From 3813989cf006fa9079ba751d029649e4d61c9da4 Mon Sep 17 00:00:00 2001
From: Alexander Bantyev <balsoft@balsoft.ru>
Date: Tue, 28 Jul 2020 13:02:32 +0300
Subject: [PATCH] Fix nextcloud and matrix

---
 modules/mailserver.nix | 4 +---
 modules/nginx.nix      | 4 ++++
 modules/packages.nix   | 2 ++
 modules/services.nix   | 4 ++++
 4 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/modules/mailserver.nix b/modules/mailserver.nix
index 8c8876a..5d12fca 100644
--- a/modules/mailserver.nix
+++ b/modules/mailserver.nix
@@ -84,9 +84,7 @@ in {
       };
     };
     localDnsResolver = false;
-    certificateScheme = 1;
-    certificateFile = builtins.toFile "balsoft.crt" config.secrets.ssl.cert;
-    keyFile = builtins.toFile "balsoft.key" config.secrets.ssl.priv;
+    certificateScheme = 3;
     enableImap = true;
     enableImapSsl = true;
     virusScanning = false;
diff --git a/modules/nginx.nix b/modules/nginx.nix
index c8a926c..24a2099 100644
--- a/modules/nginx.nix
+++ b/modules/nginx.nix
@@ -13,6 +13,10 @@
           root = "/var/lib/balsoft.ru";
           index = "index.txt";
         };
+        locations."/.well-known".proxyPass = "https://localhost:13748";
+        locations."/_matrix" = {
+          proxyPass = "https://localhost:13748";
+        };
         enableACME = true;
         addSSL = true;
       };
diff --git a/modules/packages.nix b/modules/packages.nix
index 84da694..4ea2c0c 100644
--- a/modules/packages.nix
+++ b/modules/packages.nix
@@ -34,6 +34,8 @@ in {
 
         nerdfonts = nur.balsoft.pkgs.roboto-mono-nerd;
 
+
+
         mobile-broadband-provider-info =
           super.mobile-broadband-provider-info.overrideAttrs (oa: {
             src = inputs.mobile-broadband-provider-info;
diff --git a/modules/services.nix b/modules/services.nix
index 772b5ff..54ea21a 100644
--- a/modules/services.nix
+++ b/modules/services.nix
@@ -56,11 +56,15 @@
     hostName = "nextcloud.balsoft.ru";
     config.adminpassFile = "/home/balsoft/nextcloud-admin";
     package = pkgs.nextcloud19;
+    https = true;
   };
 
   services.nginx.virtualHosts."nextcloud.balsoft.ru" = {
     enableACME = true;
     forceSSL = true;
+    locations."/".proxyWebsockets = true;
+    locations."~ ^\\/(?:build|tests|config|lib|3rdparty|templates|data)\\/".proxyWebsockets = true;
+    locations."~ ^\\/(?:index|remote|public|cron|core/ajax\\/update|status|ocs\\/v[12]|updater\\/.+|ocs-provider\\/.+|ocm-provider\\/.+)\\.php(?:$|\\/)".proxyWebsockets = true;
   };
 
 }