pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / web-apps / trilium.nix
at 23.11-pre 4.1 kB view raw
1{ config, lib, pkgs, ... }: 2 3let 4 cfg = config.services.trilium-server; 5 configIni = pkgs.writeText "trilium-config.ini" '' 6 [General] 7 # Instance name can be used to distinguish between different instances 8 instanceName=${cfg.instanceName} 9 10 # Disable automatically generating desktop icon 11 noDesktopIcon=true 12 noBackup=${lib.boolToString cfg.noBackup} 13 noAuthentication=${lib.boolToString cfg.noAuthentication} 14 15 [Network] 16 # host setting is relevant only for web deployments - set the host on which the server will listen 17 host=${cfg.host} 18 # port setting is relevant only for web deployments, desktop builds run on random free port 19 port=${toString cfg.port} 20 # true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure). 21 https=false 22 ''; 23in 24{ 25 26 options.services.trilium-server = with lib; { 27 enable = mkEnableOption (lib.mdDoc "trilium-server"); 28 29 dataDir = mkOption { 30 type = types.str; 31 default = "/var/lib/trilium"; 32 description = lib.mdDoc '' 33 The directory storing the notes database and the configuration. 34 ''; 35 }; 36 37 instanceName = mkOption { 38 type = types.str; 39 default = "Trilium"; 40 description = lib.mdDoc '' 41 Instance name used to distinguish between different instances 42 ''; 43 }; 44 45 noBackup = mkOption { 46 type = types.bool; 47 default = false; 48 description = lib.mdDoc '' 49 Disable periodic database backups. 50 ''; 51 }; 52 53 noAuthentication = mkOption { 54 type = types.bool; 55 default = false; 56 description = lib.mdDoc '' 57 If set to true, no password is required to access the web frontend. 58 ''; 59 }; 60 61 host = mkOption { 62 type = types.str; 63 default = "127.0.0.1"; 64 description = lib.mdDoc '' 65 The host address to bind to (defaults to localhost). 66 ''; 67 }; 68 69 port = mkOption { 70 type = types.port; 71 default = 8080; 72 description = lib.mdDoc '' 73 The port number to bind to. 74 ''; 75 }; 76 77 nginx = mkOption { 78 default = {}; 79 description = lib.mdDoc '' 80 Configuration for nginx reverse proxy. 81 ''; 82 83 type = types.submodule { 84 options = { 85 enable = mkOption { 86 type = types.bool; 87 default = false; 88 description = lib.mdDoc '' 89 Configure the nginx reverse proxy settings. 90 ''; 91 }; 92 93 hostName = mkOption { 94 type = types.str; 95 description = lib.mdDoc '' 96 The hostname use to setup the virtualhost configuration 97 ''; 98 }; 99 }; 100 }; 101 }; 102 }; 103 104 config = lib.mkIf cfg.enable (lib.mkMerge [ 105 { 106 meta.maintainers = with lib.maintainers; [ fliegendewurst ]; 107 108 users.groups.trilium = {}; 109 users.users.trilium = { 110 description = "Trilium User"; 111 group = "trilium"; 112 home = cfg.dataDir; 113 isSystemUser = true; 114 }; 115 116 systemd.services.trilium-server = { 117 wantedBy = [ "multi-user.target" ]; 118 environment.TRILIUM_DATA_DIR = cfg.dataDir; 119 serviceConfig = { 120 ExecStart = "${pkgs.trilium-server}/bin/trilium-server"; 121 User = "trilium"; 122 Group = "trilium"; 123 PrivateTmp = "true"; 124 }; 125 }; 126 127 systemd.tmpfiles.rules = [ 128 "d ${cfg.dataDir} 0750 trilium trilium - -" 129 "L+ ${cfg.dataDir}/config.ini - - - - ${configIni}" 130 ]; 131 132 } 133 134 (lib.mkIf cfg.nginx.enable { 135 services.nginx = { 136 enable = true; 137 virtualHosts."${cfg.nginx.hostName}" = { 138 locations."/" = { 139 proxyPass = "http://${cfg.host}:${toString cfg.port}/"; 140 extraConfig = '' 141 proxy_http_version 1.1; 142 proxy_set_header Upgrade $http_upgrade; 143 proxy_set_header Connection 'upgrade'; 144 proxy_set_header Host $host; 145 proxy_cache_bypass $http_upgrade; 146 ''; 147 }; 148 extraConfig = '' 149 client_max_body_size 0; 150 ''; 151 }; 152 }; 153 }) 154 ]); 155}