feat(modules/obsidian-livesync): init

1 files changed, 63 insertions, 0 deletions

diff --git a/modules/services/obsidian-livesync.nix b/modules/services/obsidian-livesync.nix
new file mode 100644
index 0000000..3377069
--- /dev/null
+++ b/modules/services/obsidian-livesync.nix
@@ -0,0 +1,63 @@
+  { config, lib, ... }:
+
+  with lib;
+  let
+    cfg = config.modules.services.obsidian-livesync;
+
+    port = 5984;
+  in
+  {
+    options.modules.services.obsidian-livesync = {
+      enable = mkEnableOption "obsidian-livesync server";
+
+      domain = mkOption { type = types.str; };
+      realHost = mkOption { type = types.str; default = "obsidian-livesync.${cfg.domain}"; };
+    };
+
+    config = mkIf cfg.enable {
+      services.couchdb = {
+        enable = true;
+        configFile = "/var/lib/couchdb/config";
+
+        extraConfig = ''
+          [couchdb]
+          single_node=true
+          max_document_size = 50000000
+
+          [admins]
+          admin = please-change-me
+
+          [chttpd]
+          require_valid_user = true
+          max_http_request_size = 4294967296
+          enable_cors = true
+
+          [chttpd_auth]
+          require_valid_user = true
+          authentication_redirect = /_utils/session.html
+
+          [httpd]
+          WWW-Authenticate = Basic realm="couchdb"
+          bind_address = 127.0.0.1
+          port = ${toString port}
+
+          [cors]
+          origins = app://obsidian.md, capacitor://localhost, http://localhost
+          credentials = true
+          headers = accept, authorization, content-type, origin, referer
+          methods = GET,PUT,POST,HEAD,DELETE
+          max_age = 3600
+      '';
+    };
+
+    environment.persistence."/persist".directories = [
+      "/var/lib/couchdb"
+    ];
+
+    services.nginx.virtualHosts.${cfg.realHost} = {
+      useACMEHost = cfg.domain;
+      forceSSL = true;
+      locations."/".proxyPass = "http://localhost:${toString port}";
+    };
+  };
+}