From 1f5d2c1ce55baa1a0dc6df2675eee1b241ba1a64 Mon Sep 17 00:00:00 2001 From: Harald Hoyer Date: Fri, 21 Nov 2025 14:52:00 +0100 Subject: [PATCH] chore(nix): add OIDC app and webfinger redirect for Nextcloud - Added OIDC app to Nextcloud with specific URL, SHA256, and license configuration for authentication support. - Configured Nginx to redirect `.well-known/webfinger` to Nextcloud for improved compatibility. - Updated Nextcloud settings to include `overwrite.cli.url` for proper URL handling. --- systems/x86_64-linux/mx/nextcloud.nix | 6 ++++++ systems/x86_64-linux/mx/nginx.nix | 5 ++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/systems/x86_64-linux/mx/nextcloud.nix b/systems/x86_64-linux/mx/nextcloud.nix index 47d91d8..727778e 100644 --- a/systems/x86_64-linux/mx/nextcloud.nix +++ b/systems/x86_64-linux/mx/nextcloud.nix @@ -23,11 +23,17 @@ spreed tasks ; + oidc = pkgs.fetchNextcloudApp { + sha256 = "sha256-RFlPJFwqv7TEoTZUc2vhP4AB7hh619EQ7vRdM+HDoBw="; + url = "https://github.com/H2CK/oidc/releases/download/1.13.1/oidc-1.13.1.tar.gz"; + license = "afl3"; + }; }; hostName = "nc.hoyer.xyz"; https = true; configureRedis = true; settings = { + "overwrite.cli.url" = "https://nc.hoyer.xyz"; maintenance_window_start = "1"; log_type = "file"; mail_smtpmode = "sendmail"; diff --git a/systems/x86_64-linux/mx/nginx.nix b/systems/x86_64-linux/mx/nginx.nix index a3934c7..26556bf 100644 --- a/systems/x86_64-linux/mx/nginx.nix +++ b/systems/x86_64-linux/mx/nginx.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, ... }: +{ ... }: { users.users.nginx.extraGroups = [ "acme" ]; services.nginx = { @@ -54,6 +54,9 @@ locations."/stats" = { basicAuthFile = "/var/www/hoyer.xyz/stats.htaccess"; }; + locations."/.well-known/webfinger" = { + return = "307 https://nc.hoyer.xyz/.well-known/webfinger"; + }; }; "surfsite.org" = {