From 61e76fb451961c203cd0b23a21d6dd3dc09529d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= <dev@felschr.com>
Date: Thu, 7 Mar 2024 20:52:06 +0100
Subject: [PATCH] feat: remove focalboard

---
 hosts/home-server.nix              |   1 -
 secrets/focalboard/.env.age        | Bin 683 -> 0 bytes
 secrets/focalboard/db-password.age |   9 ---
 services/focalboard.nix            |  94 -----------------------------
 4 files changed, 104 deletions(-)
 delete mode 100644 secrets/focalboard/.env.age
 delete mode 100644 secrets/focalboard/db-password.age
 delete mode 100644 services/focalboard.nix

diff --git a/hosts/home-server.nix b/hosts/home-server.nix
index 4b29494..ef993f0 100644
--- a/hosts/home-server.nix
+++ b/hosts/home-server.nix
@@ -35,7 +35,6 @@ in {
     ../services/nextcloud.nix
     ../services/collabora-office.nix
     ../services/calibre-web.nix
-    ../services/focalboard.nix
   ];
 
   age.secrets.cloudflare.file = ../secrets/cloudflare.age;
diff --git a/secrets/focalboard/.env.age b/secrets/focalboard/.env.age
deleted file mode 100644
index 035df86e6a14376a0917570895519bd33aba36c4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 683
zcmZ9_-%As5008jHBAo~&MrKlnJ@l})+wHd7j%0DSpU(Z#?VLOGVcUIoyWMubcJ9X&
z_5*rIqrilU>LDnyAHJx8L0}LHQY*ylEvN|d!KjByAC#ikKL5Zc$pQlq(n?iQIZ-f*
z3JaGIoxuSWi&+C;%vLLcLt%pM$r6y8&^vL#W*?G)i&9y)9PK0BW(q|kdVt$|`nq!w
zuLp2aN^|R6OqB{N$ts5Q@@3%dQQ36H7l?@=)fpo-*oyaKYK1Ua3z+!-W;1g+TNx_!
z;4!`8$`rX0npT{wUJ;o}e>I8We9#8;JSWq6MkpwnkkAo1niqmX1nw$}Fp>z13D)nE
zLMbPUM9Yb6M)c=ln_o3?7V6(-bUKV~1FL{!5kQ1B7&<XPC7~1)b|&>Yt$@q2koKoB
z9<Fc%=rzSNeTdo5X#hn6b_(e>hxnXakb^!Nm!*VMaZ)Z)&Jq#E=8kDL9qlIJpnXWv
z$g<Mi@8z91iUB%X@=0Mo=>jZiv3rXkNhkbhB~L`%n6*raDG#bM7z|Ju2{2kIUNXTs
zK~?csUb4h-%teP_1&jMrVq7l@<qEEkmnhvivh`L%g#%riOse+0dt__=XnQ@nyUWnw
zYns@6JsYR!<v$zDkI7T1i6&V-IXPC(2L{qV;i+qL^V0Z*S1mQq$Nt$57O!Jr{9d}@
z+uTe3m<Pp{Q_2-E-P|5&Uf;FwaLu=LxAD<s%V<7)`r^i(k=1wi&m0y@w`;%8H#g20
zxv>FsrSsC)&%c%!)8gn^?QwK)dgaS?F-kAK9~K=Ca*K79?E{@#!wtE*H%)tYe1F0n
zjMN7At&!V9FK*nlthazWSJ$_B)9MlEc*kfovGc9*&`hDTE!6sS|FeRZZ(D6+KTSo)
F{sKck{{R30

