fricloud/server-configs
2
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
server-configs/machines/gerd/services/hedgedoc.nix

65 lines
2.1 KiB
Nix
Raw Blame History

{ config, ... }:
let
svc_domain = "hedgedoc.${config.mine.shared.settings.domain}";
stateDir = config.mine.zfsMounts."rpool/safe/svcs/hedgedoc";
in {
services.hedgedoc = {
enable = true;
settings = {
# only change default port, because 3000 is used by other service
port = 6864;
domain = svc_domain;
protocolUseSSL = true;
debug = true;
uploadsPath = stateDir + "/uploads";
db.dialect = "sqlite";
db.storage = stateDir + "/db.sqlite";
# disable annonymous notes, but allow annonymous edits
allowAnonymous = false;
allowAnonymousEdits = true;
defaultPermission = "private"; # only owner can view and edit
# disable email login and register
email = false;
allowEmailRegister = false;
# setup ldap
# https://github.com/lldap/lldap/blob/main/example_configs/hedgedoc.md
ldap = {
url = config.mine.shared.settings.ldap.url;
bindDn = config.mine.shared.settings.ldap.bind_dn;
searchBase = config.mine.shared.settings.ldap.search_base;
searchFilter = "(&${config.mine.shared.settings.ldap.user_filter}(|(${config.mine.shared.settings.ldap.attr.uid}={{username}})(${config.mine.shared.settings.ldap.attr.email}={{username}})))";
useridField = config.mine.shared.settings.ldap.attr.uid;
};
};
};
# add state directory to ReadWritePaths
systemd.services.hedgedoc.serviceConfig.ReadWritePaths = [ stateDir ];
systemd.services.hedgedoc.serviceConfig.EnvironmentFile = config.age.secrets.lldap-bind-user-pass-hedgedoc-env.path;
services.nginx.virtualHosts."${svc_domain}" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:${builtins.toString config.services.hedgedoc.settings.port}";
};
mine.shared.meta.hedgedoc = {
name = "Hedgedoc";
description = "We host our own Hedgedoc for writing small documents, and sharing with others. Login using your credentials.";
url = "https://${svc_domain}";
package = let
pkg = config.services.hedgedoc.package;
in {
name = pkg.pname;
version = pkg.version;
meta = pkg.meta;
};
};
}
Reference in a new issue View git blame Copy permalink