tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 10 Pull requests Activity

Compare commits

base: tlaternet:faaaad8e97ad45ab43f888e7deaea709062d551e
Branches Tags
tlaternet:master
tlaternet:tlater/authelia-attempt-3
tlaternet:tlater/coturn-disable
tlaternet:tlater/authelia-2
tlaternet:tlater/crowdsec-whitelists
tlaternet:tlater/authelia
...
compare: tlaternet:276b0df1cad8ea7ff6277907e229eaa6eb70e7e0
Branches Tags
tlaternet:tlater/authelia-attempt-3
tlaternet:master
tlaternet:tlater/coturn-disable
tlaternet:tlater/authelia-2
tlaternet:tlater/crowdsec-whitelists
tlaternet:tlater/authelia

6 commits
faaaad8e97 ... 276b0df1ca

Author SHA1 Message Date
Tristan Daniël Maat
276b0df1ca
config: Make changes suggested post 22.11 update 2023-01-11 02:28:01 +00:00
Tristan Daniël Maat
4de14a5b0e
firewall: Open Minecraft ports for port forwarding 2023-01-11 02:27:58 +00:00
Tristan Daniël Maat
92c05b0829
gitea: Update configuration for 22.11 2023-01-11 02:27:56 +00:00
Tristan Daniël Maat
3145943936
flake.nix: Build the VM using nix build 2023-01-11 02:27:53 +00:00
Tristan Daniël Maat
1a78ebdbca
keys/staging: Add a few missing keys that made the vm break 2023-01-11 02:27:50 +00:00
Tristan Daniël Maat
a5bd000e6c
nextcloud: Update the service and apps for 22.11 2023-01-11 02:27:44 +00:00
10 changed files with 94 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

9
configuration/default.nix
View file

@ -35,11 +35,11 @@
''; '';
# Enable remote builds from tlater # Enable remote builds from tlater
trustedUsers = ["@wheel"]; settings.trusted-users = ["@wheel"];
}; };
nixpkgs.config.allowUnfreePredicate = pkg: nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steamcmd"]; builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steam-run" "steamcmd"];
# Optimization for minecraft servers, see: # Optimization for minecraft servers, see:
# https://bugs.mojang.com/browse/MC-183518 # https://bugs.mojang.com/browse/MC-183518
@ -63,6 +63,8 @@
8448 8448
# starbound # starbound
21025 21025
# Minecraft
25565
config.services.coturn.listening-port config.services.coturn.listening-port
config.services.coturn.tls-listening-port config.services.coturn.tls-listening-port
@ -71,6 +73,9 @@
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
# More minecraft
25565
config.services.coturn.listening-port config.services.coturn.listening-port
config.services.coturn.tls-listening-port config.services.coturn.tls-listening-port
config.services.coturn.alt-listening-port config.services.coturn.alt-listening-port

9
configuration/services/gitea.nix
View file

@ -8,12 +8,15 @@ in {
httpAddress = "127.0.0.1"; httpAddress = "127.0.0.1";
database.type = "postgres"; database.type = "postgres";
ssh.clonePort = 2222;
rootUrl = "https://${domain}/"; rootUrl = "https://${domain}/";
cookieSecure = true;
appName = "Gitea: Git with a cup of tea"; appName = "Gitea: Git with a cup of tea";
disableRegistration = true;
settings = {
server.SSH_PORT = 2222;
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
};
}; };
# Set up SSL # Set up SSL

10
configuration/services/nextcloud.nix
View file

@ -3,14 +3,14 @@
config, config,
... ...
}: let }: let
inherit (pkgs) fetchNextcloudApp; nextcloud = pkgs.nextcloud25;
nextcloud = pkgs.nextcloud24;
hostName = "nextcloud.${config.services.nginx.domain}"; hostName = "nextcloud.${config.services.nginx.domain}";
in { in {
services.nextcloud = { services.nextcloud = {
inherit hostName; inherit hostName;
package = nextcloud; package = nextcloud;
enableBrokenCiphersForSSE = false;
enable = true; enable = true;
maxUploadSize = "2G"; maxUploadSize = "2G";
https = true; https = true;
@ -28,12 +28,6 @@ in {
}; };
extraApps = { extraApps = {
# TODO(tlater): Seems like this won't work anymore from
# Nextcloud 25 onwards.
#
# Adopt whatever upstream does with this:
# https://github.com/nextcloud/server/issues/4917
inherit (pkgs.local) apporder;
inherit (pkgs.local) bookmarks calendar contacts cookbook news notes; inherit (pkgs.local) bookmarks calendar contacts cookbook news notes;
}; };

