mirror of
https://forge.katzen.cafe/katzen-cafe/katzen-cafe.git
synced 2024-11-05 15:36:23 +01:00
get hedgedoc working
This commit is contained in:
parent
c145b143cb
commit
7f9ecaf3d4
|
@ -57,6 +57,7 @@
|
|||
./modules/monitoring.nix
|
||||
./modules/mailserver.nix
|
||||
./modules/vaultwarden.nix
|
||||
./modules/hedgedoc.nix
|
||||
];
|
||||
|
||||
system.stateVersion = "22.11";
|
||||
|
|
|
@ -2,12 +2,38 @@
|
|||
{
|
||||
services.hedgedoc = {
|
||||
enable = true;
|
||||
domain = "pad.katzen.cafe";
|
||||
settings = {
|
||||
domain = "pad.katzen.cafe";
|
||||
port = 3001;
|
||||
protocolUseSSL = true;
|
||||
allowFreeURL = true;
|
||||
requireFreeURLAuthentication = true;
|
||||
oauth2 = {
|
||||
userProfileURL = "";
|
||||
|
||||
userProfileURL = "https://auth.katzen.cafe/realms/katzen.cafe/protocol/openid-connect/userinfo";
|
||||
userProfileUsernameAttr = "preferred_username";
|
||||
userProfileDisplayNameAttr = "name";
|
||||
userProfileEmailAttr = "email";
|
||||
tokenURL = "https://auth.katzen.cafe/realms/katzen.cafe/protocol/openid-connect/token";
|
||||
authorizationURL = "https://auth.katzen.cafe/realms/katzen.cafe/protocol/openid-connect/auth";
|
||||
clientID = "hedgedoc";
|
||||
providerName = "Keycloak";
|
||||
# the envfile should overwrite this?
|
||||
clientSecret = "none";
|
||||
scope = "openid email profile";
|
||||
};
|
||||
db = {
|
||||
dialect = "postgres";
|
||||
host = "/run/postgresql";
|
||||
database = "catpad";
|
||||
};
|
||||
};
|
||||
environmentFile = "/var/lib/secrets/hedgedoc.env";
|
||||
};
|
||||
deployment.keys = {
|
||||
"hedgedoc.env" = {
|
||||
keyCommand = [ "pass" "hedgedoc/envfile" ];
|
||||
destDir = "/var/lib/secrets";
|
||||
permissions = "0604";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@
|
|||
];
|
||||
ensureDatabases = [
|
||||
"forgejo"
|
||||
"catpad"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -139,6 +139,14 @@
|
|||
'';
|
||||
};
|
||||
};
|
||||
"pad.katzen.cafe" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:3001";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
"forge.katzen.cafe" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
|
Loading…
Reference in a new issue