blob: 189d92f72f2e0926d00855316415ed07b2132f16 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
{ config, lib, ... }:
with lib;
let
cfg = config.modules.services.obsidian-livesync;
port = 5984;
in
{
options.modules.services.obsidian-livesync = {
enable = mkEnableOption "obsidian-livesync server";
domain = mkOption { type = types.str; };
realHost = mkOption { type = types.str; default = "obsidian-livesync.${cfg.domain}"; };
};
config = mkIf cfg.enable {
services.couchdb = {
enable = true;
configFile = "/var/lib/couchdb/config";
extraConfig = ''
[couchdb]
single_node=true
max_document_size = 50000000
[admins]
admin = please-change-me
[chttpd]
require_valid_user = true
max_http_request_size = 4294967296
enable_cors = true
[chttpd_auth]
require_valid_user = true
authentication_redirect = /_utils/session.html
[httpd]
WWW-Authenticate = Basic realm="couchdb"
bind_address = 127.0.0.1
port = ${toString port}
[cors]
origins = app://obsidian.md, capacitor://localhost, http://localhost
credentials = true
headers = accept, authorization, content-type, origin, referer
methods = GET,PUT,POST,HEAD,DELETE
max_age = 3600
'';
};
modules.persistence.directories = [
"/var/lib/couchdb"
];
services.nginx.virtualHosts.${cfg.realHost} = {
useACMEHost = cfg.domain;
forceSSL = true;
locations."/".proxyPass = "http://localhost:${toString port}";
};
};
}
|
