From c97347e7605eda29070651a66cb5cab68f7c72d5 Mon Sep 17 00:00:00 2001
From: thiloho <123883702+thiloho@users.noreply.github.com>
Date: Thu, 30 Jan 2025 00:16:50 +0100
Subject: [PATCH] Update Nix module

---
 flake.nix      |  2 +-
 nix/module.nix | 22 +++++++++++++---------
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/flake.nix b/flake.nix
index 303b6e1..711b492 100644
--- a/flake.nix
+++ b/flake.nix
@@ -36,7 +36,7 @@
             '';
           };
           web = pkgs.mkShell {
-            packages = with pkgs; [ nodejs_22 ];
+            packages = with pkgs; [ nodejs ];
             shellHook = ''
               export PLAYWRIGHT_BROWSERS_PATH=${pkgs.playwright-driver.browsers}
               export PLAYWRIGHT_SKIP_VALIDATE_HOST_REQUIREMENTS=true
diff --git a/nix/module.nix b/nix/module.nix
index 9d3089c..14b8e43 100644
--- a/nix/module.nix
+++ b/nix/module.nix
@@ -179,7 +179,7 @@ in
               -c "ALTER DATABASE ${cfg.databaseName} SET \"app.website_max_storage_size\" TO ${toString cfg.settings.maxWebsiteStorageSize}" \
               -c "ALTER DATABASE ${cfg.databaseName} SET \"app.website_max_number_user\" TO ${toString cfg.settings.maxUserWebsites}"
 
-            ${lib.getExe pkgs.dbmate} --url ${dbUrl "postgres"}?sslmode=disable --migrations-dir ${cfg.package}/rest-api/db/migrations up
+            ${lib.getExe pkgs.dbmate} --url "${dbUrl "postgres"}&sslmode=disable" --migrations-dir ${cfg.package}/rest-api/db/migrations up
 
             PGRST_SERVER_CORS_ALLOWED_ORIGINS="https://${cfg.domain}" \
             PGRST_ADMIN_SERVER_PORT=${toString cfg.apiAdminPort} \
@@ -216,13 +216,16 @@ in
           PORT = toString cfg.webAppPort;
         };
 
-        script = "${lib.getExe pkgs.nodejs_22} ${cfg.package}/web-app";
+        script = "${lib.getExe pkgs.nodejs} ${cfg.package}/web-app";
       };
 
       services.postgresql = {
         enable = true;
         ensureDatabases = [ cfg.databaseName ];
         extensions = ps: with ps; [ pgjwt ];
+        authentication = lib.mkOverride 11 ''
+          local all all trust
+        '';
       };
 
       systemd.services.postgresql = {
@@ -243,16 +246,17 @@ in
         recommendedZstdSettings = true;
         recommendedOptimisation = true;
 
+        appendHttpConfig = ''
+          map $http_cookie $archtika_auth_header {
+            default "";
+            "~*session_token=([^;]+)" "Bearer $1";
+          }
+        '';
+
         virtualHosts = {
           "${cfg.domain}" = {
             useACMEHost = cfg.domain;
             forceSSL = true;
-            extraConfig = ''
-              map $http_cookie $auth_header {
-                default "";
-                "~*session_token=([^;]+)" "Bearer $1";
-              }
-            '';
             locations = {
               "/" = {
                 proxyPass = "http://127.0.0.1:${toString cfg.webAppPort}";
@@ -266,7 +270,7 @@ in
                 proxyPass = "http://127.0.0.1:${toString cfg.apiPort}/rpc/export_articles_zip";
                 extraConfig = ''
                   default_type application/json;
-                  proxy_set_header Authorization $auth_header;
+                  proxy_set_header Authorization $archtika_auth_header;
                 '';
               };
               "/api/" = {