| blob | 42b0a16827c3e838627898abd02fce45381fd368 |
1 { config, lib, pkgs, ... }:
3 let
4 cfg = config.services.trilium-server;
5 configIni = pkgs.writeText "trilium-config.ini" ''
6 [General]
7 # Instance name can be used to distinguish between different instances
8 instanceName=${cfg.instanceName}
10 # Disable automatically generating desktop icon
11 noDesktopIcon=true
12 noBackup=${lib.boolToString cfg.noBackup}
13 noAuthentication=${lib.boolToString cfg.noAuthentication}
15 [Network]
16 # host setting is relevant only for web deployments - set the host on which the server will listen
17 host=${cfg.host}
18 # port setting is relevant only for web deployments, desktop builds run on random free port
19 port=${toString cfg.port}
20 # true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure).
21 https=false
22 '';
23 in
24 {
26 options.services.trilium-server = with lib; {
27 enable = mkEnableOption "trilium-server";
29 dataDir = mkOption {
30 type = types.str;
31 default = "/var/lib/trilium";
32 description = ''
33 The directory storing the notes database and the configuration.
34 '';
35 };
37 instanceName = mkOption {
38 type = types.str;
39 default = "Trilium";
40 description = ''
41 Instance name used to distinguish between different instances
42 '';
43 };
45 noBackup = mkOption {
46 type = types.bool;
47 default = false;
48 description = ''
49 Disable periodic database backups.
50 '';
51 };
53 noAuthentication = mkOption {
54 type = types.bool;
55 default = false;
56 description = ''
57 If set to true, no password is required to access the web frontend.
58 '';
59 };
61 host = mkOption {
62 type = types.str;
63 default = "127.0.0.1";
64 description = ''
65 The host address to bind to (defaults to localhost).
66 '';
67 };
69 port = mkOption {
70 type = types.port;
71 default = 8080;
72 description = ''
73 The port number to bind to.
74 '';
75 };
77 nginx = mkOption {
78 default = {};
79 description = ''
80 Configuration for nginx reverse proxy.
81 '';
83 type = types.submodule {
84 options = {
85 enable = mkOption {
86 type = types.bool;
87 default = false;
88 description = ''
89 Configure the nginx reverse proxy settings.
90 '';
91 };
93 hostName = mkOption {
94 type = types.str;
95 description = ''
96 The hostname use to setup the virtualhost configuration
97 '';
98 };
99 };
100 };
101 };
102 };
104 config = lib.mkIf cfg.enable (lib.mkMerge [
105 {
106 meta.maintainers = with lib.maintainers; [ fliegendewurst ];
108 users.groups.trilium = {};
109 users.users.trilium = {
110 description = "Trilium User";
111 group = "trilium";
112 home = cfg.dataDir;
113 isSystemUser = true;
114 };
116 systemd.services.trilium-server = {
117 wantedBy = [ "multi-user.target" ];
118 environment.TRILIUM_DATA_DIR = cfg.dataDir;
119 serviceConfig = {
120 ExecStart = "${pkgs.trilium-server}/bin/trilium-server";
121 User = "trilium";
122 Group = "trilium";
123 PrivateTmp = "true";
124 };
125 };
127 systemd.tmpfiles.rules = [
128 "d ${cfg.dataDir} 0750 trilium trilium - -"
129 "L+ ${cfg.dataDir}/config.ini - - - - ${configIni}"
130 ];
132 }
134 (lib.mkIf cfg.nginx.enable {
135 services.nginx = {
136 enable = true;
137 virtualHosts."${cfg.nginx.hostName}" = {
138 locations."/" = {
139 proxyPass = "http://${cfg.host}:${toString cfg.port}/";
140 extraConfig = ''
141 proxy_http_version 1.1;
142 proxy_set_header Upgrade $http_upgrade;
143 proxy_set_header Connection 'upgrade';
144 proxy_set_header Host $host;
145 proxy_cache_bypass $http_upgrade;
146 '';
147 };
148 extraConfig = ''
149 client_max_body_size 0;
150 '';
151 };
152 };
153 })
154 ]);
155 }