Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / f1c352b13bde44d558c1b8f38e9a68951f06680b^! / . / modules
commitf1c352b13bde44d558c1b8f38e9a68951f06680b[log] [tgz]
authorSkyler Grey <minion@clicks.codes>Fri Apr 19 00:07:44 2024 +0000
committerSkyler Grey <minion@clicks.codes>Sat Apr 20 00:23:57 2024 +0000
tree30eb4b3f3fc543cd4e37e5021a07a7c0c1bedef0
parent0cebca0104b3bf949070337692be3f9d1ad585a8 [diff]
Setup a wiki.js instance for TransPlace

Similarly to the redis instance, TransPlace is rather annoying to run
services on. Therefore, I have offered to run this on nix until such a
time as Cleo figures out how to set this up on pterodactyl

Change-Id: Iceff9c46e34201968f8e7b097267641499417b57
Reviewed-on: https://git.clicks.codes/c/Infra/NixFiles/+/632
Reviewed-by: Samuel Shuert <coded@clicks.codes>
Tested-by: Skyler Grey <minion@clicks.codes>

diff --git a/modules/common/nginx-routes.nix b/modules/common/nginx-routes.nix
index 1d231ce..ff2cf0d 100644
--- a/modules/common/nginx-routes.nix
+++ b/modules/common/nginx-routes.nix

@@ -1,5 +1,6 @@
 { pkgs, helpers, config, lib, ... }: {
   clicks.nginx.services = with helpers.nginx; [
+    (Host "guide.trans.gg" (ReverseProxy "generic:1035"))
     (Host "signup.hopescaramels.com" (ReverseProxy "caramels:1024"))
     (Host "freeflowtaekwondo.com" (ReverseProxy "generic:1026"))
     (Host "homebridge.coded.codes" (ReverseProxy "CodedPi:8581"))

diff --git a/modules/common/postgres.nix b/modules/common/postgres.nix
index 7955bc2..5e07c4b 100644
--- a/modules/common/postgres.nix
+++ b/modules/common/postgres.nix

@@ -15,7 +15,17 @@
       log_destination = lib.mkForce "syslog";
     };
 
-    ensureDatabases = [ "vaultwarden" "gerrit" "privatebin" "keycloak" "nextcloud" "synapse" "taiga" "jinx" ];
+    ensureDatabases = [
+      "vaultwarden"
+      "gerrit"
+      "privatebin"
+      "keycloak"
+      "nextcloud"
+      "synapse"
+      "taiga"
+      "jinx"
+      "wiki"
+    ];
 
     ensureUsers = [
       {
@@ -52,6 +62,10 @@
         name = "jinx";
         ensureDBOwnership = true;
       }
+      {
+        name = "wiki";
+        ensureDBOwnership = true;
+      }
     ] ++ (map (name: ({
       inherit name;
     })) [ "minion" "coded" "pineafan" ]);
@@ -107,6 +121,10 @@
         user = "jinx";
         passwordFile = config.sops.secrets.clicks_jinx_db_password.path;
       }
+      {
+        user = "wiki";
+        passwordFile = config.sops.secrets.clicks_wiki_db_password.path;
+      }
     ] [
       (map (userData: ''
         $PSQL -tAc "ALTER USER ${userData.user} PASSWORD '$(cat ${userData.passwordFile})';"
@@ -136,6 +154,7 @@
     "clicks_nextcloud_db_password"
     "clicks_taiga_db_password"
     "clicks_jinx_db_password"
+    "clicks_wiki_db_password"
   ] [
     (map (name: {
       inherit name;

diff --git a/modules/common/wikijs.nix b/modules/common/wikijs.nix
new file mode 100644
index 0000000..506de26
--- /dev/null
+++ b/modules/common/wikijs.nix

@@ -0,0 +1,26 @@
+{ config, ... }: {
+  services.wiki-js = {
+    enable = true;
+  
+    settings = {
+      bindIP = "127.0.0.255";
+      port = 1035;
+
+      db = {
+        host = "standard";
+        user = "wiki";
+        pass = "$(DB_PASS)";
+      };
+    };
+
+    environmentFile = config.sops.secrets.wikijs__env_bin.path;
+  };
+
+  sops.secrets.wikijs__env_bin = {
+    mode = "0600";
+    owner = config.users.users.root.name;
+    group = config.users.users.root.group;
+    sopsFile = ../../secrets/wikijs.env.bin;
+    format = "binary";
+  };
+}