11
flake.nix
View file

@ -73,15 +73,14 @@
################### ###################
packages.${system} = let packages.${system} = let
inherit (nixpkgs.legacyPackages.${system}) writeShellScript; inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
in {
default = self.packages.${system}.run-vm;
run-vm = let
vm = self.lib.makeNixosSystem { vm = self.lib.makeNixosSystem {
inherit system; inherit system;
extraModules = [(import ./configuration/hardware-specific/vm.nix)]; extraModules = [(import ./configuration/hardware-specific/vm.nix)];
}; };
in {
default = vm.config.system.build.vm;
run-vm = let
qemuNetOpts = self.lib.makeQemuNetOpts { qemuNetOpts = self.lib.makeQemuNetOpts {
"2222" = "2222"; "2222" = "2222";
"3080" = "80"; "3080" = "80";
@ -105,9 +104,7 @@
''; '';
}; };
apps.${system} = let apps.${system} = {
inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
in {
default = { default = {
type = "app"; type = "app";
program = builtins.toString self.packages.${system}.run-vm; program = builtins.toString self.packages.${system}.run-vm;

7
keys/staging.yaml
View file

@ -5,14 +5,17 @@ steam:
turn: turn:
env: ENC[AES256_GCM,data:xjIz/AY109lyiL5N01p5T3HcYco/rM5CJSRTtg==,iv:16bW6OpyOK/QL0QPGQp/Baa9xyT8E3ZsYkwqmjuofk0=,tag:J5re3uKxIykw3YunvQWBgg==,type:str] env: ENC[AES256_GCM,data:xjIz/AY109lyiL5N01p5T3HcYco/rM5CJSRTtg==,iv:16bW6OpyOK/QL0QPGQp/Baa9xyT8E3ZsYkwqmjuofk0=,tag:J5re3uKxIykw3YunvQWBgg==,type:str]
secret: ENC[AES256_GCM,data:eQ7dAocoZtg=,iv:fgzjTPv30WqTKlLy+yMn5MsKQgjhPnwlGFFwYEg3gWs=,tag:1ze33U1NBkgMX/9SiaBNQg==,type:str] secret: ENC[AES256_GCM,data:eQ7dAocoZtg=,iv:fgzjTPv30WqTKlLy+yMn5MsKQgjhPnwlGFFwYEg3gWs=,tag:1ze33U1NBkgMX/9SiaBNQg==,type:str]
ssl-key: ENC[AES256_GCM,data:RYfwHjBvwFXgXxXIEuWUzaycTdrCvmPivsNvvUIwDRynS5G2Dl6RCVp1w9zuLvoNun5ncUPGGuLMmVqN2wkJlw==,iv:UKI3bVTY7iTDNvp5UqrZ3QlQkMZ5p2bjgODEc6DCBfQ=,tag:sz7VTyRWyZxAsP4nE48DnA==,type:str]
#ENC[AES256_GCM,data:bxhKzU5Tzezl749CDu8e8kxa7ahGuZFaPa9K3kxuD+4sg5Hi3apgDlC0n8oK0DeiK4Ks7+9Cyw==,iv:T/zVJUpNAv1rR0a9+6SDTG08ws2A1hFBs5Ia3TpT0uk=,tag:uGXb1VryM+lIJ8r0I5durA==,type:comment]
ssl-cert: ENC[AES256_GCM,data:xHUr14CjKslgbGh/n5jYSOuCw9JRxS6YXE4fxS+aJzFcNeSeGNqoipPeuJupZGBnQP/FCqohiHY=,iv:/OEsVqRshGL9NIvntMC42EPZSNL0u6EfhtUBqgV7qog=,tag:4pxtNjuvy/ibm6nDtKdSkw==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: [] age: []
lastmodified: "2022-10-28T22:54:01Z" lastmodified: "2023-01-11T01:49:31Z"
mac: ENC[AES256_GCM,data:1nsv+Dl7lzRZNNb9kSuqFrXrcncIklw/A2uwd/yQQ546Rm/4gzpBZqCi6cv5VBCdc1iNuBcAM74DnZHMDmeWAiW0WfACPJMQjCes21P6IUsP2gu+bV2f9qqqnP2a5voxzFHp1aclklzMiiZJBEB1Y3UNz0ZG7A43hsOAE0/fJ9o=,iv:kY10PF5ErkKHXx8m0OyX2eU6kcFQsrsP3V2scVBMsuA=,tag:Uth0XfP2c0LBJQ7+7Uc0BQ==,type:str] mac: ENC[AES256_GCM,data:5IcHdNQ/mh6Jz60dlpgqbBtVGKYml4EOs7YXsBcejgAoPzZqEK+xb3f9+rq2G6sCcMXzROHJsdQUfp1wMgfp8DwVm4H+XO+SQh/E1kFuWO8G/IpXOT4P9RQC+wHxrVuxHd8pwl9CLv6uuMnO+FNg9TeWB2GAVxIBsY8JHwGN/BA=,iv:/Yqfij58LGNooyyhmr8aWCpknd4dN+b4iSvokVoDGls=,tag:XHm8Qcg75B1+pTOcgZubIQ==,type:str]
pgp: pgp:
- created_at: "2022-10-12T16:48:23Z" - created_at: "2022-10-12T16:48:23Z"
enc: | enc: |

