Commit 391bda9e authored by TheWanderingCrow's avatar TheWanderingCrow
Browse files

nixos/trilium-server: add option for environment file 

The server component of trilium allows for OAuth to be configured.
Ideally secrets shouldn't be loaded in the nix store so this would allow
for an environment file to be passed in via sops/agenix/ect
parent 9c54fa8e

nixos/modules/services/web-apps/trilium.nix

+11 −0
Original line number Diff line number Diff line
@@ -41,6 +41,16 @@ in 
      '';

    };



    environmentFile = mkOption {

      type = types.nullOr types.path;

      default = null;

      example = "/secrets/trilium.env";

      description = ''

        File to load as the environment file. This allows you to pass secrets in without writing

        to the nix store.

      '';

    };



    instanceName = mkOption {

      type = types.str;

      default = "Trilium";
@@ -126,6 +136,7 @@ in 
          environment.TRILIUM_DATA_DIR = cfg.dataDir;

          serviceConfig = {

            ExecStart = lib.getExe cfg.package;

            EnvironmentFile = cfg.environmentFile;

            User = "trilium";

            Group = "trilium";

            PrivateTmp = "true";