32 lines
760 B
Nix
32 lines
760 B
Nix
{ config, common, secrets, ... }:
|
|
let
|
|
cfg = config.services.hedgedoc;
|
|
domain = common.subdomain "md";
|
|
in
|
|
{
|
|
services.hedgedoc = {
|
|
enable = true;
|
|
environmentFile = secrets."hedgedoc";
|
|
settings = {
|
|
inherit domain;
|
|
protocolUseSSL = true;
|
|
port = 4003;
|
|
|
|
db = { dialect = "sqlite"; storage = "/srv/hedgedoc/db.sqlite"; };
|
|
uploadsPath = "/srv/hedgedoc/uploads";
|
|
|
|
allowFreeURL = true;
|
|
requireFreeURLAuthentication = true;
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts.${domain} = common.nginx.ssl // {
|
|
locations."/" = {
|
|
proxyPass = "http://${cfg.settings.host}:${toString cfg.settings.port}";
|
|
};
|
|
};
|
|
|
|
systemd.services.hedgedoc.serviceConfig = {
|
|
ReadWritePaths = [ "-/srv/hedgedoc" ];
|
|
};
|
|
}
|