commit 5b4628049ee3551d76b8beae28df627847079f97 Author: striker Date: Fri May 8 04:50:18 2026 +0300 Initial Obsidian LiveSync (CouchDB) deployment - couchdb:3, bridge, 127.0.0.1:5984, journald - couchdb-config/local.ini с CORS для Obsidian (app://obsidian.md) - max_http_request_size 4 ГБ для больших vault-ов - .env и data/ исключены из git diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..9a10b40 --- /dev/null +++ b/.env.example @@ -0,0 +1,2 @@ +COUCHDB_USER=admin +COUCHDB_PASSWORD=change-me-to-strong-random-password diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..623b9ab --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +.env +data/ +*.log diff --git a/CLAUDE.md b/CLAUDE.md new file mode 100644 index 0000000..dfa9a35 --- /dev/null +++ b/CLAUDE.md @@ -0,0 +1,49 @@ +# CLAUDE.md — obsidian-livesync + +## Что +CouchDB для self-hosted Obsidian LiveSync на str-u-01 (45.10.53.148). Доступ через `obs.striker.su`. + +## Стек +- `couchdb:3` (Apache CouchDB) на `127.0.0.1:5984` +- bind-mount `./data` (БД), `./couchdb-config/local.ini` (CORS для Obsidian) +- `restart: unless-stopped`, healthcheck на `/_up` +- log-driver: journald + +## Структура +``` +obsidian-livesync/ +├── docker-compose.yml +├── couchdb-config/local.ini # CORS, max_http_request_size 4G +├── .env.example # шаблон, реальный .env только на сервере +├── .gitignore # исключает .env, data/ +├── README.md +└── CLAUDE.md +``` + +## Деплой +```bash +ssh striker@str-u-01.striker.su +cd /opt/docker/sites/obsidian-livesync +git pull +docker compose pull && docker compose up -d +``` + +## nginx +vhost: `/etc/nginx/conf.d/obs.striker.su` (ssl + reverse-proxy на 127.0.0.1:5984). +**Важно для CouchDB:** +- `proxy_set_header Host $host` (CouchDB чувствителен) +- `client_max_body_size 4G` (большие vault-ы) +- `proxy_buffering off` (long-poll changes feed) +- WebSocket headers (changes feed continuous) + +## Секреты +`.env` на сервере (не в git): `COUCHDB_USER` и `COUCHDB_PASSWORD`. Также скопированы в Vaultwarden (запись "obsidian-livesync str-u-01" / поиск). + +## Системные БД +После первого запуска CouchDB требует создать `_users`, `_replicator`, `_global_changes` через PUT (см. README). + +## Plugin Self-hosted LiveSync +- URI: `https://obs.striker.su` +- Auth: те же что в `.env` +- Database: любое имя (рекомендуется по vault-у, например `obsidian-main`) +- Use Custom Request Handler: **off** (не нужно — мы не на Cloudflare) diff --git a/README.md b/README.md new file mode 100644 index 0000000..9bb2359 --- /dev/null +++ b/README.md @@ -0,0 +1,40 @@ +# Obsidian LiveSync — str-u-01 + +Self-hosted CouchDB для плагина Obsidian LiveSync (`vrtmrz/obsidian-livesync`). + +## Стек +- **Image**: `couchdb:3` +- **Network**: bridge, биндинг `127.0.0.1:5984` +- **Публичный доступ**: nginx reverse-proxy на `obs.striker.su` с LE-сертификатом +- **Volume**: `./data:/opt/couchdb/data` (БД, в git не попадает) +- **Config**: `couchdb-config/local.ini` (CORS для Obsidian, max_http_request_size 4 ГБ) + +## Деплой + +```bash +ssh striker@str-u-01.striker.su +cd /opt/docker/sites/obsidian-livesync +git pull +docker compose pull +docker compose up -d +``` + +## Первый запуск + +1. Скопировать `.env.example` → `.env`, прописать сильный пароль для `COUCHDB_PASSWORD` +2. `docker compose up -d` +3. Создать системные БД CouchDB (нужно один раз): + ```bash + for db in _users _replicator _global_changes; do + curl -X PUT -u "$COUCHDB_USER:$COUCHDB_PASSWORD" http://127.0.0.1:5984/$db + done + ``` +4. В Obsidian → Settings → Community plugins → Self-hosted LiveSync: + - URI: `https://obs.striker.su` + - Username/Password: те же что в `.env` + - Database name: любое имя (по vault-у) + +## Доступ +- API: https://obs.striker.su (CouchDB REST) +- Fauxton UI: https://obs.striker.su/_utils/ +- Локально на сервере: http://127.0.0.1:5984 diff --git a/couchdb-config/local.ini b/couchdb-config/local.ini new file mode 100644 index 0000000..682fdd5 --- /dev/null +++ b/couchdb-config/local.ini @@ -0,0 +1,23 @@ +[couchdb] +single_node = true +max_document_size = 50000000 + +[chttpd] +require_valid_user = true +max_http_request_size = 4294967296 +enable_cors = true + +[chttpd_auth] +require_valid_user = true +authentication_redirect = /_utils/session.html + +[httpd] +WWW-Authenticate = Basic realm="couchdb" +enable_cors = true + +[cors] +origins = app://obsidian.md,capacitor://localhost,http://localhost +credentials = true +headers = accept, authorization, content-type, origin, referer +methods = GET, PUT, POST, HEAD, DELETE +max_age = 3600 diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..ce8c47b --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,23 @@ +services: + couchdb: + image: couchdb:3 + container_name: obsidian-livesync + restart: unless-stopped + ports: + - "127.0.0.1:5984:5984" + environment: + - COUCHDB_USER=${COUCHDB_USER} + - COUCHDB_PASSWORD=${COUCHDB_PASSWORD} + volumes: + - ./data:/opt/couchdb/data + - ./couchdb-config/local.ini:/opt/couchdb/etc/local.d/local.ini:ro + healthcheck: + test: ["CMD", "curl", "-fsS", "-u", "${COUCHDB_USER}:${COUCHDB_PASSWORD}", "http://127.0.0.1:5984/_up"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 30s + logging: + driver: journald + options: + tag: "{{.Name}}"