about summary refs log tree commit diff stats
path: root/modules/by-name/at/atuin-sync/module.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/by-name/at/atuin-sync/module.nix')
-rw-r--r--modules/by-name/at/atuin-sync/module.nix45
1 files changed, 45 insertions, 0 deletions
diff --git a/modules/by-name/at/atuin-sync/module.nix b/modules/by-name/at/atuin-sync/module.nix
new file mode 100644
index 0000000..0db2e29
--- /dev/null
+++ b/modules/by-name/at/atuin-sync/module.nix
@@ -0,0 +1,45 @@
+{
+  config,
+  lib,
+  vhackPackages,
+  ...
+}: let
+  cfg = config.vhack.atuin-sync;
+in {
+  options.vhack.atuin-sync = {
+    enable = lib.mkEnableOption "atuin sync server";
+
+    fqdn = lib.mkOption {
+      description = "The fully qualified domain name of this instance.";
+      type = lib.types.str;
+      example = "atuin-sync.atuin.sh";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    vhack.nginx.enable = true;
+
+    services = {
+      nginx.virtualHosts."${cfg.fqdn}" = {
+        locations."/" = {
+          proxyPass = "http://127.0.0.1:${toString config.services.atuin.port}";
+          recommendedProxySettings = true;
+        };
+
+        enableACME = true;
+        forceSSL = true;
+      };
+
+      atuin = {
+        enable = true;
+        package = vhackPackages.atuin-server-only;
+        host = "127.0.0.1";
+
+        # Nobody knows about the fqdn and even if, they can only upload encrypted blobs.
+        openRegistration = true;
+
+        database.createLocally = true;
+      };
+    };
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-05 21:47:54 +0000