From dfdf8e0378c353a98081d62e64475277456ed6b8 Mon Sep 17 00:00:00 2001
From: mc-fucker <dev@mc-fucker.cool>
Date: Fri, 30 Jun 2023 20:02:20 +0200
Subject: [PATCH] init of bookstack

---
 modules/bookstack.nix | 62 +++++++++++++++++++++++++++++++++++++++++++
 modules/vars.nix      |  2 +-
 2 files changed, 63 insertions(+), 1 deletion(-)
 create mode 100644 modules/bookstack.nix

diff --git a/modules/bookstack.nix b/modules/bookstack.nix
new file mode 100644
index 0000000..b44f11b
--- /dev/null
+++ b/modules/bookstack.nix
@@ -0,0 +1,62 @@
+{ config, lib, ... }:
+let
+  cfg = import ./vars.nix;
+  db = cfg.bookstack.db;
+  dbport = cfg.bookstack.dbport;
+  db_host = cfg.podman.hostIP;
+  port = cfg.bookstack.port;
+  domain = cfg.bookstack.domain;
+in
+{
+  sops.secrets."bookstack/db" = {};
+
+  imports = [
+    ./podman-mariadb.nix    # for the database
+    ./nginx.nix             # for the webserver
+  ];
+
+  services.podman-mariadb."bookstack" = {
+    enable = true;
+    #image = "docker.io/library/postgres:15-alpine";
+    port = (lib.strings.toInt dbport);
+    passwordFile = config.sops.secrets."bookstack/db".path;
+  };
+
+  virtualisation.oci-containers.containers.bookstack = {
+    image = "lscr.io/linuxserver/bookstack:latest";
+    environment = {
+      TZ = "Europe/Berlin";
+      DB_HOST = db_host;
+      DB_USER = db;
+      DB_PORT = dbport;
+      DB_DATABASE = db;
+      APP_URL = "https://${domain}";
+      MAIL_HOST = cfg.mail.host;
+      MAIL_PORT = cfg.mail.port;
+      MAIL_FROM = "bookstack@mc-fucker.cool";
+      FILE__DB_PASS = config.sops.secrets."bookstack/db".path;
+    };
+    ports = [
+      "${port}:80"
+    ];
+    extraOptions = cfg.podman.extraOptions;
+    volumes = [
+      "/run/secrets/bookstack/db:/run/secrets/bookstack/db:ro"
+      "/var/lib/bookstack:/config"
+    ];
+  };
+
+  services.nginx.virtualHosts."${domain}" = {
+    forceSSL = true;
+    enableACME = true;
+    locations."/" = {
+      proxyPass = "http://localhost:${port}";
+    };
+    extraConfig = ''
+      access_log  /var/log/nginx/${domain}_access.log;
+      error_log   /var/log/nginx/${domain}_error.log;
+    '';
+  };
+
+}
+# vim: set et ts=2 sw=2 ai:
diff --git a/modules/vars.nix b/modules/vars.nix
index 5a4e4dc..7b1f298 100644
--- a/modules/vars.nix
+++ b/modules/vars.nix
@@ -27,7 +27,7 @@
 
   bookstack = {
     db = "bookstack";
-    db_host = "100.64.0.13";
+    dbport = "33060";
     domain = "docs.mc-fucker.cool";
     port = "8086";
   };