feat(MOMO): add hedgedoc

hosts/MOMO/services/default.nix

@@ -1,6 +1,7 @@
 {
   imports = [
     ./acme.nix
+    ./hedgedoc.nix
     ./miniflux.nix
     ./nginx.nix
     ./postgresql.nix

hosts/MOMO/services/hedgedoc.nix

@@ -0,0 +1,26 @@
+{ config, ... }: {
+
+  services.hedgedoc = {
+    enable = true;
+    settings = {
+      port = 8009;
+      host = "127.0.0.1";
+      allowOrigin =
+        [ "localhost" "127.0.0.1" "hedgedoc.dryb.org" "md.dryb.org" ];
+      allowGravatar = true;
+      db = {
+        username = "hedgedoc";
+        database = "hedgedoc";
+        host = "postgresql:///hedgedoc";
+        dialect = "postgresql";
+      };
+      allowAnonymous = false;
+      allowAnonymousEdits = false;
+      allowFreeURL = true;
+      requireFreeURLAuthentication = true;
+      email = true;
+      allowEmailRegister = true;
+    };
+  };
+
+}

hosts/MOMO/services/postgresql.nix

@@ -1,26 +1,31 @@
-{ ... }:
-{
+{ ... }: {
 
   services.postgresql = {
     enable = true;
-    ensureDatabases = [ "vaultwarden" ];
+    ensureDatabases = [ "vaultwarden" "hedgedoc" ];
 
     ensureUsers = [
       {
         name = "vaultwarden";
         ensureDBOwnership = true;
       }
+      {
+        name = "hedgedoc";
+        ensureDBOwnership = true;
+      }
     ];
 
     # type   database     DBuser  auth-method  mapping
     authentication = ''
       local  all          postgres  peer
       local  vaultwarden  all       ident        map=vaultwarden-users
+      local  hedgedoc     all       ident        map=hedgedoc-users
     '';
 
     # name               sysuser        dbuser
     identMap = ''
       vaultwarden-users  vaultwarden    vaultwarden
+      hedgedoc-users     hedgedoc       hedgedoc
     '';
   };