nix
+++ b/system/modules/nextcloud.nix
@ -6,6 +6,7 @@
  configureACME ? true,
  trusted-domains ? [ ],
  trusted-proxies ? [ ],
+  whiteboardSecrets ? [ ],
 }:
 {
  config,
@ -14,7 +15,7 @@
  ...
 }:
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf optionalString;

  nextcloudPkg = pkgs.nextcloud32.overrideAttrs (oldAttr: rec {
    caBundle = config.security.pki.caBundle;
@ -22,6 +23,28 @@ let
      cp ${caBundle} resources/config/ca-bundle.crt
    '';
  });
+
+  # Patch for downloading models. Hardcoded to `/var/lib/nextcloud/models`
+  recognize = pkgs.stdenvNoCC.mkDerivation (finalAttrs: {
+    pname = "recognize-patched";
+    version = "10.0.4";
+
+    src = pkgs.fetchNextcloudApp {
+      url = "https://github.com/nextcloud/recognize/releases/download/v10.0.4/recognize-10.0.4.tar.gz";
+      sha256 = "sha256-/RHnnvGJMcxe4EuceYc20xh3qkYy1ZzGsyvp0h03eLk=";
+      license = "agpl3Plus";
+    };
+
+    patches = [
+      ../../pkgs/patches/nextcloud_recognize_models_path.patch
+    ];
+
+    installPhase = ''
+      mkdir -p $out
+      cp -r . $out/
+    '';
+  });
+
 in
 {
  imports = [
@ -64,8 +87,11 @@ in
        calendar
        whiteboard
        user_oidc
+        memories
        ;

+      inherit recognize;
+
      camerarawpreviews = pkgs.fetchNextcloudApp {
        url = "https://github.com/ariselseng/camerarawpreviews/releases/download/v0.8.8/camerarawpreviews_nextcloud.tar.gz";
        sha256 = "sha256-Pnjm38hn90oV3l4cPAnQ+oeO6x57iyqkm80jZGqDo1I=";
@ -103,9 +129,22 @@ in
    };
  };

+  services.nextcloud-whiteboard-server = {
+    enable = true;
+    settings = {
+      NEXTCLOUD_URL = "http${optionalString configureACME "s"}://${hostname}";
+      PORT = "3002";
+    };
+    secrets = whiteboardSecrets;
+  };
+
  services.nginx.virtualHosts.${hostname} = mkIf configureACME {
    enableACME = true;
    forceSSL = true;
+    locations."/whiteboard/" = {
+      proxyWebsockets = true;
+      proxyPass = "http://127.0.0.1:${config.services.nextcloud-whiteboard-server.settings.PORT}/";
+    };
  };

  environment.systemPackages = with pkgs; [
--- a/system/modules/paperless-ngx.nix
+++ b/system/modules/paperless-ngx.nix
@ -1,8 +1,12 @@
 {
  domain ? "localhost",
+  configureNginx ? true,
  passwordFile,
 }:
-{ config, ... }:
+{ config, lib, ... }:
+let
+  inherit (lib) mkIf optionalString;
+in
 {
  services.paperless = {
    enable = true;
@ -18,13 +22,13 @@
        optimize = 1;
        pdfa_image_compression = "lossless";
      };
-      PAPERLESS_URL = "https://${domain}";
+      PAPERLESS_URL = "http${optionalString configureNginx "s"}://${domain}";
    };
    configureTika = true;
    database.createLocally = true;
  };

-  services.nginx.virtualHosts."${domain}" = {
+  services.nginx.virtualHosts."${domain}" = mkIf configureNginx {
    enableACME = true;
    forceSSL = true;
    locations."/".proxyPass = "http://localhost:${toString config.services.paperless.port}";