Bookstack

`services.bookstack.appKeyFile`

A file containing the Laravel APP_KEY - a 32 character long, base64 encoded key used for encryption where needed. Can be generated with head -c 32 /dev/urandom | base64.

Type: path

Example

"/run/keys/bookstack-appkey"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.appURL`

The root URL that you want to host BookStack on. All URLs in BookStack will be generated using this value. If you change this in the future you may need to run a command to update stored URLs in the database. Command example: php artisan bookstack:update-url https://old.example.com https://new.example.com

Type: string

Default

"http\${lib.optionalString tlsEnabled \"s\"}://\${cfg.hostname}"

Example

"https://example.com"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.config`

BookStack configuration options to set in the {file}.env file.

Refer to https://www.bookstackapp.com/docs/ for details on supported values.

Settings containing secret data should be set to an attribute set containing the attribute _secret - a string pointing to a file containing the value the option should be set to. See the example to get a better picture of this: in the resulting {file}.env file, the OIDC_CLIENT_SECRET key will be set to the contents of the {file}/run/keys/oidc_secret file.

Type: attribute set of (null or boolean or signed integer or 16 bit unsigned integer; between 0 and 65535 (both inclusive) or path or string or (submodule))

Default

{ }

Example

{ALLOWED_IFRAME_HOSTS = "https://example.com";WKHTMLTOPDF = "/home/user/bins/wkhtmltopdf";AUTH_METHOD = "oidc";OIDC_NAME = "MyLogin";OIDC_DISPLAY_NAME_CLAIMS = "name";OIDC_CLIENT_ID = "bookstack";OIDC_CLIENT_SECRET = {_secret = "/run/keys/oidc_secret"};OIDC_ISSUER = "https://keycloak.example.com/auth/realms/My%20Realm";OIDC_ISSUER_DISCOVER = true;}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.dataDir`

BookStack data directory Type: path

Default

"/var/lib/bookstack"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.database.createLocally`

Create the database and database user locally. Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.database.host`

Database host address. Type: string

Default

"localhost"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.database.name`

Database name. Type: string

Default

"bookstack"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.database.passwordFile`

A file containing the password corresponding to {option}database.user.

Type: null or path

Default

null

Example

"/run/keys/bookstack-dbpassword"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.database.port`

Database host port. Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

3306

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.database.user`

Database username. Type: string

Default

user

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.enable`

Whether to enable BookStack. Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.group`

Group bookstack runs as. Type: string

Default

"bookstack"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.hostname`

The hostname to serve BookStack on.

Type: string

Default

config.networking.fqdnOrHostName

Example

"bookstack.example.com"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.driver`

Mail driver to use. Type: one of "smtp", "sendmail"

Default

"smtp"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.encryption`

SMTP encryption mechanism to use. Type: null or value "tls" (singular enum)

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.from`

Mail "from" email. Type: string

Default

"mail@bookstackapp.com"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.fromName`

Mail "from" name. Type: string

Default

"BookStack"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.host`

Mail host address. Type: string

Default

"localhost"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.passwordFile`

A file containing the password corresponding to {option}mail.user.

Type: null or path

Default

null

Example

"/run/keys/bookstack-mailpassword"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.port`

Mail host port. Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

1025

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.mail.user`

Mail username. Type: null or string

Default

null

Example

"bookstack"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.maxUploadSize`

The maximum size for uploads (e.g. images). Type: string

Default

"18M"

Example

"1G"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx`

With this option, you can customize the nginx virtualHost settings.

Type: submodule

Default

{ }

Example

{serverAliases = ["bookstack.${config.networking.domain}"];# To enable encryption and let let's encrypt take care of certificateforceSSL = true;enableACME = true;}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.acmeFallbackHost`

Host which to proxy requests to if ACME challenge is not found. Useful if you want multiple hosts to be able to verify the same domain name.

With this option, you could request certificates for the present domain with an ACME client that is running on another host, which you would specify here.

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.acmeRoot`

Directory for the ACME challenge, which is public. Don't put certs or keys in here. Set to null to inherit from config.security.acme.

