feat: remove focalboard

2024-03-07 20:52:06 +01:00 · 2024-03-07 20:52:06 +01:00 · 61e76fb451
parent 5da5d66d6a
commit 61e76fb451
4 changed files with 0 additions and 104 deletions
--- a/hosts/home-server.nix
+++ b/hosts/home-server.nix
@ -35,7 +35,6 @@ in {
    ../services/nextcloud.nix
    ../services/collabora-office.nix
    ../services/calibre-web.nix
-    ../services/focalboard.nix
  ];

  age.secrets.cloudflare.file = ../secrets/cloudflare.age;
--- a/secrets/focalboard/.env.age
+++ b/secrets/focalboard/.env.age
--- a/secrets/focalboard/db-password.age
+++ b/secrets/focalboard/db-password.age
@ -1,9 +0,0 @@
-age-encryption.org/v1
-> ssh-ed25519 OAZQhA dxA+WbNEn/S09SFxcocGPj2b1NhorC1/qmjpq5rtxh0
-qSMHnpKjYm/wFX2aspH8ciuZrDrY80GoUbb1+xnHwXg
-> ssh-ed25519 72ij7w tW82g/+efG37VE2f5QW0k/oy0pWzUg5ZXBG/8OaRSW8
-PCNKgRF41kD+LpzeHq+QONwiSw7pvfMhqa+3iljRw98
-> TM0[wD[-grease ] )A`15 < D
-hHJtcXJ+
--- L78Bv0VeBpdNUDkDnp5Dm3RZlU1ywVo/IhXwL1d9Ol0
-©ÛJúÄ¬HZºP¸U_äi<C3A4>Å0,í‰^41ÝÄh™D’"ÿò öpÿð_˜µ0¬+ÅcëÍ|/Ð-CçÎÇÉÀÂjJ8U¹
--- a/services/focalboard.nix
+++ b/services/focalboard.nix
@ -1,94 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-  dataDir = "/var/lib/focalboard";
-  ociBackend = config.virtualisation.oci-containers.backend;
-  port = 8003;
-  domain = "boards.felschr.com";
-  dbUser = "focalboard";
-  dbName = "focalboard";
-  dbPasswordFile = config.age.secrets.focalboard-db-password.path;
-
-  inherit (config.users.users.focalboard) uid;
-  inherit (config.users.groups.focalboard) gid;
-
-  pgSuperUser = config.services.postgresql.superUser;
-in {
-  age.secrets.focalboard-env.file = ../secrets/focalboard/.env.age;
-  age.secrets.focalboard-db-password.file =
-    ../secrets/focalboard/db-password.age;
-
-  services.postgresql = {
-    enable = true;
-    enableTCPIP = true;
-    ensureDatabases = [ dbName ];
-    ensureUsers = [{
-      name = dbUser;
-      ensurePermissions."DATABASE ${dbName}" = "ALL PRIVILEGES";
-    }];
-  };
-
-  systemd.services.focalboard-init = {
-    enable = true;
-    description = "Set up paths & database access for Focalboard";
-    requires = [ "postgresql.service" ];
-    after = [ "postgresql.service" ];
-    before = [ "${ociBackend}-focalboard.service" ];
-    wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
-      Type = "oneshot";
-      LoadCredential = [ "db_password:${dbPasswordFile}" ];
-    };
-    script = ''
-      mkdir -p ${dataDir}
-      echo "Set focalboard postgres user password"
-      db_password="$(<"$CREDENTIALS_DIRECTORY/db_password")"
-      ${pkgs.sudo}/bin/sudo -u ${pgSuperUser} ${pkgs.postgresql}/bin/psql postgres \
-        -c "alter user ${dbUser} with password '$db_password'"
-    '';
-  };
-
-  virtualisation.oci-containers.containers.focalboard = {
-    image = "docker.io/mattermost/focalboard";
-    ports = [ "${toString port}:${toString port}" ];
-    volumes = [ "${dataDir}:/var/lib/focalboard" ];
-    environment = {
-      FOCALBOARD_PORT = toString port;
-      FOCALBOARD_DBTYPE = "postgres";
-    };
-    # only secrets need to be included, e.g. FOCALBOARD_DBCONFIG
-    environmentFiles = [ config.age.secrets.focalboard-env.path ];
-    extraOptions = [
-      "--runtime-flag=directfs=false"
-      "--runtime-flag=network=host"
-      "--uidmap=0:65534:1"
-      "--gidmap=0:65534:1"
-      "--uidmap=65534:${toString uid}:1"
-      "--gidmap=65534:${toString gid}:1"
-      "--network=host"
-      "--label=io.containers.autoupdate=registry"
-    ];
-  };
-
-  systemd.services."${ociBackend}-focalboard" = {
-    requires = [ "postgresql.service" ];
-    after = [ "postgresql.service" ];
-  };
-
-  services.nginx.virtualHosts.${domain} = {
-    enableACME = true;
-    forceSSL = true;
-    locations."/" = {
-      proxyPass = "http://localhost:${toString port}";
-      proxyWebsockets = true;
-    };
-  };
-
-  users.users.focalboard = {
-    isSystemUser = true;
-    group = "focalboard";
-    uid = 981;
-  };
-
-  users.groups.focalboard = { gid = 978; };
-}