From 1a7f6b407040ff521a958d8ff7872ddee0dfeb1d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Sun, 24 Jul 2022 03:45:16 +0200
Subject: [PATCH 1/2] nixos/hedgedoc: do not require to set searchAttributes
 when ldap login is used

---
 nixos/modules/services/web-apps/hedgedoc.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/services/web-apps/hedgedoc.nix b/nixos/modules/services/web-apps/hedgedoc.nix
index 909b51750d85..fdd12896f0ef 100644
--- a/nixos/modules/services/web-apps/hedgedoc.nix
+++ b/nixos/modules/services/web-apps/hedgedoc.nix
@@ -843,7 +843,8 @@ in
               '';
             };
             searchAttributes = mkOption {
-              type = types.listOf types.str;
+              type = types.nullOr (types.listOf types.str);
+              default = null;
               example = [ "displayName" "mail" ];
               description = ''
                 LDAP attributes to search with.

From 98f180b0e33328d7a30991bd99d295dd9348c82e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Sun, 24 Jul 2022 04:03:24 +0200
Subject: [PATCH 2/2] nixos/hedgedoc: set good default for ldap.tlsca

---
 nixos/modules/services/web-apps/hedgedoc.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nixos/modules/services/web-apps/hedgedoc.nix b/nixos/modules/services/web-apps/hedgedoc.nix
index fdd12896f0ef..f0e4f753eb70 100644
--- a/nixos/modules/services/web-apps/hedgedoc.nix
+++ b/nixos/modules/services/web-apps/hedgedoc.nix
@@ -867,6 +867,7 @@ in
             };
             tlsca = mkOption {
               type = types.str;
+              default = "/etc/ssl/certs/ca-certificates.crt";
               example = "server-cert.pem,root.pem";
               description = ''
                 Root CA for LDAP TLS in PEM format.