Type: null or string

Default

"/var/lib/acme/acme-challenge"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.addSSL`

Whether to enable HTTPS in addition to plain HTTP. This will set defaults for listen to listen on all interfaces on the respective default ports (80, 443).

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.basicAuth`

Basic Auth protection for a vhost.

WARNING: This is implemented to store the password in plain text in the Nix store.

Type: attribute set of string

Default

{ }

Example

{user = "password";};

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.basicAuthFile`

Basic Auth password file for a vhost. Can be created via: {command}htpasswd -c <filename> <username>.

WARNING: The generate file contains the users' passwords in a non-cryptographically-securely hashed way.

Type: null or path

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.default`

Makes this vhost the default.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.enableACME`

Whether to ask Let's Encrypt to sign a certificate for this vhost. Alternately, you can use an existing certificate through {option}useACMEHost.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.extraConfig`

These lines go to the end of the vhost verbatim.

Type: strings concatenated with "\n"

Default

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.forceSSL`

Whether to add a separate nginx server block that redirects (defaults to 301, configurable with redirectCode) all plain HTTP traffic to HTTPS. This will set defaults for listen to listen on all interfaces on the respective default ports (80, 443), where the non-SSL listens are used for the redirect vhosts.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.globalRedirect`

If set, all requests for this host are redirected (defaults to 301, configurable with redirectCode) to the given hostname.

Type: null or string

Default

null

Example

"newserver.example.org"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.http2`

Whether to enable the HTTP/2 protocol. Note that (as of writing) due to nginx's implementation, to disable HTTP/2 you have to disable it on all vhosts that use a given IP address / port. If there is one server block configured to enable http2, then it is enabled for all server blocks on this IP. See https://stackoverflow.com/a/39466948/263061.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.http3`

Whether to enable the HTTP/3 protocol. This requires using pkgs.nginxQuic package which can be achieved by setting services.nginx.package = pkgs.nginxQuic; and activate the QUIC transport protocol services.nginx.virtualHosts.<name>.quic = true;. Note that HTTP/3 support is experimental and not yet recommended for production. Read more at https://quic.nginx.org/ HTTP/3 availability must be manually advertised, preferably in each location block.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.http3_hq`

Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests. This requires using pkgs.nginxQuic package which can be achieved by setting services.nginx.package = pkgs.nginxQuic; and activate the QUIC transport protocol services.nginx.virtualHosts.<name>.quic = true;. Note that special application protocol support is experimental and not yet recommended for production. Read more at https://quic.nginx.org/

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.kTLS`

Whether to enable kTLS support. Implementing TLS in the kernel (kTLS) improves performance by significantly reducing the need for copying operations between user space and the kernel. Required Nginx version 1.21.4 or later.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.listen`

Listen addresses and ports for this virtual host. IPv6 addresses must be enclosed in square brackets. Note: this option overrides addSSL and onlySSL.

If you only want to set the addresses manually and not the ports, take a look at listenAddresses.

Type: list of (submodule)

Default

[ ]

Example

[{addr = "195.154.1.1";port = 443;ssl = true;}{addr = "192.154.1.1";port = 80;}{addr = "unix:/var/run/nginx.sock";}]

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.listen.*.addr`

Listen address. Type: string

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.listen.*.extraParameters`

Extra parameters of this listen directive. Type: list of string

Default

[ ]

Example

["backlog=1024""deferred"]

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.listen.*.port`

Port number to listen on. If unset and the listen address is not a socket then nginx defaults to 80.

Type: null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.listen.*.proxyProtocol`

Enable PROXY protocol. Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.listen.*.ssl`

Enable SSL. Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.listenAddresses`

Listen addresses for this virtual host. Compared to listen this only sets the addresses and the ports are chosen automatically.

Note: This option overrides enableIPv6

Type: list of string

Default

[ ]

Example

["127.0.0.1""[::1]"]

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations`

Declarative location config Type: attribute set of (submodule)

Default

{ }

Example

{"/" = {proxyPass = "http://localhost:3000";};};

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.alias`

Alias directory for requests.

