main
1{ pkgs, ... }:
2{
3 # Linkwarden - Self-hosted collaborative bookmark manager
4 # https://linkwarden.app/
5 #
6 # Replacement for Omnivore (which shut down in November 2024)
7 # Features: Full-page preservation, reader view, annotations, AI tagging
8
9 services.linkwarden = {
10 enable = true;
11
12 # Network configuration
13 host = "0.0.0.0";
14 port = 3002;
15
16 # Storage
17 storageLocation = "/var/lib/linkwarden";
18 cacheLocation = "/var/cache/linkwarden";
19
20 # Database (auto-configured PostgreSQL)
21 database = {
22 createLocally = true;
23 name = "linkwarden";
24 user = "linkwarden";
25 };
26
27 # Allow user registration
28 enableRegistration = true;
29
30 # Secret files
31 # TODO: Move to agenix for production
32 secretFiles.NEXTAUTH_SECRET = "${pkgs.writeText "nextauth-secret" ''
33 changeme-replace-with-agenix-secret-in-production
34 ''}";
35
36 # Environment variables
37 environment = {
38 PAGINATION_TAKE_COUNT = "24";
39 AUTOSCROLL_TIMEOUT = "30";
40 RE_ARCHIVE_LIMIT = "5";
41 # STORAGE_FOLDER is set automatically by the module
42 # Disable telemetry for privacy
43 NEXT_PUBLIC_DISABLE_REGISTRATION = "false";
44 };
45 };
46
47 # Ensure PostgreSQL is configured
48 services.postgresql = {
49 ensureDatabases = [ "linkwarden" ];
50 ensureUsers = [
51 {
52 name = "linkwarden";
53 ensureDBOwnership = true;
54 }
55 ];
56 };
57
58 # Open firewall for local access (Traefik will proxy)
59 networking.firewall.allowedTCPPorts = [ 3002 ];
60}