nixos-modules/modules/hedgedoc.nix

{ config, lib, libS, ... }:

let
  cfg = config.services.hedgedoc.ldap;
  inherit (config.security) ldap;
in
{
  options = {
    services.hedgedoc.ldap = {
      enable = lib.mkEnableOption (lib.mdDoc ''
        login only via LDAP.
        Use `service.hedgedoc.environmentFile` in format `bindCredentials=password` to set the credentials used by the search user
      '');

      userGroup = libS.ldap.mkUserGroupOption;
    };
  };

  config.services.hedgedoc.settings.ldap = lib.mkIf cfg.enable {
    url = "ldaps://${ldap.domainName}:${toString ldap.port}";
    bindDn = ldap.bindDN;
    bindCredentials = "$bindCredentials";
    searchBase = ldap.userBaseDN;
    searchFilter = ldap.searchFilterWithGroupFilter cfg.userGroup (ldap.userFilter "{{username}}");
    tlsca = "/etc/ssl/certs/ca-certificates.crt";
    useridField = ldap.userField;
  };

  config.services.portunus.seedSettings.groups = lib.optional (cfg.userGroup != null) {
    long_name = "Hedgedoc Users";
    name = cfg.userGroup;
    permissions = { };
  };
}
hedgedoc: rename userFilterGroup to userGroup, generate group in portunus 2023-07-02 00:02:45 +02:00			`{ config, lib, libS, ... }:`
hedgedoc: add 2023-06-05 19:53:21 +02:00
			`let`
hedgedoc: add userFilterGroup option 2023-06-28 01:00:14 +02:00			`cfg = config.services.hedgedoc.ldap;`
hedgedoc: add 2023-06-05 19:53:21 +02:00			`inherit (config.security) ldap;`
			`in`
			`{`
			`options = {`
			`services.hedgedoc.ldap = {`
			`enable = lib.mkEnableOption (lib.mdDoc ''`
			`login only via LDAP.`
			Use `service.hedgedoc.environmentFile` in format `bindCredentials=password` to set the credentials used by the search user
			`'');`
hedgedoc: add userFilterGroup option 2023-06-28 01:00:14 +02:00
hedgedoc: rename userFilterGroup to userGroup, generate group in portunus 2023-07-02 00:02:45 +02:00			`userGroup = libS.ldap.mkUserGroupOption;`
hedgedoc: add 2023-06-05 19:53:21 +02:00			`};`
			`};`

hedgedoc: rename userFilterGroup to userGroup, generate group in portunus 2023-07-02 00:02:45 +02:00			`config.services.hedgedoc.settings.ldap = lib.mkIf cfg.enable {`
			`url = "ldaps://${ldap.domainName}:${toString ldap.port}";`
			`bindDn = ldap.bindDN;`
			`bindCredentials = "$bindCredentials";`
			`searchBase = ldap.userBaseDN;`
			`searchFilter = ldap.searchFilterWithGroupFilter cfg.userGroup (ldap.userFilter "{{username}}");`
			`tlsca = "/etc/ssl/certs/ca-certificates.crt";`
			`useridField = ldap.userField;`
			`};`

			`config.services.portunus.seedSettings.groups = lib.optional (cfg.userGroup != null) {`
			`long_name = "Hedgedoc Users";`
			`name = cfg.userGroup;`
Asserted formatting fixes 2024-01-08 14:47:38 +01:00			`permissions = { };`
hedgedoc: add 2023-06-05 19:53:21 +02:00			`};`
			`}`