[bookstack] Adds bookstack and cleans up a bunch of other files. Rewrites how mariadb instances are provisioned.

2025-03-25 14:37:12 -07:00
parent 0ddb2989b4
commit 83ed3a4809
7 changed files with 133 additions and 31 deletions
--- a/system/hosts/mcp/containers/bookstack.nix
+++ b/system/hosts/mcp/containers/bookstack.nix
@@ -0,0 +1,67 @@
+{ config, ... }:
+let 
+  inherit (import ./lib.nix config) mkContainer mkMariaDbContainer havenisms;
+  userIds = import ./user-ids.nix;
+in {
+  imports = [
+    (mkMariaDbContainer {
+      name = "bookstack";
+      uid = userIds.bookstack.uid;
+      gid = userIds.bookstack.gid;
+      directory = "/tank/bookstack/db";
+      passwordSecret = "bookstack_db";
+    })
+  ];
+
+  users.groups.bookstack = {
+    gid = userIds.bookstack.gid;
+  };
+
+  users.users.bookstack = {
+    uid = userIds.bookstack.uid;
+    isSystemUser = true;
+    description = "System User for Bookstack";
+    group = "bookstack";
+  };
+
+  sops.secrets = {
+    bookstack_app_key = {
+      restartUnits = [ "podman-bookstack.service" ];
+      mode = "0400";
+      owner = config.users.users.bookstack.name;
+    };
+    bookstack_db = {
+      restartUnits = [ "podman-bookstack-mariadb.service" ];
+      mode = "0400";
+      owner = config.users.users.bookstack.name;
+    };
+  };
+
+  virtualisation.oci-containers.containers.bookstack = mkContainer {
+    image = "lscr.io/linuxserver/bookstack:latest";
+    hostName = "bookstack";
+    port = "80";
+    dependsOn = [ "bookstack-mariadb" ];
+    homepageOpts = {
+      group = "Apps";
+      name = "Bookstack";
+      icon = "bookstack.svg";
+      description = "Wiki and Knowledgebase";
+    };
+    volumes = [
+      "/tank/bookstack/app:/config"
+      "${config.sops.secrets.bookstack_app_key.path}:/run/secrets/bookstack_app_key"
+      "${config.sops.secrets.bookstack_db.path}:/run/secrets/bookstack_db"
+    ];
+    environment = {
+      APP_URL = "https://bookstack.${havenisms}";
+      PID = toString userIds.bookstack.uid;
+      GID = toString userIds.bookstack.gid;
+      DB_HOST = "bookstack-mariadb";
+      DB_USERNAME = "bookstack";
+      DB_DATABASE = "bookstack";
+      FILE__DB_PASSWORD = "/run/secrets/bookstack_db";
+      FILE__APP_KEY = "/run/secrets/bookstack_app_key";
+    };
+  };
+}