pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / web-apps / trilium.nix
at 25.11-pre 4.2 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7 8let 9 cfg = config.services.trilium-server; 10 configIni = pkgs.writeText "trilium-config.ini" '' 11 [General] 12 # Instance name can be used to distinguish between different instances 13 instanceName=${cfg.instanceName} 14 15 # Disable automatically generating desktop icon 16 noDesktopIcon=true 17 noBackup=${lib.boolToString cfg.noBackup} 18 noAuthentication=${lib.boolToString cfg.noAuthentication} 19 20 [Network] 21 # host setting is relevant only for web deployments - set the host on which the server will listen 22 host=${cfg.host} 23 # port setting is relevant only for web deployments, desktop builds run on random free port 24 port=${toString cfg.port} 25 # true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure). 26 https=false 27 ''; 28in 29{ 30 31 options.services.trilium-server = with lib; { 32 enable = mkEnableOption "trilium-server"; 33 34 package = mkPackageOption pkgs "trilium-server" { }; 35 36 dataDir = mkOption { 37 type = types.str; 38 default = "/var/lib/trilium"; 39 description = '' 40 The directory storing the notes database and the configuration. 41 ''; 42 }; 43 44 instanceName = mkOption { 45 type = types.str; 46 default = "Trilium"; 47 description = '' 48 Instance name used to distinguish between different instances 49 ''; 50 }; 51 52 noBackup = mkOption { 53 type = types.bool; 54 default = false; 55 description = '' 56 Disable periodic database backups. 57 ''; 58 }; 59 60 noAuthentication = mkOption { 61 type = types.bool; 62 default = false; 63 description = '' 64 If set to true, no password is required to access the web frontend. 65 ''; 66 }; 67 68 host = mkOption { 69 type = types.str; 70 default = "127.0.0.1"; 71 description = '' 72 The host address to bind to (defaults to localhost). 73 ''; 74 }; 75 76 port = mkOption { 77 type = types.port; 78 default = 8080; 79 description = '' 80 The port number to bind to. 81 ''; 82 }; 83 84 nginx = mkOption { 85 default = { }; 86 description = '' 87 Configuration for nginx reverse proxy. 88 ''; 89 90 type = types.submodule { 91 options = { 92 enable = mkOption { 93 type = types.bool; 94 default = false; 95 description = '' 96 Configure the nginx reverse proxy settings. 97 ''; 98 }; 99 100 hostName = mkOption { 101 type = types.str; 102 description = '' 103 The hostname use to setup the virtualhost configuration 104 ''; 105 }; 106 }; 107 }; 108 }; 109 }; 110 111 meta.maintainers = with lib.maintainers; [ fliegendewurst ]; 112 113 config = lib.mkIf cfg.enable ( 114 lib.mkMerge [ 115 { 116 users.groups.trilium = { }; 117 users.users.trilium = { 118 description = "Trilium User"; 119 group = "trilium"; 120 home = cfg.dataDir; 121 isSystemUser = true; 122 }; 123 124 systemd.services.trilium-server = { 125 wantedBy = [ "multi-user.target" ]; 126 environment.TRILIUM_DATA_DIR = cfg.dataDir; 127 serviceConfig = { 128 ExecStart = lib.getExe cfg.package; 129 User = "trilium"; 130 Group = "trilium"; 131 PrivateTmp = "true"; 132 }; 133 }; 134 135 systemd.tmpfiles.rules = [ 136 "d ${cfg.dataDir} 0750 trilium trilium - -" 137 "L+ ${cfg.dataDir}/config.ini - - - - ${configIni}" 138 ]; 139 140 } 141 142 (lib.mkIf cfg.nginx.enable { 143 services.nginx = { 144 enable = true; 145 virtualHosts."${cfg.nginx.hostName}" = { 146 locations."/" = { 147 proxyPass = "http://${cfg.host}:${toString cfg.port}/"; 148 extraConfig = '' 149 proxy_http_version 1.1; 150 proxy_set_header Upgrade $http_upgrade; 151 proxy_set_header Connection 'upgrade'; 152 proxy_set_header Host $host; 153 proxy_cache_bypass $http_upgrade; 154 ''; 155 }; 156 extraConfig = '' 157 client_max_body_size 0; 158 ''; 159 }; 160 }; 161 }) 162 ] 163 ); 164}