NixOS/system/services/couchdb.nix

63 lines
1.4 KiB
Nix
Raw Normal View History

{
config,
lib,
pkgs,
...
}:
2024-09-24 11:29:00 +07:00
let
cfg = config.profile.services.couchdb;
inherit (lib) mkIf;
in
{
config = mkIf cfg.enable {
sops = {
secrets =
let
opts = {
sopsFile = ../../secrets/couchdb.yaml;
2024-09-24 11:29:00 +07:00
};
in
{
"couchdb/admin/username" = opts;
"couchdb/admin/password" = opts;
};
templates."couchdb.ini" = {
content = builtins.readFile (
(pkgs.formats.ini { }).generate "couchdb.ini" {
admins = {
${config.sops.placeholder."couchdb/admin/username"} =
config.sops.placeholder."couchdb/admin/password";
};
chttpd = {
require_valid_user = true;
max_http_request_size = 4294967296;
};
chttpd_auth = {
require_valid_user = true;
};
httpd = {
WWW-Authenticate = ''Basic realm="couchdb"'';
enable_cors = true;
};
couchdb = {
max_document_size = 50 * 1000 * 1000;
};
cors = {
credentials = true;
origin = "*";
};
}
);
2024-09-24 11:29:00 +07:00
owner = config.services.couchdb.user;
};
};
2024-11-24 21:49:24 +07:00
# Have to NGINX module if this gets re-enabled
2024-09-24 11:29:00 +07:00
services.couchdb = {
enable = true;
configFile = config.sops.templates."couchdb.ini".path;
};
};
}