diff --git a/hosts/MOMO/services/default.nix b/hosts/MOMO/services/default.nix index 07404a9..5850265 100644 --- a/hosts/MOMO/services/default.nix +++ b/hosts/MOMO/services/default.nix @@ -1,6 +1,7 @@ { imports = [ ./acme.nix + ./hedgedoc.nix ./miniflux.nix ./nginx.nix ./postgresql.nix diff --git a/hosts/MOMO/services/hedgedoc.nix b/hosts/MOMO/services/hedgedoc.nix new file mode 100644 index 0000000..ef5eb51 --- /dev/null +++ b/hosts/MOMO/services/hedgedoc.nix @@ -0,0 +1,26 @@ +{ config, ... }: { + + services.hedgedoc = { + enable = true; + settings = { + port = 8009; + host = "127.0.0.1"; + allowOrigin = + [ "localhost" "127.0.0.1" "hedgedoc.dryb.org" "md.dryb.org" ]; + allowGravatar = true; + db = { + username = "hedgedoc"; + database = "hedgedoc"; + host = "postgresql:///hedgedoc"; + dialect = "postgresql"; + }; + allowAnonymous = false; + allowAnonymousEdits = false; + allowFreeURL = true; + requireFreeURLAuthentication = true; + email = true; + allowEmailRegister = true; + }; + }; + +} diff --git a/hosts/MOMO/services/postgresql.nix b/hosts/MOMO/services/postgresql.nix index d56e571..82083e6 100644 --- a/hosts/MOMO/services/postgresql.nix +++ b/hosts/MOMO/services/postgresql.nix @@ -1,26 +1,31 @@ -{ ... }: -{ +{ ... }: { services.postgresql = { enable = true; - ensureDatabases = [ "vaultwarden" ]; + ensureDatabases = [ "vaultwarden" "hedgedoc" ]; ensureUsers = [ { name = "vaultwarden"; ensureDBOwnership = true; } + { + name = "hedgedoc"; + ensureDBOwnership = true; + } ]; # type database DBuser auth-method mapping authentication = '' local all postgres peer local vaultwarden all ident map=vaultwarden-users + local hedgedoc all ident map=hedgedoc-users ''; # name sysuser dbuser identMap = '' vaultwarden-users vaultwarden vaultwarden + hedgedoc-users hedgedoc hedgedoc ''; };