aylac.top / nixcfg-own-knot
forked from aylac.top/nixcfg
this repo has no description
fork atom
nixcfg-own-knot / modules / nixos / services / couchdb / default.nix
at ecad271fba0dc74a1cabb4b597ebb115e682604a 1.7 kB view raw
1{ 2 config, 3 lib, 4 ... 5}: let 6 name = "couchdb"; 7 cfg = config.myNixOS.services.${name}; 8 9 network = config.mySnippets.tailnet; 10 service = network.networkMap.${name}; 11in { 12 options.myNixOS.services.${name} = { 13 enable = lib.mkEnableOption "${name} server"; 14 autoProxy = lib.mkOption { 15 default = true; 16 example = false; 17 description = "${name} auto proxy"; 18 type = lib.types.bool; 19 }; 20 }; 21 22 config = lib.mkIf cfg.enable { 23 services = { 24 caddy.virtualHosts."${service.vHost}".extraConfig = lib.mkIf cfg.autoProxy '' 25 bind tailscale/${name} 26 encode zstd gzip 27 reverse_proxy ${service.hostName}:${toString service.port} 28 ''; 29 30 couchdb = { 31 inherit (service) port; 32 enable = true; 33 bindAddress = "0.0.0.0"; 34 35 extraConfig = { 36 couchdb = { 37 single_node = true; 38 max_document_size = 50000000; 39 }; 40 41 chttpd = { 42 require_valid_user = true; 43 max_http_request_size = 4294967296; 44 enable_cors = true; 45 }; 46 47 chttpd_auth = { 48 require_valid_user = true; 49 authentication_redirect = "/_utils/session.html"; 50 }; 51 52 httpd = { 53 enable_cors = true; 54 "WWW-Authenticate" = "Basic realm=\"couchdb\""; 55 bind_address = "0.0.0.0"; 56 }; 57 58 cors = { 59 origins = "app://obsidian.md,capacitor://localhost,http://localhost"; 60 credentials = true; 61 headers = "accept, authorization, content-type, origin, referer"; 62 methods = "GET,PUT,POST,HEAD,DELETE"; 63 max_age = 3600; 64 }; 65 }; 66 }; 67 }; 68 }; 69}