From e54d7373d8db8c3ebf56fc091d53c8368a812f36 Mon Sep 17 00:00:00 2001
From: eyjhb <eyjhbb@gmail.com>
Date: Sat, 24 Aug 2024 21:38:37 +0200
Subject: [PATCH] gerd.hedgedoc: switched to use postgresql instead of sqlite

---
 machines/gerd/services/hedgedoc.nix | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/machines/gerd/services/hedgedoc.nix b/machines/gerd/services/hedgedoc.nix
index 596b6d7..85ec8e7 100644
--- a/machines/gerd/services/hedgedoc.nix
+++ b/machines/gerd/services/hedgedoc.nix
@@ -4,6 +4,8 @@ let
   svc_domain = "hedgedoc.${config.mine.shared.settings.domain}";
 
   stateDir = config.mine.zfsMounts."rpool/safe/svcs/hedgedoc";
+
+  hedgedoc_user = config.users.users.hedgedoc.name;
 in {
   services.hedgedoc = {
     enable = true;
@@ -14,8 +16,11 @@ in {
       protocolUseSSL = true;
       debug = true;
       uploadsPath = stateDir + "/uploads";
-      db.dialect = "sqlite";
-      db.storage = stateDir + "/db.sqlite";
+
+      db = {
+        dialect = "postgresql";
+        host = "/run/postgresql";
+      };
 
       # disable annonymous notes, but allow annonymous edits
       allowAnonymous = false;
@@ -44,6 +49,15 @@ in {
   systemd.services.hedgedoc.serviceConfig.ReadWritePaths = [ stateDir ];
   systemd.services.hedgedoc.serviceConfig.EnvironmentFile = config.age.secrets.lldap-bind-user-pass-hedgedoc-env.path;
 
+  # setup postgresql
+  services.postgresql = {
+    ensureDatabases = [ hedgedoc_user ];
+    ensureUsers = [{
+      name = hedgedoc_user;
+      ensureDBOwnership = true;
+    }];
+  };
+
   services.nginx.virtualHosts."${svc_domain}" = {
     forceSSL = true;
     enableACME = true;