diff --git a/hosts/koi/containers/outline/LicenseHelper.js b/hosts/koi/containers/outline/LicenseHelper.js new file mode 100644 index 0000000..7414129 --- /dev/null +++ b/hosts/koi/containers/outline/LicenseHelper.js @@ -0,0 +1,32 @@ +'use strict'; + +Object.defineProperty(exports, "__esModule", { + 'value': true +}); + +class LicenseHelper { + static async updateLicenseStatus(_0x2921bc) {} + static isOverSeatLimit = false; + static isFarExceedingSeatLimit = false; + static decoded = undefined; + static get lastCheckedAt() { return new Date(); }; + static publicKey = ''; + + static details() { + return { + 'isOverSeatLimit': false, + 'isFarExceedingSeatLimit': false, + 'isMissing': false, + 'isInGracePeriod': false, + 'isValid': true, + 'isTrial': false, + 'licensedTo': 'catgirls :3', + 'expiresAt': new Date(2077, 0, 0), + 'gracePeriodExpiresAt': new Date(2077, 0, 0), + 'customerId': 'catgirls :3', + 'seatCount': 99999999 + }; + } +} + +exports.default = LicenseHelper; \ No newline at end of file diff --git a/hosts/koi/containers/outline/default.nix b/hosts/koi/containers/outline/default.nix new file mode 100644 index 0000000..eb763ba --- /dev/null +++ b/hosts/koi/containers/outline/default.nix @@ -0,0 +1,77 @@ +{ pkgs, config, ... }: + +let + UID = 1121; +in { + desu.secrets.outline-env.owner = "outline"; + + users.users.outline = { + isNormalUser = true; + uid = UID; + }; + + services.postgresql.ensureUsers = [ + { name = "outline"; ensureDBOwnership = true; } + ]; + services.postgresql.ensureDatabases = [ "outline" ]; + desu.postgresql.ensurePasswords.outline = "outline"; + + virtualisation.oci-containers.containers.outline-redis = { + image = "docker.io/redis:7.0-alpine"; + user = builtins.toString UID; + extraOptions = [ + "--mount=type=bind,source=/srv/outline/redis,target=/data" + ]; + }; + + systemd.tmpfiles.rules = [ + "d /srv/outline/redis 0700 ${builtins.toString UID} ${builtins.toString UID} -" + ]; + + virtualisation.oci-containers.containers.outline = { + dependsOn = [ "outline-redis" ]; + image = "outlinewiki/outline-enterprise:0.81.1"; + volumes = [ + "${./LicenseHelper.js}:/opt/outline/build/server/utils/LicenseHelper.js" + ]; + environment = { + NODE_ENV = "production"; + PORT = "80"; + DATABASE_URL = "postgres://outline:outline@172.17.0.1:5432/outline"; + PGSSLMODE = "disable"; + REDIS_URL = "redis://outline-redis.docker:6379"; + URL = "https://wiki.stupid.fish"; + COLLABORATION_URL = "https://wiki.stupid.fish"; + FILE_STORAGE = "local"; + FILE_STORAGE_LOCAL_ROOT_DIR = "/var/lib/outline/data"; + FILE_STORAGE_UPLOAD_MAX_SIZE = "262144000"; + ENABLE_UPDATES = "false"; + WEB_CONCURRENCY = "1"; + LOG_LEVEL = "info"; + }; + environmentFiles = [ + # oidc related config + SECRET_KEY, UTILS_SECRET + config.desu.secrets.outline-env.path + ]; + user = builtins.toString UID; + extraOptions = [ + "--group-add=${builtins.toString config.users.groups.geesefs.gid}" + "--mount=type=bind,source=/mnt/s3-desu-priv-encrypted/outline,target=/var/lib/outline/data" + ]; + }; + systemd.services.docker-outline.requires = [ "postgresql.service" "gocryptfs.service" ]; + + services.nginx.virtualHosts."wiki.stupid.fish" = { + forceSSL = true; + useACMEHost = "stupid.fish"; + + locations."/" = { + proxyPass = "http://outline.docker$request_uri"; + proxyWebsockets = true; + + extraConfig = '' + proxy_buffering off; + ''; + }; + }; +} \ No newline at end of file diff --git a/secrets/outline-env.age b/secrets/outline-env.age new file mode 100644 index 0000000..3cdba3b Binary files /dev/null and b/secrets/outline-env.age differ