From d25c9bd74bf77ddeb48aa7a635de1541b853a55d Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sat, 16 Oct 2021 19:35:22 +0200
Subject: [PATCH] VEGAS: add Discourse forum

---
 hosts/VEGAS/services/forum/default.nix |  40 +++++++++++++++++++++++++
 hosts/VEGAS/system.nix                 |   3 ++
 secrets/discourse-adminpass.age        | Bin 0 -> 542 bytes
 secrets/discourse-dbpass.age           |  11 +++++++
 secrets/secrets.nix                    |   2 ++
 5 files changed, 56 insertions(+)
 create mode 100644 hosts/VEGAS/services/forum/default.nix
 create mode 100644 secrets/discourse-adminpass.age
 create mode 100644 secrets/discourse-dbpass.age

diff --git a/hosts/VEGAS/services/forum/default.nix b/hosts/VEGAS/services/forum/default.nix
new file mode 100644
index 0000000..cc51497
--- /dev/null
+++ b/hosts/VEGAS/services/forum/default.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, tools, ... }:
+{
+  age.secrets = {
+    discourse-adminpass = {
+      file = ../../../../secrets/discourse-adminpass.age;
+      owner = "discourse";
+      group = "discourse";
+      mode = "0400";
+    };
+    discourse-dbpass = {
+      file = ../../../../secrets/discourse-dbpass.age;
+      owner = "discourse";
+      group = "discourse";
+      mode = "0400";
+    };
+  };
+  services.discourse = {
+    enable = true;
+    nginx.enable = true;
+    hostname = "forum.${tools.meta.domain}";
+
+    plugins = with pkgs.discourse.plugins; [
+      discourse-ldap-auth
+    ];
+
+    admin = {
+      email = tools.meta.adminEmail;
+      fullName = "Site Administrator";
+      username = "admin";
+      passwordFile = config.age.secrets.discourse-adminpass.path;
+    };
+
+    database = {
+      host = "127.0.0.1";
+      name = "forum";
+      username = "forum";
+      passwordFile = config.age.secrets.discourse-dbpass.path;
+    };
+  };
+}
diff --git a/hosts/VEGAS/system.nix b/hosts/VEGAS/system.nix
index f0ee47c..14b61c4 100644
--- a/hosts/VEGAS/system.nix
+++ b/hosts/VEGAS/system.nix
@@ -18,6 +18,9 @@
       ./services/bitwarden
       ./services/dns
       ./services/fbi
+      ./services/bitwarden
+      # TODO: fix this one
+      ./services/forum
     ]
     # TODO: fix users
     # ++ (import ../../users "server").groups.admin
diff --git a/secrets/discourse-adminpass.age b/secrets/discourse-adminpass.age
new file mode 100644
index 0000000000000000000000000000000000000000..6f5853784faa4d793d36eaba301ec4d97f0124bc
GIT binary patch
literal 542
zcmZ9_J&%)M003ZPVob;lH<?^q@HEkcPzv;g_Hr?SLgA$cZGlpb7!6--DFs@fA8<~_
z!C9Tv(KtA{IXF69;_Tw)A24ye7}tCLz~jzBJWTz(T9r|jHnMz1Y)J%vj26Wl4+9DS
zvV&>^z)&1IA`-yq_Gki^J%v+22Fu?3eCyGSH;$){ltqD~HF+o)F%q#@my>-ul#;2{
z(|2$^fj|r}moUz~;mS$**ur4O*Io7c28h~h?$BDI4W27io_2K6Z@2xWJPqixL>?Jy
zi>SPbSUOFbbo$E-A?kjznq$tYv`QuxW6QFK{0{RLgY#Tgie0sk?R>xLsg-zr3+Rco
z;n3YAB1c=LJCG=#v<1gBO=_`cm6@$-OWB-Ff!6WnWW2UjBxRu-DW%|OQ$d%aO~v~W
zGsM`8OSZ&<n#%(!H@#{c3jY7i1^6rv-6BNwXC3tUlN6<r3oy>vWAsFrw)jUwfWWcK
z@fvovkL?!GBRi>Q)R?DXAt!B}I!16DN3BA2`?Qz}f)1I|WVxkLZlKw6J0V54XUe8<
z{GpNa0Vt4Pf4=g}%g<Lu^xji?-!9+2`}q399)gGK7ng^3Ux9<;qxA3s{r>5o8Z^Ef
d{k_BA|GB#de_ScI8#iv<{M~=^;OXhf_#ZgZuhIYj

literal 0
HcmV?d00001

diff --git a/secrets/discourse-dbpass.age b/secrets/discourse-dbpass.age
new file mode 100644
index 0000000..79e79bc
--- /dev/null
+++ b/secrets/discourse-dbpass.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 NO562A LVOiO6inEu8YgF8XpQJLdzDZucyXAJKKhxjuESzLxkI
+5mebe46wDnPo/UMLT+BuHaWfp3HqVnupUVIcrmzMNaA
+-> ssh-ed25519 5/zT0w vLu5e4HVp2e/+TspW2fpJ7wyxCs6RQecSYSmw3wtgWs
+hcpegcBG49EEpy1QkXas8UUEewMenkdq2GGO7dYZPMI
+-> ssh-ed25519 d3WGuA UIdaI0MtMEDdYCuEfdIXyOYxUcsonpn+ALgjzdPbIhA
+17bJ/fOe8tjnrwpugeao0H8IY11yQSPGpLUTgHdfnZM
+-> W/-grease v|B#s- h -
+f1XUdGctidk+XumqgfMjZWoHKA
+--- 7VyP3m2uXCyxIXXchR5z2ubkqLmuX9sUmzD8wcsoofU
+Q{E…h“_àmD…¾³ð…yî"Ξ¦°#ú¸›0ž7ÈøŒÄ"û†˜
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 14cfb9f..7cc495b 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -4,6 +4,8 @@ let
   systemKeys = x: x.ssh.id.publicKey or null;
 in with hosts;
 {
+  "discourse-adminpass.age".publicKeys = max ++ map systemKeys [ VEGAS ];
+  "discourse-dbpass.age".publicKeys = max ++ map systemKeys [ VEGAS ];
   "hydra-s3.age".publicKeys = max ++ map systemKeys [ styx ];
   "hydra-db-credentials.age".publicKeys = max ++ map systemKeys [ styx ];
   "gitea-db-credentials.age".publicKeys = max ++ map systemKeys [ git ];