diff --git a/secrets/focalboard/db-password.age b/secrets/focalboard/db-password.age
deleted file mode 100644
index 0db040f..0000000
--- a/secrets/focalboard/db-password.age
+++ /dev/null
@@ -1,9 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 OAZQhA dxA+WbNEn/S09SFxcocGPj2b1NhorC1/qmjpq5rtxh0
-qSMHnpKjYm/wFX2aspH8ciuZrDrY80GoUbb1+xnHwXg
--> ssh-ed25519 72ij7w tW82g/+efG37VE2f5QW0k/oy0pWzUg5ZXBG/8OaRSW8
-PCNKgRF41kD+LpzeHq+QONwiSw7pvfMhqa+3iljRw98
--> TM0[wD[-grease ] )A`15 < D
-hHJtcXJ+
---- L78Bv0VeBpdNUDkDnp5Dm3RZlU1ywVo/IhXwL1d9Ol0
-©ÛJúÄ¬HZºP¸U_äiÅ0,í‰^41ÝÄh™D’"ÿò öpÿð_˜µ0¬+ÅcëÍ|/Ð-CçÎÇÉÀÂjJ8U¹
\ No newline at end of file
diff --git a/services/focalboard.nix b/services/focalboard.nix
deleted file mode 100644
index 2ac56c9..0000000
--- a/services/focalboard.nix
+++ /dev/null
@@ -1,94 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-  dataDir = "/var/lib/focalboard";
-  ociBackend = config.virtualisation.oci-containers.backend;
-  port = 8003;
-  domain = "boards.felschr.com";
-  dbUser = "focalboard";
-  dbName = "focalboard";
-  dbPasswordFile = config.age.secrets.focalboard-db-password.path;
-
-  inherit (config.users.users.focalboard) uid;
-  inherit (config.users.groups.focalboard) gid;
-
-  pgSuperUser = config.services.postgresql.superUser;
-in {
-  age.secrets.focalboard-env.file = ../secrets/focalboard/.env.age;
-  age.secrets.focalboard-db-password.file =
-    ../secrets/focalboard/db-password.age;
-
-  services.postgresql = {
-    enable = true;
-    enableTCPIP = true;
-    ensureDatabases = [ dbName ];
-    ensureUsers = [{
-      name = dbUser;
-      ensurePermissions."DATABASE ${dbName}" = "ALL PRIVILEGES";
-    }];
-  };
-
-  systemd.services.focalboard-init = {
-    enable = true;
-    description = "Set up paths & database access for Focalboard";
-    requires = [ "postgresql.service" ];
-    after = [ "postgresql.service" ];
-    before = [ "${ociBackend}-focalboard.service" ];
-    wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
-      Type = "oneshot";
-      LoadCredential = [ "db_password:${dbPasswordFile}" ];
-    };
-    script = ''
-      mkdir -p ${dataDir}
-      echo "Set focalboard postgres user password"
-      db_password="$(<"$CREDENTIALS_DIRECTORY/db_password")"
-      ${pkgs.sudo}/bin/sudo -u ${pgSuperUser} ${pkgs.postgresql}/bin/psql postgres \
-        -c "alter user ${dbUser} with password '$db_password'"
-    '';
-  };
-
-  virtualisation.oci-containers.containers.focalboard = {
-    image = "docker.io/mattermost/focalboard";
-    ports = [ "${toString port}:${toString port}" ];
-    volumes = [ "${dataDir}:/var/lib/focalboard" ];
-    environment = {
-      FOCALBOARD_PORT = toString port;
-      FOCALBOARD_DBTYPE = "postgres";
-    };
-    # only secrets need to be included, e.g. FOCALBOARD_DBCONFIG
-    environmentFiles = [ config.age.secrets.focalboard-env.path ];
-    extraOptions = [
-      "--runtime-flag=directfs=false"
-      "--runtime-flag=network=host"
-      "--uidmap=0:65534:1"
-      "--gidmap=0:65534:1"
-      "--uidmap=65534:${toString uid}:1"
-      "--gidmap=65534:${toString gid}:1"
-      "--network=host"
-      "--label=io.containers.autoupdate=registry"
-    ];
-  };
-
-  systemd.services."${ociBackend}-focalboard" = {
-    requires = [ "postgresql.service" ];
-    after = [ "postgresql.service" ];
-  };
-
-  services.nginx.virtualHosts.${domain} = {
-    enableACME = true;
-    forceSSL = true;
-    locations."/" = {
-      proxyPass = "http://localhost:${toString port}";
-      proxyWebsockets = true;
-    };
-  };
-
-  users.users.focalboard = {
-    isSystemUser = true;
-    group = "focalboard";
-    uid = 981;
-  };
-
-  users.groups.focalboard = { gid = 978; };
-}