59
pkgs/_sources_nextcloud/generated.json
View file

@ -7,9 +7,8 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96",
"sha256": "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE=", "type": "tarball",
"type": "url",
"url": "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz" "url": "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz"
}, },
"version": "v0.15.0" "version": "v0.15.0"
@ -22,12 +21,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx",
"sha256": "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz"
"url": "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz"
}, },
"version": "11.0.4" "version": "12.0.0"
}, },
"calendar": { "calendar": {
"cargoLocks": null, "cargoLocks": null,
@ -37,12 +35,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an",
"sha256": "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz"
"url": "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz"
}, },
"version": "v3.5.0" "version": "v4.2.0"
}, },
"contacts": { "contacts": {
"cargoLocks": null, "cargoLocks": null,
@ -52,12 +49,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8",
"sha256": "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz"
"url": "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz"
}, },
"version": "v4.2.2" "version": "v5.0.2"
}, },
"cookbook": { "cookbook": {
"cargoLocks": null, "cargoLocks": null,
@ -67,12 +63,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg",
"sha256": "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz"
"url": "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz"
}, },
"version": "0.9.17" "version": "0.10.1"
}, },
"news": { "news": {
"cargoLocks": null, "cargoLocks": null,
@ -82,12 +77,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7",
"sha256": "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz"
"url": "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz"
}, },
"version": "19.0.0" "version": "20.0.0"
}, },
"notes": { "notes": {
"cargoLocks": null, "cargoLocks": null,
@ -97,11 +91,10 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl",
"sha256": "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz"
"url": "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz"
}, },
"version": "v4.5.1" "version": "v4.6.0"
} }
} }

