]> Git — Sourcephile - sourcephile-nix.git/blob - install/logical/friot/discourse.nix
rspamd: brittle install
[sourcephile-nix.git] / install / logical / friot / discourse.nix
1 {config, lib, pkgs, ...}:
2 {
3 options = {
4 services.discourse = {
5 hostname = lib.mkOption {
6 type = lib.types.str;
7 };
8
9 config = lib.mkOption {
10 type = lib.types.str;
11 default =
12 ''
13 ## this is the all-in-one, standalone Discourse Docker container template
14 ##
15 ## After making changes to this file, you MUST rebuild
16 ## /var/discourse/launcher rebuild app
17 ##
18 ## BE *VERY* CAREFUL WHEN EDITING!
19 ## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
20 ## visit http://www.yamllint.com/ to validate this file as needed
21
22 templates:
23 - "templates/postgres.template.yml"
24 - "templates/redis.template.yml"
25 - "templates/web.template.yml"
26 - "templates/web.ratelimited.template.yml"
27 ## Uncomment these two lines if you wish to add Lets Encrypt (https)
28 #- "templates/web.ssl.template.yml"
29 #- "templates/web.letsencrypt.ssl.template.yml"
30
31 ## which TCP/IP ports should this container expose?
32 ## If you want Discourse to share a port with another webserver like Apache or nginx,
33 ## see https://meta.discourse.org/t/17247 for details
34 expose:
35 - "80:80" # http
36 - "443:443" # https
37
38 params:
39 db_default_text_search_config: "pg_catalog.english"
40
41 ## Set db_shared_buffers to a max of 25% of the total memory.
42 ## will be set automatically by bootstrap based on detected RAM, or you can override
43 db_shared_buffers: "256MB"
44
45 ## can improve sorting performance, but adds memory usage per-connection
46 #db_work_mem: "40MB"
47
48 ## Which Git revision should this container use? (default: tests-passed)
49 #version: tests-passed
50
51 env:
52 LANG: en_US.UTF-8
53 # DISCOURSE_DEFAULT_LOCALE: en
54
55 ## How many concurrent web requests are supported? Depends on memory and CPU cores.
56 ## will be set automatically by bootstrap based on detected CPUs, or you can override
57 UNICORN_WORKERS: 2
58
59 ## TODO: The domain name this Discourse instance will respond to
60 DISCOURSE_HOSTNAME: ${config.networking.domain}
61
62 ## Uncomment if you want the container to be started with the same
63 ## hostname (-h option) as specified above (default "$hostname-$config")
64 #DOCKER_USE_HOSTNAME: true
65
66 ## TODO: List of comma delimited emails that will be made admin and developer
67 ## on initial signup example 'user1@example.com,user2@example.com'
68 DISCOURSE_DEVELOPER_EMAILS: 'julm@autogeree.net'
69
70 ## TODO: The SMTP mail server used to validate new accounts and send notifications
71 DISCOURSE_SMTP_ADDRESS: smtp.${config.networking.domain}
72 DISCOURSE_SMTP_PORT: 2525
73 DISCOURSE_SMTP_USER_NAME: discourse@${config.networking.domain}
74 DISCOURSE_SMTP_PASSWORD: password
75 #DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true)
76
77 ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
78 #LETSENCRYPT_ACCOUNT_EMAIL: me@example.com
79
80 ## The CDN address for this Discourse instance (configured to pull)
81 ## see https://meta.discourse.org/t/14857 for details
82 #DISCOURSE_CDN_URL: //discourse-cdn.example.com
83
84 ## The Docker container is stateless; all data is stored in /shared
85 volumes:
86 - volume:
87 host: /var/discourse/shared/standalone
88 guest: /shared
89 - volume:
90 host: /var/discourse/shared/standalone/log/var-log
91 guest: /var/log
92
93 ## Plugins go here
94 ## see https://meta.discourse.org/t/19157 for details
95 hooks:
96 after_code:
97 - exec:
98 cd: $home/plugins
99 cmd:
100 - git clone https://github.com/discourse/docker_manager.git
101 - git clone https://github.com/teozkr/discourse-plugin-discord-auth.git
102
103 ## Any custom commands to run after building
104 run:
105 - exec: echo "Beginning of custom commands"
106 ## If you want to set the 'From' email address for your first registration, uncomment and change:
107 ## After getting the first signup email, re-comment the line. It only needs to run once.
108 - exec: rails r "SiteSetting.notification_email='noreply@${config.networking.domain}'"
109 - replace:
110 filename: "/etc/nginx/conf.d/discourse.conf"
111 from: /listen 80;/
112 to: |
113 listen 80;
114 set_real_ip_from 0.0.0.0/0;
115 - exec: echo "End of custom commands"
116 '';
117 };
118 };
119 };
120
121 config = {
122 virtualisation.docker.enable = true;
123 #networking.firewall.enable = false;
124 environment.systemPackages = [ pkgs.git ];
125 systemd.services.discourse-setup = {
126 wants = [ "docker.service" ];
127 after = [ "network.target" "docker.service" ];
128 wantedBy = [ "multi-user.target" ];
129 path = [ pkgs.git pkgs.bash pkgs.nettools pkgs.which pkgs.gawk pkgs.docker ];
130 script =
131 ''
132 if [[ ! -e /var/discourse ]]; then
133 git clone --depth 1 https://github.com/discourse/discourse_docker.git /var/discourse
134 fi
135 cp ${pkgs.writeText "discourse-app.yml" config.services.discourse.config} \
136 /var/discourse/containers/app.yml
137 cd /var/discourse
138 git pull --depth 1
139 bash ./launcher rebuild app
140 '';
141 serviceConfig = {
142 Type = "simple";
143 RemainAfterExit = "yes";
144 };
145 };
146 };
147 }