Spaenny/nix-config
Spaenny/nix-config
1
0
Fork 0
Code Activity

fix(linkwarden): disable public registration, setup NEXTAUTH URLs

Browse source
This commit is contained in:
Philipp 2025-07-03 11:29:36 +02:00
parent 9a9deb7c58
commit 751d47feea
Signed by: Philipp
GPG key ID: 9EBD8439AFBAB750
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/nixos/services/linkwarden/default.nix
View file

@ -5,7 +5,6 @@
namespace, namespace,
... ...
}: }:
let let
cfg = config.${namespace}.services.linkwarden; cfg = config.${namespace}.services.linkwarden;
isPostgresUnixSocket = lib.hasPrefix "/" cfg.database.host; isPostgresUnixSocket = lib.hasPrefix "/" cfg.database.host;
@ -44,8 +43,6 @@ in
description = "Directory used as cache. If it is not the default, the directory has to be created manually such that the linkwarden user is able to read and write to it."; description = "Directory used as cache. If it is not the default, the directory has to be created manually such that the linkwarden user is able to read and write to it.";
}; };
enableRegistration = mkEnableOption "registration for new users";
environment = mkOption { environment = mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.str;
default = { }; default = { };
@ -80,7 +77,7 @@ in
host = mkOption { host = mkOption {
type = types.str; type = types.str;
default = "127.0.0.1"; default = "0.0.0.0";
description = "The host that Linkwarden will listen on."; description = "The host that Linkwarden will listen on.";
}; };
@ -161,6 +158,7 @@ in
}; };
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
cfg.port
80 80
443 443
]; ];
@ -172,7 +170,9 @@ in
LINKWARDEN_PORT = toString cfg.port; LINKWARDEN_PORT = toString cfg.port;
LINKWARDEN_CACHE_DIR = cfg.cacheLocation; LINKWARDEN_CACHE_DIR = cfg.cacheLocation;
STORAGE_FOLDER = cfg.storageLocation; STORAGE_FOLDER = cfg.storageLocation;
NEXT_PUBLIC_DISABLE_REGISTRATION = mkIf (!cfg.enableRegistration) "true"; NEXT_PUBLIC_DISABLE_REGISTRATION = "true";
NEXTAUTH_URL = "https://link.boehm.sh";
NEXTAUTH_INTERNAL_URL = "https://link.boehm.sh";
DATABASE_URL = mkIf isPostgresUnixSocket "postgresql://${lib.strings.escapeURL cfg.database.user}@localhost/${lib.strings.escapeURL cfg.database.name}?host=${cfg.database.host}"; DATABASE_URL = mkIf isPostgresUnixSocket "postgresql://${lib.strings.escapeURL cfg.database.user}@localhost/${lib.strings.escapeURL cfg.database.name}?host=${cfg.database.host}";
DATABASE_PORT = toString cfg.database.port; DATABASE_PORT = toString cfg.database.port;
DATABASE_HOST = mkIf (!isPostgresUnixSocket) cfg.database.host; DATABASE_HOST = mkIf (!isPostgresUnixSocket) cfg.database.host;