57 lines
1.5 KiB
Nix
57 lines
1.5 KiB
Nix
{config, ...}: {
|
|
# The secret that is placed here must take the following form in the
|
|
# unencrypted yaml for this to work as it's appended directly to the couchdb.ini
|
|
# configuration via systemd Env statements. The username and password are the
|
|
# user/pass in your livesync config in obsidian
|
|
|
|
# obsidian: |
|
|
# [admins]
|
|
# yourusernamehere = yourpasswordhere
|
|
|
|
sops.secrets.obsidian-livesync = {
|
|
owner = config.services.couchdb.user;
|
|
group = config.services.couchdb.group;
|
|
mode = "440";
|
|
};
|
|
|
|
services.couchdb = {
|
|
enable = true;
|
|
|
|
bindAddress = "0.0.0.0";
|
|
port = 5984;
|
|
|
|
configFile = config.sops.secrets.obsidian-livesync.path;
|
|
|
|
# https://github.com/vrtmrz/obsidian-livesync/blob/main/docs/setup_own_server.md#configure
|
|
extraConfig = {
|
|
chttpd = {
|
|
enable_cors = true;
|
|
max_http_request_size = "4294967296";
|
|
require_valid_user = true;
|
|
};
|
|
|
|
chttpd_auth = {
|
|
authentication_redirect = "/_utils/session.html";
|
|
require_valid_user = true;
|
|
};
|
|
|
|
cors = {
|
|
credentials = true;
|
|
headers = "accept, authorization, content-type, origin, referer";
|
|
max_age = "3600";
|
|
methods = "GET,PUT,POST,HEAD,DELETE";
|
|
origins = "app://obsidian.md, capacitor://localhost, http://localhost";
|
|
};
|
|
|
|
couchdb = {
|
|
max_document_size = "50000000";
|
|
single_node = true;
|
|
};
|
|
|
|
httpd = {
|
|
WWW-Authenticate = "Basic realm=\"couchdb\"";
|
|
enable_cors = true;
|
|
};
|
|
};
|
|
};
|
|
}
|