{ config, pkgs, lib, mkDomain, ... }: { # Cryptpad # A collaborative office suite that is end-to-end encrypted and open-source. # TODO: https://github.com/NixOS/nixpkgs/pull/180066 /**/ services.cryptpad = { #enable = true; # current node version used is marked insecure # reference: https://github.com/xwiki-labs/cryptpad/blob/main/config/config.example.js configFile = toFile "cryptpad-config.js" '' module.exports = { httpUnsafeOrigin: 'http://localhost:3457', httpSafeOrigin: 'https://${mkDomain "cryptpad"}', httpAddress: '127.0.0.1', httpPort: 3457, //adminKeys: [ // can be found on the settings page for registered users // "[cryptpad-user1@my.awesome.website/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]", //], // storage //inactiveTime: 90, // days //archiveRetentionTime: 15, // days //accountRetentionTime: 365, // days, default is never //maxUploadSize: 20 * 1024 * 1024, // bytes //premiumUploadSize: 100 * 1024 * 1024, // bytes, (users with a plan in their customLimit) filePath: './datastore/', archivePath: './data/archive', // recovery in the event of accidental deletion pinPath: './data/pins', // content stored indefinetly taskPath: './data/tasks', // scheduled tasks blockPath: './block', // users' authenticated blocks blobPath: './blob', // uploaded encrypted blobs blobStagingPath: './data/blobstage', // incomplete blobs decreePath: './data/decrees', // undocumented logPath: false, // logging of events, may be set to false logToStdout: true, logLevel: 'info', // silly, verbose, debug, feedback, info, warn, error logFeedback: false, // data collection verbose: false, // logging installMethod: 'nixpkgs', // telemetry for devs }; ''; }; services.nginx.virtualHosts.${mkDomain "cryptpad"} = lib.mkIf config.services.cryptpad.enable { forceSSL = true; # addSSL = true; enableACME = true; #useACMEHost = acmeDomain; locations."/" = { proxyPass = "http://127.0.0.1:3457"; proxyWebsockets = true; }; }; /**/ }