68 lines
1.9 KiB
Nix
68 lines
1.9 KiB
Nix
{ config, ... }:
|
|
let
|
|
inherit (import ./lib.nix config) mkContainer mkMariaDbContainer havenisms;
|
|
userIds = import ./user-ids.nix;
|
|
in {
|
|
imports = [
|
|
(mkMariaDbContainer {
|
|
name = "bookstack";
|
|
uid = userIds.bookstack.uid;
|
|
gid = userIds.bookstack.gid;
|
|
directory = "/tank/bookstack/db";
|
|
passwordSecret = "bookstack_db";
|
|
})
|
|
];
|
|
|
|
users.groups.bookstack = {
|
|
gid = userIds.bookstack.gid;
|
|
};
|
|
|
|
users.users.bookstack = {
|
|
uid = userIds.bookstack.uid;
|
|
isSystemUser = true;
|
|
description = "System User for Bookstack";
|
|
group = "bookstack";
|
|
};
|
|
|
|
sops.secrets = {
|
|
bookstack_app_key = {
|
|
restartUnits = [ "podman-bookstack.service" ];
|
|
mode = "0400";
|
|
owner = config.users.users.bookstack.name;
|
|
};
|
|
bookstack_db = {
|
|
restartUnits = [ "podman-bookstack-mariadb.service" ];
|
|
mode = "0400";
|
|
owner = config.users.users.bookstack.name;
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.bookstack = mkContainer {
|
|
image = "lscr.io/linuxserver/bookstack:latest";
|
|
hostName = "bookstack";
|
|
port = "80";
|
|
dependsOn = [ "bookstack-mariadb" ];
|
|
homepageOpts = {
|
|
group = "Apps";
|
|
name = "Bookstack";
|
|
icon = "bookstack.svg";
|
|
description = "Wiki and Knowledgebase";
|
|
};
|
|
volumes = [
|
|
"/tank/bookstack/app:/config"
|
|
"${config.sops.secrets.bookstack_app_key.path}:/run/secrets/bookstack_app_key"
|
|
"${config.sops.secrets.bookstack_db.path}:/run/secrets/bookstack_db"
|
|
];
|
|
environment = {
|
|
APP_URL = "https://bookstack.${havenisms}";
|
|
PID = toString userIds.bookstack.uid;
|
|
GID = toString userIds.bookstack.gid;
|
|
DB_HOST = "bookstack-mariadb";
|
|
DB_USERNAME = "bookstack";
|
|
DB_DATABASE = "bookstack";
|
|
FILE__DB_PASSWORD = "/run/secrets/bookstack_db";
|
|
FILE__APP_KEY = "/run/secrets/bookstack_app_key";
|
|
};
|
|
};
|
|
}
|