From 929004083b79c7171aa3cda6e5fc91e13ad763c4 Mon Sep 17 00:00:00 2001
From: SebastianStork <sebastian.stork@pm.me>
Date: Wed, 15 Oct 2025 20:58:35 +0200
Subject: [PATCH] hedgedoc: Remove module

---
 hosts/srv-public/secrets.json            |  7 +-
 modules/system/web-services/hedgedoc.nix | 87 ------------------------
 2 files changed, 2 insertions(+), 92 deletions(-)
 delete mode 100644 modules/system/web-services/hedgedoc.nix

diff --git a/hosts/srv-public/secrets.json b/hosts/srv-public/secrets.json
index 22afd87..65de0da 100644
--- a/hosts/srv-public/secrets.json
+++ b/hosts/srv-public/secrets.json
@@ -4,9 +4,6 @@
     "auth-key": "ENC[AES256_GCM,data:7Kqq0c1+726OHqFtEUkM/2udHe+UUxYtJ8UEl5RHo0ZLE5uxxPyh16Fmq30/E58ZU3CRSrWOCm28CbsSMQ==,iv:1UmMkobgm/GWM/5NjIYTDnNva13mcxqkX01uyPISNRo=,tag:nc5Uzc6W9lyZIbCF9u8n5g==,type:str]",
     "service-auth-key": "ENC[AES256_GCM,data:fW9M95GXFGUrhIXiuVQdD+l7O+7qcTcYGVuTZC1hSUQunL/fjNh+cLFvjwEpKVvsZJ7uDzD0IHQlicBmzPI=,iv:XDFwA47jyQ8jkIOfkooywXGzUAtbQb5ktjbrcHnep9g=,tag:kh6G1ey8Ly2Rzx1DdoDmRQ==,type:str]"
   },
-  "hedgedoc": {
-    "gitlab-auth-secret": "ENC[AES256_GCM,data:qmCCu+KXLRqzPH8EY4lZnwVa8g4adzJEmnU/ErE4qOCPTRULRjHJbIoACX93g9Ye1zuM9En0lAdzuuGXKN4rZ4/bACM7kg==,iv:lyfWZFwZjdP005X4USGKM1OWKu3W8YTZ0oWODhF/uPI=,tag:qyZHkBCPVxNLHn1yonv3Yw==,type:str]"
-  },
   "forgejo": {
     "admin-password": "ENC[AES256_GCM,data:EI2o342VbzUBb1VOQNrFmOOD9BiDgCgY5Q==,iv:4BCOmHxzCr4Z3975MN4mr/lyeEVyJhwuGfDxek6GiSI=,tag:PRHh/HrvkgNQhZQ6yOKrxw==,type:str]"
   },
@@ -41,8 +38,8 @@
         "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WStWWENrZ25qemRGQi9Q\nRmkyeFZVNkYzdzNXZFhTdzlDOHpnVDRtam5zCkxyYk5UeDl3UFFSZzgzWjd3WEZw\nMzRUeHVEcjAvbDNuWGREc2xpeGtvOW8KLS0tIFp0ZjhyNEU1WkV2b2RObG0vaE5m\na1lPVExRK0JLdTByNmNFU1kzZXRvVXMKs7GE8kGKDG5EOjzXMz008yvrkB4x/2dv\ng1BaaYDZ5FzG34e/nRiNOUTOK4GUhHoW6f58gs4Lv75IYIMYYhDNrQ==\n-----END AGE ENCRYPTED FILE-----\n"
       }
     ],
-    "lastmodified": "2025-10-11T15:48:45Z",
-    "mac": "ENC[AES256_GCM,data:PwH1qvOHXuMYmUaUN5Dgz22ffon05LsXmxV0SBWDivXoHM+rQMgUiwAEdhnrJ8Mejg235surp/gDeN/mNyQAVd+GbkLmL6l62GEfhcb6KRA3OoGfMG8esrfGQptiEDWiRRHBAdF5S1AIxQCpWJg44rAEsadtcaTBzDGjWWiuiIM=,iv:3og07CTINIfXMKix6AdEcXpv+TmXo1lS/ooOIhNFrXg=,tag:L5fjPIiSXbJd7Ku76UUPzQ==,type:str]",
+    "lastmodified": "2025-10-15T18:58:00Z",
+    "mac": "ENC[AES256_GCM,data:0USY8FBhCwdst51xOoj2ENVPEpQ4oDvGTfbZhGsi2O8flJ9t6+8pMT7/SIklqjZy5kp6yQRuPYdDpxGREKGKa0cOA8DTpmtXW4alO+tdIv/yPyin7zXqnrXpMoiLc2WznrGgvMzodmUiqYDdsKVsyaMXaANZsMaegE1Iu6Tp2Jc=,iv:PBmhWnAs86Yh02HvKWvsG1eMyDOj/P6kWZRrXCAC+Fo=,tag:RKWYYmh5B4vcRDjiKr1ZNg==,type:str]",
