mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-13 08:23:25 +00:00
6afb255d97
these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
156 lines
3.9 KiB
Nix
156 lines
3.9 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
cfg = config.services.trilium-server;
|
|
configIni = pkgs.writeText "trilium-config.ini" ''
|
|
[General]
|
|
# Instance name can be used to distinguish between different instances
|
|
instanceName=${cfg.instanceName}
|
|
|
|
# Disable automatically generating desktop icon
|
|
noDesktopIcon=true
|
|
noBackup=${lib.boolToString cfg.noBackup}
|
|
noAuthentication=${lib.boolToString cfg.noAuthentication}
|
|
|
|
[Network]
|
|
# host setting is relevant only for web deployments - set the host on which the server will listen
|
|
host=${cfg.host}
|
|
# port setting is relevant only for web deployments, desktop builds run on random free port
|
|
port=${toString cfg.port}
|
|
# true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure).
|
|
https=false
|
|
'';
|
|
in
|
|
{
|
|
|
|
options.services.trilium-server = with lib; {
|
|
enable = mkEnableOption "trilium-server";
|
|
|
|
dataDir = mkOption {
|
|
type = types.str;
|
|
default = "/var/lib/trilium";
|
|
description = ''
|
|
The directory storing the notes database and the configuration.
|
|
'';
|
|
};
|
|
|
|
instanceName = mkOption {
|
|
type = types.str;
|
|
default = "Trilium";
|
|
description = ''
|
|
Instance name used to distinguish between different instances
|
|
'';
|
|
};
|
|
|
|
noBackup = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = ''
|
|
Disable periodic database backups.
|
|
'';
|
|
};
|
|
|
|
noAuthentication = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = ''
|
|
If set to true, no password is required to access the web frontend.
|
|
'';
|
|
};
|
|
|
|
host = mkOption {
|
|
type = types.str;
|
|
default = "127.0.0.1";
|
|
description = ''
|
|
The host address to bind to (defaults to localhost).
|
|
'';
|
|
};
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 8080;
|
|
description = ''
|
|
The port number to bind to.
|
|
'';
|
|
};
|
|
|
|
nginx = mkOption {
|
|
default = {};
|
|
description = ''
|
|
Configuration for nginx reverse proxy.
|
|
'';
|
|
|
|
type = types.submodule {
|
|
options = {
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = ''
|
|
Configure the nginx reverse proxy settings.
|
|
'';
|
|
};
|
|
|
|
hostName = mkOption {
|
|
type = types.str;
|
|
description = ''
|
|
The hostname use to setup the virtualhost configuration
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable (lib.mkMerge [
|
|
{
|
|
meta.maintainers = with lib.maintainers; [ fliegendewurst ];
|
|
|
|
users.groups.trilium = {};
|
|
users.users.trilium = {
|
|
description = "Trilium User";
|
|
group = "trilium";
|
|
home = cfg.dataDir;
|
|
isSystemUser = true;
|
|
};
|
|
|
|
systemd.services.trilium-server = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
environment.TRILIUM_DATA_DIR = cfg.dataDir;
|
|
serviceConfig = {
|
|
ExecStart = "${pkgs.trilium-server}/bin/trilium-server";
|
|
User = "trilium";
|
|
Group = "trilium";
|
|
PrivateTmp = "true";
|
|
};
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d ${cfg.dataDir} 0750 trilium trilium - -"
|
|
"L+ ${cfg.dataDir}/config.ini - - - - ${configIni}"
|
|
];
|
|
|
|
}
|
|
|
|
(lib.mkIf cfg.nginx.enable {
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts."${cfg.nginx.hostName}" = {
|
|
locations."/" = {
|
|
proxyPass = "http://${cfg.host}:${toString cfg.port}/";
|
|
extraConfig = ''
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection 'upgrade';
|
|
proxy_set_header Host $host;
|
|
proxy_cache_bypass $http_upgrade;
|
|
'';
|
|
};
|
|
extraConfig = ''
|
|
client_max_body_size 0;
|
|
'';
|
|
};
|
|
};
|
|
})
|
|
]);
|
|
}
|