From 850b3ea028c312ae7e59584e83f0ec694d052b19 Mon Sep 17 00:00:00 2001
From: 1000101 <b1000101@pm.me>
Date: Mon, 3 Aug 2020 15:26:38 +0200
Subject: [PATCH 1/3] nixos/dokuwiki: drop SSL forcing

---
 nixos/modules/services/web-apps/dokuwiki.nix | 17 +++++++----------
 nixos/tests/dokuwiki.nix                     |  8 --------
 2 files changed, 7 insertions(+), 18 deletions(-)

diff --git a/nixos/modules/services/web-apps/dokuwiki.nix b/nixos/modules/services/web-apps/dokuwiki.nix
index fe6b9210d246..ab6ce749ad51 100644
--- a/nixos/modules/services/web-apps/dokuwiki.nix
+++ b/nixos/modules/services/web-apps/dokuwiki.nix
@@ -249,22 +249,19 @@ let
       nginx = mkOption {
         type = types.submodule (
           recursiveUpdate
-            (import ../web-servers/nginx/vhost-options.nix { inherit config lib; })
-            {
-              # Enable encryption by default,
-              options.forceSSL.default = true;
-              options.enableACME.default = true;
-            }
+            (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) {}
         );
-        default = {forceSSL = true; enableACME = true;};
+        default = {};
         example = {
           serverAliases = [
             "wiki.\${config.networking.domain}"
           ];
-          enableACME = false;
+          # To enable encryption and let let's encrypt take care of certificate
+          forceSSL = true;
+          enableACME = true;
         };
         description = ''
-          With this option, you can customize the nginx virtualHost which already has sensible defaults for DokuWiki.
+          With this option, you can customize the nginx virtualHost settings.
         '';
       };
     };
@@ -276,7 +273,7 @@ in
     services.dokuwiki = mkOption {
       type = types.attrsOf (types.submodule siteOpts);
       default = {};
-      description = "Sepcification of one or more dokuwiki sites to service.";
+      description = "Sepcification of one or more dokuwiki sites to serve.";
     };
   };
 
diff --git a/nixos/tests/dokuwiki.nix b/nixos/tests/dokuwiki.nix
index 4f00521c2021..260316a3833b 100644
--- a/nixos/tests/dokuwiki.nix
+++ b/nixos/tests/dokuwiki.nix
@@ -39,18 +39,10 @@ in {
     services.dokuwiki."site1.local" = {
       aclUse = false;
       superUser = "admin";
-      nginx = {
-        forceSSL = false;
-        enableACME = false;
-      };
     };
     services.dokuwiki."site2.local" = {
       aclUse = true;
       superUser = "admin";
-      nginx = {
-        forceSSL = false;
-        enableACME = false;
-      };
       templates = [ template-bootstrap3 ];
       plugins = [ plugin-icalevents ];
     };

From 7d938b5e47923c05a053e970611a260cba200a7e Mon Sep 17 00:00:00 2001
From: 1000101 <b1000101@pm.me>
Date: Mon, 3 Aug 2020 16:04:43 +0200
Subject: [PATCH 2/3] release-notes/rl-2009: document dokuwiki incompatibility

---
 nixos/doc/manual/release-notes/rl-2009.xml | 25 ++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml
index 2225619d4816..35ab42e72368 100644
--- a/nixos/doc/manual/release-notes/rl-2009.xml
+++ b/nixos/doc/manual/release-notes/rl-2009.xml
@@ -588,6 +588,31 @@ systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ];
       When updating Graylog from a version before 3.3.3 make sure to check the Graylog <link xlink:href="https://www.graylog.org/post/announcing-graylog-v3-3-3">release info</link> for information on how to avoid the issue.
     </para>
    </listitem>
+   <listitem>
+    <para>
+     The <literal>dokuwiki</literal> module has changed to multi-instance, using submodules.
+     Therefore, it is now mandatory to name each instance. Moreover, forcing SSL by default has been dropped, so
+     <literal>nginx.forceSSL</literal> and <literal>nginx.enableACME</literal> are no longer set to <literal>true</literal>.
+     To continue using your service with the original SSL settings, you have to adjust the original config, e.g.:
+<programlisting>
+services.dokuwiki = {
+  enable = true;
+  ...
+};
+</programlisting>
+     To something similar:
+<programlisting>
+services.dokuwiki."mywiki" = {
+  enable = true;
+  nginx = {
+    forceSSL = true;
+    enableACME = true;
+  };
+  ...
+};
+</programlisting>
+    </para>
+   </listitem>
   </itemizedlist>
  </section>
 

From 15b6edc4d1320d4b52e6d4222767cc145c940396 Mon Sep 17 00:00:00 2001
From: 1000101 <b1000101@pm.me>
Date: Mon, 3 Aug 2020 16:31:28 +0200
Subject: [PATCH 3/3] release-notes/rl-2009: fix trailing whitespace

---
 nixos/doc/manual/release-notes/rl-2009.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml
index 35ab42e72368..a72fbaa2445d 100644
--- a/nixos/doc/manual/release-notes/rl-2009.xml
+++ b/nixos/doc/manual/release-notes/rl-2009.xml
@@ -548,7 +548,7 @@ systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ];
     <para>
      The <literal>bitcoind</literal> module has changed to multi-instance, using submodules.
      Therefore, it is now mandatory to name each instance.
-     To use this new multi-instance config with an existing bitcoind data directory and user, 
+     To use this new multi-instance config with an existing bitcoind data directory and user,
      you have to adjust the original config, e.g.:
 <programlisting>
   services.bitcoind = {