From 3cb548d77a4a3f3df7c2a8118f28ab2abe195a68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= <hello@benjaminbaedorf.eu>
Date: Sat, 28 Oct 2023 21:39:13 +0200
Subject: [PATCH] feat: add collabora

---
 flake.nix                           |  8 +++++-
 hosts/nachtigall/apps/collabora.nix | 39 +++++++++++++++++++++++++++++
 hosts/nachtigall/default.nix        |  1 +
 3 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 hosts/nachtigall/apps/collabora.nix

diff --git a/flake.nix b/flake.nix
index 0bc7545..48b6fa1 100644
--- a/flake.nix
+++ b/flake.nix
@@ -103,7 +103,13 @@
           nixosModules = {
             # Common nixos/nix-darwin configuration shared between Linux and macOS.
             common = { pkgs, ... }: {
-              virtualisation.docker.enable = true;
+              virtualisation.docker = {
+                enable = true;
+                extraOptions = ''
+                  --data-root /var/lib/docker
+                '';
+              };
+
               services.openssh.enable = true;
               services.openssh.settings.PermitRootLogin = "prohibit-password";
               services.openssh.settings.PasswordAuthentication = false;
diff --git a/hosts/nachtigall/apps/collabora.nix b/hosts/nachtigall/apps/collabora.nix
new file mode 100644
index 0000000..89c3e85
--- /dev/null
+++ b/hosts/nachtigall/apps/collabora.nix
@@ -0,0 +1,39 @@
+{
+  config,
+  lib,
+  pkgs,
+  self,
+  ...
+}: {
+  services.nginx.virtualHosts."collabora.pub.solar" = {
+    enableACME = true;
+    forceSSL = true;
+
+    locations."/".proxyPass = "http://localhost:9980";
+  };
+
+  virtualisation = {
+    oci-containers = {
+      backend = "docker";
+
+      containers."collabora" = {
+        image = "collabora/code";
+        autoStart = true;
+        ports = [
+          "9980:9980"
+        ];
+        extraOptions = [
+          "--cap-add=MKNOD"
+          "--pull=always"
+        ];
+        environment = {
+          server_name = "collabora.pub.solar";
+          aliasgroup1 = "https://cloud.pub.solar:443";
+          DONT_GEN_SSL_CERT = "1";
+          extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
+          SLEEPFORDEBUGGER = "0";
+        };
+      };
+    };
+  };
+}
diff --git a/hosts/nachtigall/default.nix b/hosts/nachtigall/default.nix
index 2b21af4..5d1781d 100644
--- a/hosts/nachtigall/default.nix
+++ b/hosts/nachtigall/default.nix
@@ -10,6 +10,7 @@
       ./nix.nix
       ./apps/nginx.nix
 
+      ./apps/collabora.nix
       ./apps/forgejo.nix
       ./apps/keycloak.nix
       ./apps/mailman.nix