Type: null or path

Default

null

Example

"/your/alias/directory"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.basicAuth`

Basic Auth protection for a vhost.

WARNING: This is implemented to store the password in plain text in the Nix store.

Type: attribute set of string

Default

{ }

Example

{user = "password";};

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.basicAuthFile`

Basic Auth password file for a vhost. Can be created via: {command}htpasswd -c <filename> <username>.

WARNING: The generate file contains the users' passwords in a non-cryptographically-securely hashed way.

Type: null or path

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.extraConfig`

These lines go to the end of the location verbatim.

Type: strings concatenated with "\n"

Default

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.fastcgiParams`

FastCGI parameters to override. Unlike in the Nginx configuration file, overriding only some default parameters won't unset the default values for other parameters.

Type: attribute set of (string or path)

Default

{ }

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.index`

Adds index directive.

Type: null or string

Default

null

Example

"index.php index.html"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.priority`

Order of this location block in relation to the others in the vhost. The semantics are the same as with lib.mkOrder. Smaller values have a greater priority.

Type: signed integer

Default

1000

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.proxyPass`

Adds proxy_pass directive and sets recommended proxy headers if recommendedProxySettings is enabled.

Type: null or string

Default

null

Example

"http://www.example.org/"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.proxyWebsockets`

Whether to support proxying websocket connections with HTTP/1.1.

Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.recommendedProxySettings`

Enable recommended proxy settings.

Type: boolean

Default

config.services.nginx.recommendedProxySettings

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.return`

Adds a return directive, for e.g. redirections.

Type: null or string or signed integer

Default

null

Example

"301 http://example.com$request_uri"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.root`

Root directory for requests.

Type: null or path

Default

null

Example

"/your/root/directory"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.locations.<name>.tryFiles`

Adds try_files directive.

Type: null or string

Default

null

Example

"$uri =404"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.onlySSL`

Whether to enable HTTPS and reject plain HTTP connections. This will set defaults for listen to listen on all interfaces on port 443.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.quic`

Whether to enable the QUIC transport protocol. This requires using pkgs.nginxQuic package which can be achieved by setting services.nginx.package = pkgs.nginxQuic;. Note that QUIC support is experimental and not yet recommended for production. Read more at https://quic.nginx.org/

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.redirectCode`

HTTP status used by globalRedirect and forceSSL. Possible usecases include temporary (302, 307) redirects, keeping the request method and body (307, 308), or explicitly resetting the method to GET (303). See https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections.

Type: integer between 300 and 399 (both inclusive)

Default

301

Example

308

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.rejectSSL`

Whether to listen for and reject all HTTPS connections to this vhost. Useful in default server blocks to avoid serving the certificate for another vhost. Uses the ssl_reject_handshake directive available in nginx versions 1.19.4 and above.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.reuseport`

Create an individual listening socket . It is required to specify only once on one of the hosts.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.root`

The path of the web root directory.

Type: null or path

Default

null

Example

"/data/webserver/docs"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.serverAliases`

Additional names of virtual hosts served by this virtual host configuration.

Type: list of string

Default

[ ]

Example

["www.example.org""example.org"]

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.serverName`

Name of this virtual host. Defaults to attribute name in virtualHosts.

Type: null or string

Default

null

Example

"example.org"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.sslCertificate`

Path to server SSL certificate. Type: path

Example

"/var/host.cert"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.sslCertificateKey`

Path to server SSL certificate key. Type: path

Example

"/var/host.key"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.sslTrustedCertificate`

Path to root SSL certificate for stapling and client certificates. Type: null or path

Default

null

Example

"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/web-apps/bookstack.nix

`services.bookstack.nginx.useACMEHost`

A host of an existing Let's Encrypt certificate to use. This is useful if you have many subdomains and want to avoid hitting the rate limit. Alternately, you can generate a certificate through {option}enableACME. Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using .

Type: null or string