diff --git a/README.md b/README.md index 4237ecc..89f0adf 100644 --- a/README.md +++ b/README.md @@ -8,10 +8,6 @@ NixOS configuration for the [chaos.jetzt] project. They are very much work in pr - Both need to be packaged for Nix - [Dokuwiki](https://www.dokuwiki.org/dokuwiki) - Migrate away from SSO -- [freescout-helpdesk](https://github.com/freescout-helpdesk) - - @e1mo is already working on a nix package + NixOS module for their private nixfiles - - Migrate away from SSO - - Data migration - [Matrix synapse](https://github.com/matrix-org/synapse) + [element-web](https://github.com/vector-im/element-web) - Data migration (synapse) - Migrate away from SSO (synapse) diff --git a/flake.lock b/flake.lock index 0bfe2ad..247b4aa 100644 --- a/flake.lock +++ b/flake.lock @@ -17,6 +17,43 @@ "type": "indirect" } }, + "flake-utils_2": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "freescout-nix": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1673517701, + "narHash": "sha256-m6JDhvbljk+8dSqjJSQaovM9ibHhbPZv6d8I7PrlibI=", + "ref": "main", + "rev": "a6ef9643d794085afaa2b574bf7373090026d917", + "revCount": 8, + "type": "git", + "url": "https://cyberchaos.dev/e1mo/freescout-nix-flake" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://cyberchaos.dev/e1mo/freescout-nix-flake" + } + }, "nixpkgs": { "locked": { "lastModified": 1681217261, @@ -52,6 +89,7 @@ "root": { "inputs": { "flake-utils": "flake-utils", + "freescout-nix": "freescout-nix", "nixpkgs": "nixpkgs", "sops-nix": "sops-nix" } diff --git a/flake.nix b/flake.nix index 87fa0c2..8f68dfa 100644 --- a/flake.nix +++ b/flake.nix @@ -5,19 +5,28 @@ url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; + freescout-nix = { + url = "git+https://cyberchaos.dev/e1mo/freescout-nix-flake?ref=main"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = inputs@{ self, nixpkgs, sops-nix, flake-utils }: let + outputs = inputs@{ self, nixpkgs, sops-nix, flake-utils, freescout-nix }: let overlay = import ./packages; + allOverlays = [ + overlay + freescout-nix.overlays.default + ]; pkgs = import nixpkgs { system = "x86_64-linux"; - overlays = [ overlay ]; + overlays = allOverlays; }; defaultModules = [ sops-nix.nixosModules.sops + freescout-nix.nixosModules.freescout ./common/default.nix { - nixpkgs.overlays = [ overlay ]; + nixpkgs.overlays = allOverlays; _module.args = { inherit inputs; outputs = self; diff --git a/hosts/goldberg/configuration.nix b/hosts/goldberg/configuration.nix index f5771d4..c91e495 100644 --- a/hosts/goldberg/configuration.nix +++ b/hosts/goldberg/configuration.nix @@ -7,6 +7,7 @@ ../../services/website.nix ../../services/vaultwarden.nix ../../services/dokuwiki.nix + ../../services/freescout.nix ]; system.stateVersion = "23.05"; diff --git a/hosts/shirley/configuration.nix b/hosts/shirley/configuration.nix index f9af652..941355d 100644 --- a/hosts/shirley/configuration.nix +++ b/hosts/shirley/configuration.nix @@ -7,6 +7,7 @@ ../../services/website.nix ../../services/vaultwarden.nix ../../services/dokuwiki.nix + ../../services/freescout.nix ]; system.stateVersion = "23.05"; diff --git a/secrets/all/secrets.yaml b/secrets/all/secrets.yaml index 93c4b28..8c12b01 100644 --- a/secrets/all/secrets.yaml +++ b/secrets/all/secrets.yaml @@ -6,6 +6,8 @@ smtp: host: ENC[AES256_GCM,data:psXf+lg9433jS1GxH6HQQQ==,iv:wyq/VgWLNs4RbzxNHf4Ave8ZDhQeNPpYXJIdjLLMlr4=,tag:pQ4Wmf+PzSBsHO3eigx91Q==,type:str] alertmanager: env: ENC[AES256_GCM,data:eYytFrXgsm4NCyS5F3oVNKsXwf5RL+zEFomMszP4fzb0HkLBk659uWZmqi7kIe8ptyUqqr6oAIV31alFo2TwpWuImvh4gbmaD0sfzesBmqhXyeA3cgi3EMGfMxsdLgUpHKGuJhgrRGLY9jDRI6VIwuLng1YmRw==,iv:YQYwC+Xef9I5IdUsBlTg3g7yRxWJe5Pi1LCur9g9/8w=,tag:U/A2lYu79urWjBFraQh16w==,type:str] +freescout: + app_key: ENC[AES256_GCM,data:oumTXL1Iboi5ifO1S21sAOt9tMlM68CGggc9BimOf1N+TfwP24/762u9TeuTS4XbL4l7,iv:Z0ur/U5UbsUW7H6SASzWGOYizhWuY8GlRffa0QVEfRw=,tag:/0kvNryyeGGIwqSWWcdwxg==,type:str] sops: kms: [] gcp_kms: [] @@ -30,8 +32,8 @@ sops: UXludFJ5UDEvN2pHMEQweWIvN0NYaFEKB7lVKrsB3eX77iKWwFAXp7LVl+fPcGOl 8CkIBa/rkSWMe0xIetew60wIwx2ZVAv5TTDmKIZyQSTayOpbG3zcdg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-12-30T22:26:42Z" - mac: ENC[AES256_GCM,data:KcJVntK3kAMH64ZHYoJmDCA7BroYJZhmMvtgbnjI44h5cwT9TyDOso2HO/x2z5XzTfPQfbW3tfhT1UmbaBHxBTkV7gJGU9fJ1xOrCRDoHuI9RTwGnCHKwQPLIWj56NMiC2CMf00pFpUlAPyDP/VHwRsc/laUPne2Da1MKZp/NOk=,iv:iHONd6xTjfVZNFELQVafAiljWYavu1DOZrS+d7pd8Zw=,tag:1Zh32h2OEtqKPoXy+8pypw==,type:str] + lastmodified: "2023-01-06T15:51:57Z" + mac: ENC[AES256_GCM,data:PPS3MV1tZJMtb1ITMhXTnseIBonpanjISFiUAV46LesJLDH7ag8UM8Vwgdrl5WOI3SIZcTiwvYGjRctLx69kWnbEJPFzg22EZSzvQJAIzdxHe1aac6th++5z2hPCFUp04/CYrB5zqIirku/pw7gLGzOlwVCvUJEvLf0V0mjn93A=,iv:v4RHMFHY/sADWv324thv8ZVTX41I3faRtXIyaB7QVWo=,tag:VXduStNDEPkFGPa9RyKSrw==,type:str] pgp: - created_at: "2022-12-23T19:08:38Z" enc: | diff --git a/services/freescout.nix b/services/freescout.nix new file mode 100644 index 0000000..4d7ed68 --- /dev/null +++ b/services/freescout.nix @@ -0,0 +1,27 @@ +{ pkgs, config, baseDomain, ... }: + +{ + sops.secrets."freescout/app_key" = { + owner = "freescout"; + format = "yaml"; + sopsFile = ../secrets/all/secrets.yaml; + }; + + services.freescout = { + enable = true; + domain = "support.${baseDomain}"; + + phpPackage = pkgs.php80; + + settings = { + APP_KEY._secret = config.sops.secrets."freescout/app_key".path; + APP_ENV = "local"; + APP_DEBUG = true; + }; + databaseSetup.enable = true; + nginx = { + forceSSL = true; + enableACME = true; + }; + }; +}