# Example NixOS configuration for the Nextcloud Claude Bot # Add this to your configuration.nix or a separate module { config, pkgs, ... }: { imports = [ ./nextcloud-claude-bot/module.nix ]; # Install Claude Code CLI # Note: You'll need to either: # 1. Use the official package if available in nixpkgs # 2. Package it yourself # 3. Use a binary wrapper # Option 1: If claude-code is in nixpkgs (check latest state) # environment.systemPackages = [ pkgs.claude-code ]; # Option 2: Manual binary installation wrapper nixpkgs.overlays = [ (final: prev: { claude-code = final.writeShellScriptBin "claude" '' # Assumes claude is installed via npm globally or similar exec ${final.nodejs}/bin/node /opt/claude-code/cli.js "$@" ''; }) ]; # Create bot secret # Generate with: openssl rand -hex 32 # Store in a file, e.g., /var/secrets/nextcloud-claude-bot services.nextcloud-claude-bot = { enable = true; port = 8085; host = "127.0.0.1"; nextcloudUrl = "https://cloud.example.com"; botSecretFile = "/var/secrets/nextcloud-claude-bot"; # Only allow specific users allowedUsers = [ "harald" ]; # Claude settings maxTokens = 4096; timeout = 120; # Optional system prompt systemPrompt = '' Du bist ein hilfreicher Assistent. Antworte auf Deutsch, es sei denn der Nutzer schreibt auf Englisch. ''; }; # Ensure secrets directory exists with proper permissions systemd.tmpfiles.rules = [ "d /var/secrets 0750 root root -" ]; # If Nextcloud runs locally, bot can stay on localhost. # If you need external access (e.g., Nextcloud on different server): services.nginx.virtualHosts."cloud.example.com" = { # ... your existing Nextcloud config ... locations."/_claude-bot/" = { proxyPass = "http://127.0.0.1:8085/"; extraConfig = '' proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # Only allow from Nextcloud itself allow 127.0.0.1; deny all; ''; }; }; }