     "unencrypted_suffix": "_unencrypted",
     "version": "3.11.0"
   }
diff --git a/modules/system/web-services/hedgedoc.nix b/modules/system/web-services/hedgedoc.nix
deleted file mode 100644
index 9e6db2e..0000000
--- a/modules/system/web-services/hedgedoc.nix
+++ /dev/null
@@ -1,87 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
-let
-  cfg = config.custom.services.hedgedoc;
-  dataDir = "/var/lib/hedgedoc";
-in
-{
-  options.custom.services.hedgedoc = {
-    enable = lib.mkEnableOption "";
-    domain = lib.mkOption {
-      type = lib.types.nonEmptyStr;
-      default = "";
-    };
-    port = lib.mkOption {
-      type = lib.types.port;
-      default = 3000;
-    };
-    doBackups = lib.mkEnableOption "";
-  };
-
-  config = lib.mkIf cfg.enable {
-    meta = {
-      domains.list = [ cfg.domain ];
-      ports.tcp.list = [ cfg.port ];
-    };
-
-    sops = {
-      secrets."hedgedoc/gitlab-auth-secret" = { };
-      templates."hedgedoc/environment" = {
-        owner = config.users.users.hedgedoc.name;
-        content = "GITLAB_CLIENTSECRET=${config.sops.placeholder."hedgedoc/gitlab-auth-secret"}";
-        restartUnits = [ "hedgedoc.service" ];
-      };
-    };
-
-    services.hedgedoc = {
-      enable = true;
-
-      environmentFile = config.sops.templates."hedgedoc/environment".path;
-      settings = {
-        inherit (cfg) domain port;
-        protocolUseSSL = true;
-        allowAnonymous = false;
-        email = false;
-        defaultPermission = "limited";
-        sessionSecret = "$SESSION_SECRET";
-        gitlab = {
-          baseURL = "https://code.fbi.h-da.de";
-          clientID = "dc71d7ec1525ce3b425d7d41d602f67e1a06cef981259605a87841a6be62cc58";
-          clientSecret = "$GITLAB_CLIENTSECRET";
-        };
-      };
-    };
-
-    # Ensure session-secret
-    systemd.services.hedgedoc.preStart = lib.mkBefore ''
-      secret_file="${dataDir}/session-secret"
-
-      if [ ! -f $secret_file ]; then
-        ${lib.getExe pkgs.pwgen} -s 64 1 > $secret_file
-      fi
-
-      SESSION_SECRET="$(cat $secret_file)"
-      export SESSION_SECRET
-    '';
-
-    custom = {
-      services.resticBackups.hedgedoc = lib.mkIf cfg.doBackups {
-        conflictingService = "hedgedoc.service";
-        paths =
-          let
-            inherit (config.services.hedgedoc) settings;
-          in
-          [
-            settings.uploadsPath
-            settings.db.storage
-          ];
-      };
-
-      persist.directories = [ dataDir ];
-    };
-  };
-}