52
pkgs/_sources_nextcloud/generated.nix
View file

@ -4,57 +4,57 @@
apporder = { apporder = {
pname = "apporder"; pname = "apporder";
version = "v0.15.0"; version = "v0.15.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz"; url = "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz";
sha256 = "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE="; sha256 = "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96";
}; };
}; };
bookmarks = { bookmarks = {
pname = "bookmarks"; pname = "bookmarks";
version = "11.0.4"; version = "12.0.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz"; url = "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz";
sha256 = "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM="; sha256 = "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx";
}; };
}; };
calendar = { calendar = {
pname = "calendar"; pname = "calendar";
version = "v3.5.0"; version = "v4.2.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz"; url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz";
sha256 = "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0="; sha256 = "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an";
}; };
}; };
contacts = { contacts = {
pname = "contacts"; pname = "contacts";
version = "v4.2.2"; version = "v5.0.2";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz"; url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz";
sha256 = "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A="; sha256 = "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8";
}; };
}; };
cookbook = { cookbook = {
pname = "cookbook"; pname = "cookbook";
version = "0.9.17"; version = "0.10.1";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz"; url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz";
sha256 = "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I="; sha256 = "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg";
}; };
}; };
news = { news = {
pname = "news"; pname = "news";
version = "19.0.0"; version = "20.0.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz"; url = "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz";
sha256 = "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY="; sha256 = "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7";
}; };
}; };
notes = { notes = {
pname = "notes"; pname = "notes";
version = "v4.5.1"; version = "v4.6.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz"; url = "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz";
sha256 = "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk="; sha256 = "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl";
}; };
}; };
} }

4
pkgs/default.nix
View file

@ -2,7 +2,7 @@
pkgs, pkgs,
lib, lib,
}: let }: let
inherit (builtins) listToAttrs mapAttrs; inherit (builtins) fromJSON mapAttrs readFile;
inherit (pkgs) callPackage; inherit (pkgs) callPackage;
in in
{ {
@ -12,7 +12,7 @@ in
# Add nextcloud apps # Add nextcloud apps
let let
mkNextcloudApp = pkgs.callPackage ./mkNextcloudApp.nix {}; mkNextcloudApp = pkgs.callPackage ./mkNextcloudApp.nix {};
sources = pkgs.callPackage ./_sources_nextcloud/generated.nix {}; sources = fromJSON (readFile ./_sources_nextcloud/generated.json);
in in
mapAttrs (_: source: mkNextcloudApp source) sources mapAttrs (_: source: mkNextcloudApp source) sources
) )

13
pkgs/mkNextcloudApp.nix
View file

@ -1,13 +1,8 @@
{ {
fetchNextcloudApp, fetchNextcloudApp,
lib, lib,
}: let }: source:
inherit (lib) removePrefix; fetchNextcloudApp {
in
source:
fetchNextcloudApp {
name = source.pname;
version = removePrefix "v" source.version;
url = source.src.url; url = source.src.url;
sha256 = source.src.outputHash; sha256 = source.src.sha256;
} }

27
pkgs/nextcloud-apps.toml
View file

@ -1,35 +1,26 @@
[apporder]
src.github = "juliushaertl/apporder"
fetch.url = "https://github.com/juliushaertl/apporder/releases/download/$ver/apporder.tar.gz"
[bookmarks] [bookmarks]
src.github = "nextcloud/bookmarks" src.github = "nextcloud/bookmarks"
src.prefix = "v" src.prefix = "v"
fetch.url = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" fetch.tarball = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz"
[calendar] [calendar]
src.manual = "v3.5.0" # Pinned until we update to nextcloud 25 src.github = "nextcloud-releases/calendar"
# src.github = "nextcloud-releases/calendar" fetch.tarball = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz"
fetch.url = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz"
[contacts] [contacts]
src.manual = "v4.2.2" # Pinned until we update to nextcloud 25 src.github = "nextcloud-releases/contacts"
# src.github = "nextcloud-releases/contacts" fetch.tarball = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz"
fetch.url = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz"
[cookbook] [cookbook]
src.github_tag = "nextcloud/cookbook" src.github_tag = "nextcloud/cookbook"
src.prefix = "v" src.prefix = "v"
src.exclude_regex = 'v\d+\.\d+\.\d+-rc\d+' src.exclude_regex = 'v\d+\.\d+\.\d+-rc\d+'
fetch.url = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz" fetch.tarball = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz"
[news] [news]
src.github = "nextcloud/news" src.github = "nextcloud/news"
# Sadly, the news app vendors things, and those are only included in fetch.tarball = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz"
# their tarball.
fetch.url = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz"
[notes] [notes]
src.manual = "v4.5.1" # Pinned until we update to nextcloud 25 src.github = "nextcloud/notes"
# src.github = "nextcloud/notes" fetch.tarball = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz"
fetch.url = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz"