Add course-management module

This commit is contained in:
Lyn Fugmann 2023-06-08 13:34:45 +02:00
parent 6e4e213b0f
commit 8d84f387f5
Signed by: fugi
GPG key ID: 4472A20091BFA792
5 changed files with 179 additions and 6 deletions

View file

@ -1,5 +1,63 @@
{
"nodes": {
"course-management": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
],
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1689111665,
"narHash": "sha256-JJgel8I08Py6zbmAviM4nEDcyJjcO+8TfbAXWp41IHA=",
"owner": "fsr",
"repo": "course-management",
"rev": "437205045f3836282ab948c6ab93d720fb3ce4d9",
"type": "github"
},
"original": {
"owner": "fsr",
"repo": "course-management",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1687709756,
"narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1687709756,
"narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"kpp": {
"inputs": {
"nixpkgs": [
@ -52,8 +110,31 @@
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"course-management",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688440303,
"narHash": "sha256-hFfOyityHdVFI0HNM+sqZfpi9Fbvjvy0N9O7FjuqPWY=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "04714155bae013fb9b207e54d1faf9f0c3d08706",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"root": {
"inputs": {
"course-management": "course-management",
"kpp": "kpp",
"nixpkgs": "nixpkgs",
"sops-nix": "sops-nix"
@ -79,6 +160,36 @@
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

View file

@ -6,8 +6,12 @@
kpp.url = "github:fsr/kpp";
kpp.inputs.nixpkgs.follows = "nixpkgs";
# fsr-infoscreen.url = github:fsr/infoscreen; # some anonymous strukturer accidentally removed the flake.nix
course-management = {
url = "github:fsr/course-management";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, sops-nix, kpp, ... }@inputs:
outputs = { self, nixpkgs, sops-nix, kpp, course-management, ... }@inputs:
{
packages."x86_64-linux".quitte = self.nixosConfigurations.quitte-vm.config.system.build.vm;
packages."x86_64-linux".default = self.packages."x86_64-linux".quitte;
@ -19,6 +23,7 @@
modules = [
inputs.sops-nix.nixosModules.sops
inputs.kpp.nixosModules.default
course-management.nixosModules.default
./hosts/quitte/configuration.nix
./modules/options.nix
./modules/base.nix
@ -38,6 +43,7 @@
./modules/matrix.nix
./modules/mautrix-telegram.nix
./modules/sogo.nix
./modules/course-management.nix
{
fsr.enable_office_bloat = false;
fsr.domain = "staging.ifsr.de";

View file

@ -0,0 +1,50 @@
{ config, lib, pkgs, ... }:
let
hostName = "kurse.${config.fsr.domain}";
in
{
sops.secrets =
let inherit (config.services.course-management) user;
in {
"course-management/secret-key".owner = user;
"course-management/adminpass".owner = user;
};
services.course-management = {
inherit hostName;
enable = true;
settings = {
secretKeyFile = config.sops.secrets."course-management/secret-key".path;
adminPassFile = config.sops.secrets."course-management/adminpass".path;
admins = [{
name = "Root iFSR";
email = "root@${config.fsr.domain}";
}];
database = {
ENGINE = "django.db.backends.postgresql";
NAME = "course-management";
};
email = lib.mkDefault {
fromEmail = "noreply@${config.fsr.domain}";
serverEmail = "root@${config.fsr.domain}";
};
};
};
services.postgresql = {
enable = true;
ensureUsers = [{
name = "course-management";
ensurePermissions = {
"DATABASE \"course-management\"" = "ALL PRIVILEGES";
};
}];
ensureDatabases = [ "course-management" ];
};
services.nginx.virtualHosts.${hostName} = {
enableACME = true;
forceSSL = true;
};
}

View file

@ -17,6 +17,9 @@ mediawiki:
ldapprovider: ENC[AES256_GCM,data:CPsrWmUviUpFIVVN/2a1lRjJCoZCWR9zrHm3T5Tv/YuXSYXStZGfBgXN96zhJUUpZcwiJq95o1sajyit+6itZCcGAPu0BTHSnNXRu1fgifonXE0ghw6rvzwkYpfBS+rfmBcG2wxX+7uZG3ulANYpvvGMxpKgM5IzQjE1sAytRDir6QeMGcFHP2gV4xQAdTNUZK2V+EKOlrcV5vTSzDSy3eXg18TVUgZqdxaQFfwnr2UN0eEEZ4Dn83G3QWsROZ0A7R3tuEmdAzmR8AdWBxfqCcOA8vZaOIOWb1AyobLCUaqQOj/SbGdgehMOQn1UcbRHpYQ2E9mvxD572uc/U5kzy/TbOLM34pkvckNrGfxwvqwbvXZrVP3gONY5CnJpk5XfVdT5Au/uwE5ZRs83ZEx31+85mpK3HecyBWRfWID0z2XS8PAU6G7ASQsXCh6sd5LFhL7zhxBQ4ENjT8pDi0OLYvw9VzPhPrdzooULeMytGitVWRtLsSzCn/D+U4x6EJLivLW6jv9SAIKg54fAjNEBYHh7GuHbr/VGtmiWKj6av2e3/BLgPOIyINzNv+X5QSsopZ2/yamPs+ARTOqAZvSyRgqereYoLZ5ZV15jIWiGc7HVfj/+Bk7cN4+VwFhzSuttp1DmvNNIWueeX69rdSqe41Y2lqKZ4ajOSIJ+YLP/dR0wvrVbd7QSP2OVRAnMugmeekbIuyIKPNsNJ183Z4y1m/ihIdRAzLnjSYuYCdWw3LXl5gM0ZTtGb7K+cIYcyJrS3fcaErDmqyI/LJoXNTo5CJI=,iv:ycKt8/awCo3HoO6Oa8H77GH9+m+xgR4kiXb7Cbf0wSY=,tag:b6pBoZs+E4CP+V9oZXrcoQ==,type:str]
postfix_ldap_aliases: ENC[AES256_GCM,data:kpffdciWI08Of2fm2B1lZ4rOYIhWtoBTnpU1N0iwiStA81Yl/NMDgHDCVv79XY6SuFTCBd6npKNz/0ibBy1WDSrDQymV5MIUmWVPwLcBSNMjD0d69PJYdUDVLmyhNkjB2hEL9JaH1PiO4iBM5y9yZx1LT+zlauAZEJPFgO/MvjkMknHZPKnRpBtT8wKTWTYUtBvzQtlACLKdIF0t37Q2DZAMtWrAgsrH811zUbsxJbYDInvNDPDHZHS+ZfF0Q1vXDLWUm+zZij6KRAJdOuEU9dyzhU/t93+LO9zKADwyF1Xk+2Uh,iv:cEui6fcDDINpUUcLZxGwPBMP1PjQVNMdScgaWdnIJ80=,tag:/7/mZckPJ7YLuJMp/BqbOQ==,type:str]
mautrix-telegram_env: ENC[AES256_GCM,data:2p5vYV+/vEDrrZItTcT1vxddv2tM7dLGBUmG+OXHccTzJ2UhyYpDGgUMr5KgObxvyssYBZTsvbV7QFN3sjcU/jVPx1qEUn6zyKO0HBQjrviVU3urx5zNOnCEHwDKyDrZ1Hu/CE6lpGNrtGlpewgOs/+84JZIZhC9qSuzDhN38sr4OGfMr29fMzafYC+TGHoZyA64GI9xz0KvXhwg6ci1hLtVWYEOFW2Nf8uLY8qkNLuDzA6bYx8rn3CEXoxiv0n4,iv:jmcWTyVkqu9nDc1ws2NxkMKrHPZ13i3jqDkk4Y0kejw=,tag:BjhmPc4lSbsZBmZ/q2CqGg==,type:str]
course-management:
secret-key: ENC[AES256_GCM,data:3WwhgZ+ElLOdEgdy/EoOL1vqkcXfnOnUZMKUsD9rd7I=,iv:eMo7HeOkSPGpCbLMi/6XoD4MXd27OageRsz70lyXNf0=,tag:u3H9BSv+7lasnBl29l8o3Q==,type:str]
adminpass: ENC[AES256_GCM,data:WUDsz3S88y590oStJinwukT8hJ+0dJ9/To1pDUWEN6o=,iv:5VSZohH2l/RNTNaWqMd9Y0JlSs7Cg1TRbeTR+OKhedA=,tag:LagNEUEKhNXIRKNwjmizbQ==,type:str]
sops:
kms: []
gcp_kms: []
@ -32,8 +35,8 @@ sops:
NEJBTHE2end1RDlHRTNFYlZjTjhib2cKmQRHpBKZ2DbQ5CfOwcSPfZAm9fnnpxUk
+LcR8haK//O3N2uNf9etDW3VsT5ipPucCdFU1m/v9L5tcN6ZP8WP+w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-07T08:54:55Z"
mac: ENC[AES256_GCM,data:JlITbCiRVYkS9wWLxAOX3ZUtgtmBFiS4JeNt+3/prTScPVC3cqhZPx6UWfPh8hzS1NZGSJEy9J2roWm1DEZnj73cRmjwROAx/RiiGXJIkfxgUik4HFleIpKuOJ31Jkvl7m+YaEcgNail+KakKSy7H3Jf21Qu08fLGrN3kwt+JUA=,iv:GtuJrjnId9aU5f9o5hGYMNBN5FRB1OSLWCp9zFimhzA=,tag:RTL70JdR4C0UhXnMH01LPQ==,type:str]
lastmodified: "2023-07-11T22:22:39Z"
mac: ENC[AES256_GCM,data:5H6TIgrD0hTICCzo+nOlwbF1wjtFNiLYcW3QBkzQpFPgz3VwHV436kHnu6ns3IJIzpMdxEHDFxN6xKaYBtwiAdHwZLrP05H3443/jr6+z0EseQ0IG2Jq6bbhro1z1W+/165xKV6AYMxulQ1d4CyMD1/u1hqoVtd5KXUNJdJwSDw=,iv:OlFokFfHGMBy2aTB73kPf2TohuOkCT6mdBelvLaEOCQ=,tag:JUyj7wjBY3HUw9Nug/Iqgg==,type:str]
pgp:
- created_at: "2023-04-23T17:48:54Z"
enc: |

View file

@ -16,7 +16,10 @@ mediawiki:
initial_admin: ENC[AES256_GCM,data:YRd3O5774NTmshxbQPbFjg==,iv:/Ra3WbZKcnUMf99ujN9qd/+DkOkFKv4cIEfUdmxpqMw=,tag:gj7ZbwIB1HLuPpGTgiz7Vg==,type:str]
ldapprovider: ENC[AES256_GCM,data:dVrCFVgm4BDtUhcj9rSKXwnaIKsC5GGsDUoPJH1q5F4inskuSbFigcLM/UJFNOcr5R1dL+mYUOvnmIcoWA5AsuFKs3NzSYJVtVAm0x7vYSkHnfXu93V2F8Lc1xX/kZrFfnmNUXwhv2I+hknPUApY7wpmZOdk9NLKv4tbsgVTbfmR/WM6soOurh3b6b4cknfxqSeLZLeOIKL5WL8842t5SethyCfPsCm74JCpwHmflkCyT/lzIP1Kghab+xGWWyN9OAENlDZrJE6VAdctR+MKYZnhA7dXKeQPjKii9MZsDYFYTL5YDRysam4r7Jog/fozgWkXNrCUan29efnnBwpLz5hgV1MguIpvU8ccDQLNvgJCOdp6FgH45ZRlCxx29EWzh9iTDGPqmNsctUknFdfUVfIg9ziz/97i/kGcwy5N1oOsoUf7iRj5zLyLP6OlXGNThowF4jlNdI2b+caQGz7H6ZkJfUPWULotBUrjxrZo3pSYRkpJ77xbGUZf35ysxTHpfsmhyyO9HRhhgNkilEHlcsi8u+AC0su+Htg/Io332tSX+W6Gj6R6Q23hQ0gf8on5Y2xx34ysobEh8cMS4+Kj0nwasMHjW70g3qWpKkG1LSOIgXiA7hcusGCo8xPZ1y3gIyRiTxVTPJHh63Ecd0O37P4NWVSKEpsIM5pkngMN5L5K/ymtZ0kjREX2q4qpXf2xJiTTdAkeTMcmDs9HHjOzIIynYouY7P6qdXUpXjyGwqfovmnIv5icQ6sqFA==,iv:sPRnnIEif6W1SPy5SKiUuY681HeLPcR19U4p1mdUGdc=,tag:zeMdtTRk8ULP4GYDQLIU7A==,type:str]
mautrix-telegram_env: ENC[AES256_GCM,data:vqHmM3mRrIYMT4760sglAlBZoOb7siqx3alvQE5rpq8z6FgOqJxHqGaN1quhpAVVe9ugtlvezVh8eSFX+45Y5rtqJ7iylxmC+y8JGsyLIflf674Si7h07bedCcT0wBg1ioI/JILDwICiAf0=,iv:BAPKiVt2l3E7z1Wk9ky6WFYr6hn62d+X5r0NMdUYwJQ=,tag:CRddpVMHQLwhwUF1hn0JKA==,type:str]
postfix_ldap_aliases: ENC[AES256_GCM,data:cpMrQE7cQafsB+cBJWhj+XrMKntZvYle19d4JojAoLKXT/D7XauR6IPYhiT+X3g6iQI1HZ6BGbEp9CnhK3KvPdx5R7S6vs0wZYdcRHh0HImI1P/j6ffALlYTVojJ7AazDM/DEf53+qndbU1sqykjAOhXRkBfZnlDLooETuPsRpLL/4ZE1NuntVyKLlG/u10/moUgS/Gsrkk0K7ns5WFJjUcQq8P9gakc9mcJw32DHTiVV0UbZoFqkMI3LD7zFr17klXtKYYWcOcH5ZGmJax1X+PaAzogOf2/JFVNSae2Uvk=,iv:eSE+ADQI9QeN083ECwcekPJIKGEImoJrP7b/JSemDkY=,tag:g9V3ZDXi1x0wNVvGyA/wnQ==,type:str]
postfix_ldap_aliases: ENC[AES256_GCM,data:L77Si6Try9Jf+Bk6cg3kAafk1PcFN2WmfMaXFZ9fOgXVMjHDfRhFcFvOnrutY6K1vg1cChwIT7qW7FAxvfxL+0wkWRi8uZbHkaHpa4OXXWCiLch1aZFDArLm08NZgj6Wxtl3J7bF8KCy4ZP3fKCxWYL+uzBWCJiIgJP4AK+7cg11CqwJrooPDV11ESIdFX5jxpC1YB1k9gu7t1WB1mdbtypPWX1PRB+Y1k+E7YeNA4x6CFNhAlsy7C8eoX7PVYGy8yFmY86E4smo7qk+KEZj/JBL4o96MhwIIgEnpQE0NPtX1/lHCRo/jn4=,iv:l74DznC3qOINA9/qVKpU+67XYVFNBhtLnPfp4YeeDLM=,tag:0j0Xj5lmKKCt2s+3Uj+Y2g==,type:str]
course-management:
secret-key: ENC[AES256_GCM,data:L0VppGYIv39coA==,iv:sR/bQ/z7idP0co1JmGs2S8MJZJaVUvfAYWE0yFuowKM=,tag:7ilRRmnD2gfsv6bYGiw2zA==,type:str]
adminpass: ENC[AES256_GCM,data:uFphxfMJvxo0,iv:6k/XroVJ8v04gJM+Lo5mY/mV41Cf4vjBFVmXCbfzqQ8=,tag:x0MWUb3RWZt5nh717trwkw==,type:str]
sops:
kms: []
gcp_kms: []
@ -32,8 +35,8 @@ sops:
MERVUkh2ck9YWnJ5TXJDVmxpem1kTXMKCeOyjV/se1nRXsi15m/3i48hP7As6SEk
ygtLt+UueHStX/b/OzrXk8IC5dj/mARGIJI5S61IKln6SZFbJGT6cQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-07-04T07:48:57Z"
mac: ENC[AES256_GCM,data:eJH7Ng7qBO8XtKjAn2grHYlgOhivsD20QqFrUXncte8REpcUac7Td3OSogjXdky7DLhk9Pw0HML/fUu3DmtSFpdPkfg+kpprRXIK8QjYCB3OlDVqsnZiDkUitELtonNLddUKPOJW8B6EOiLPFyESJzBKGA0NqY7GVVFe7JSI1P4=,iv:G0ug1InP53pWOcVFTkhEa1l3HLS3w8RDZi3HXSBK9/8=,tag:cDwqTw4z0ideXewB/M0hHg==,type:str]
lastmodified: "2023-07-11T22:22:26Z"
mac: ENC[AES256_GCM,data:IeaIejtLIrrvlOTKJhRs59WCcRfgd+GNATToi9EdzZLz+Fde1sWwOFHCJiq1/telws38bGjN9LmaSy/JucQS8tGMe4Hh5baz/bW0gGP4s1Q96wytwou4fWBHc7mtlDko+F2lygHJ/JAy4ZA8Cev/d7KhPo1EV48x/WI1Mg5rDeI=,iv:GXXcZT0m2qo3tBUknBbJKDLuu+qdllNG8mFfyVX/wmY=,tag:z3Z40dfFI4TfdMQIM78p1g==,type:str]
pgp:
- created_at: "2022-11-18T16:37:58Z"
enc: |