From 7131ba86917a882ddb4b450b5c8ecbf336c99391 Mon Sep 17 00:00:00 2001
From: Jonas Gaffke <jonas@jonasga.io>
Date: Tue, 6 Sep 2022 17:11:05 +0200
Subject: [PATCH] add mediawiki

---
 modules/wiki.nix | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 modules/wiki.nix

diff --git a/modules/wiki.nix b/modules/wiki.nix
new file mode 100644
index 0000000..2cdfa71
--- /dev/null
+++ b/modules/wiki.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, lib, ... }:
+{
+    sops.secrets.postgres_mediawiki.owner = config.systemd.services.mediawiki.serviceConfig.User;
+    services = {
+        mediawiki = {
+            enable = true;
+            name = "FSR Wiki";
+            database = {
+                user = "mediawiki";
+                type = "postgres";
+                socket = "/var/run/postgresql";
+                port = 5432;
+                name = "mediawiki";
+                host = "localhost";
+                passwordFile = config.sops.secrets.postgres_mediawiki.path;
+                createLocally = true;
+            };
+            virtualHost = {
+                hostName = "wiki.quitte.tassilo-tanneberger.de";
+                adminAddr = "root@ifsr.de";
+                forceSSL = true;
+                enableACME = true;
+            };
+        };
+        postgres = {
+            enable = true;
+        };
+    };
+    systemd.services.mediawiki-pgsetup = {
+        description = "Prepare Mediawiki postgres database";
+        wantedBy = [ "multi-user.target" ];
+        after = [ "networking.target" "postgresql.service" ];
+        serviceConfig.Type = "oneshot";
+
+        path = [ pkgs.sudo config.services.postgresql.package ];
+        script = ''
+        sudo -u ${config.services.postgresql.superUser} psql -c "ALTER ROLE mediawiki WITH PASSWORD '$(cat ${config.sops.secrets.postgres_mediawiki.path})'"
+        '';
+    };
+}
\ No newline at end of file