Harald Hoyer
bc6091f63f
- Added configuration for Nextcloud Claude Bot, including NixOS module, secrets management, and example setup files. - Introduced a Python-based HTTP server for handling webhook events and interacting with Nextcloud Talk. - Integrated necessary dependencies and systemd service for seamless operation.
80 lines
2.2 KiB
Nix
80 lines
2.2 KiB
Nix
# Example NixOS configuration for the Nextcloud Claude Bot
|
|
# Add this to your configuration.nix or a separate module
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./nextcloud-claude-bot/module.nix
|
|
];
|
|
|
|
# Install Claude Code CLI
|
|
# Note: You'll need to either:
|
|
# 1. Use the official package if available in nixpkgs
|
|
# 2. Package it yourself
|
|
# 3. Use a binary wrapper
|
|
|
|
# Option 1: If claude-code is in nixpkgs (check latest state)
|
|
# environment.systemPackages = [ pkgs.claude-code ];
|
|
|
|
# Option 2: Manual binary installation wrapper
|
|
nixpkgs.overlays = [
|
|
(final: prev: {
|
|
claude-code = final.writeShellScriptBin "claude" ''
|
|
# Assumes claude is installed via npm globally or similar
|
|
exec ${final.nodejs}/bin/node /opt/claude-code/cli.js "$@"
|
|
'';
|
|
})
|
|
];
|
|
|
|
# Create bot secret
|
|
# Generate with: openssl rand -hex 32
|
|
# Store in a file, e.g., /var/secrets/nextcloud-claude-bot
|
|
|
|
services.nextcloud-claude-bot = {
|
|
enable = true;
|
|
port = 8085;
|
|
host = "127.0.0.1";
|
|
|
|
nextcloudUrl = "https://cloud.example.com";
|
|
botSecretFile = "/var/secrets/nextcloud-claude-bot";
|
|
|
|
# Only allow specific users
|
|
allowedUsers = [ "harald" ];
|
|
|
|
# Claude settings
|
|
maxTokens = 4096;
|
|
timeout = 120;
|
|
|
|
# Optional system prompt
|
|
systemPrompt = ''
|
|
Du bist ein hilfreicher Assistent. Antworte auf Deutsch,
|
|
es sei denn der Nutzer schreibt auf Englisch.
|
|
'';
|
|
};
|
|
|
|
# Ensure secrets directory exists with proper permissions
|
|
systemd.tmpfiles.rules = [
|
|
"d /var/secrets 0750 root root -"
|
|
];
|
|
|
|
# If Nextcloud runs locally, bot can stay on localhost.
|
|
# If you need external access (e.g., Nextcloud on different server):
|
|
services.nginx.virtualHosts."cloud.example.com" = {
|
|
# ... your existing Nextcloud config ...
|
|
|
|
locations."/_claude-bot/" = {
|
|
proxyPass = "http://127.0.0.1:8085/";
|
|
extraConfig = ''
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Only allow from Nextcloud itself
|
|
allow 127.0.0.1;
|
|
deny all;
|
|
'';
|
|
};
|
|
};
|
|
}
|