From bd7e1766714f4c25a34a1a121ba1ef0b8887840b Mon Sep 17 00:00:00 2001
From: satr14 <admin@satr14.my.id>
Date: Wed, 29 Apr 2026 19:00:06 +0700
Subject: [PATCH] cryptpad config

---
 modules/system/homelab/docs.nix | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/modules/system/homelab/docs.nix b/modules/system/homelab/docs.nix
index 849e23d..a82219c 100644
--- a/modules/system/homelab/docs.nix
+++ b/modules/system/homelab/docs.nix
@@ -1,15 +1,30 @@
 { homelab, ... }: let
   domain = "docs.${homelab.domain}";
+  sandbox = "docs-sandbox.${homelab.domain}";
+  data-dir = "/mnt/data/apps/cryptpad";
 in {
   services.cryptpad = {
     enable = true;
     settings = {
       httpPort = 7090;
-      websocketPort = 7080;
+      httpAddress = "127.0.0.1";
       httpUnsafeOrigin = "https://${domain}";
-      httpSafeOrigin = "https://${domain}";
+      httpSafeOrigin = "https://${sandbox}";
       blockDailyCheck = true;
       disableIntegratedEviction = true;
+      archivePath = "${data-dir}/archive";
+      pinPath = "${data-dir}/pins";
+      taskPath = "${data-dir}/tasks";
+      blockPath = "${data-dir}/block";
+      blobPath = "${data-dir}/blob";
+      blobStagingPath = "${data-dir}/blobstage";
+      decreePath = "${data-dir}/decrees";
+      logPath = "${data-dir}/logs";
     };
   };
+  
+  systemd.services.cryptpad.serviceConfig = {
+    ReadWritePaths = [ data-dir ];
+    ProtectMountPoints = false;
+  };
 }
\ No newline at end of file