booklore up and running

2026-01-10 01:24:05 -05:00 · 2025-12-16 16:09:35 -05:00 · 2025-12-16 16:09:35 -05:00 · 213cc8c10a
commit 213cc8c10a
parent 6ce540f5aa
4 changed files with 89 additions and 34 deletions
--- a/flake.lock
+++ b/flake.lock
@ -188,11 +188,11 @@
        "nixpkgs": "nixpkgs_3"
      },
      "locked": {
-        "lastModified": 1765897479,
-        "narHash": "sha256-0F5UW4sb3wKd9TwDoEvEGEb+eFov92jOERRpDN7n6bM=",
+        "lastModified": 1765919359,
+        "narHash": "sha256-gUvmyGPzRf7skvhuwl6ose5SwvkdBtzgt7z9uYmGY/c=",
        "ref": "refs/heads/master",
-        "rev": "0b68766f3340049baa1e01418b92905cad8888a1",
-        "revCount": 161,
+        "rev": "0cefdfc056fbfe8d6ab706c89675193fa5b59f77",
+        "revCount": 162,
        "type": "git",
        "url": "ssh://git@github.com/TheWanderingCrow/nix-secrets"
      },
--- a/hosts/nixos/HandlerOne/default.nix
+++ b/hosts/nixos/HandlerOne/default.nix
@ -41,6 +41,7 @@

      # Quadlets
      "modules/quadlets"
+      "modules/quadlets/booklore"

      # Hosted services
      "modules/services/mealie"
--- a/lib/default.nix
+++ b/lib/default.nix
@ -1,8 +1,10 @@
 # FIXME(lib.custom): Add some stuff from hmajid2301/dotfiles/lib/module/default.nix, as simplifies option declaration
-{lib, ...}: {
+{ lib, ... }:
+{
  # use path relative to the root of the project
  relativeToRoot = lib.path.append ../.;
-  scanPaths = path:
+  scanPaths =
+    path:
    builtins.map (f: (path + "/${f}")) (
      builtins.attrNames (
        lib.attrsets.filterAttrs (
@ -15,4 +17,8 @@
        ) (builtins.readDir path)
      )
    );
+  autoport =
+    service-name:
+    (builtins.fromTOML "v=0x${(builtins.substring 0 4 (builtins.hashString "md5" service-name))}").v
+    + 1023;
 }
--- a/modules/quadlets/booklore/default.nix
+++ b/modules/quadlets/booklore/default.nix
@ -1,40 +1,88 @@
-{ config, ... }:
 {
-  services.caddy.virtualHosts."booklore.wanderingcrow.net".extraConfig = ''
-    reverse_proxy http://10.88.0.4:6060
+  lib,
+  config,
+  inputs,
+  ...
+}:
+let
+  port = builtins.toString (lib.custom.autoport "booklore");
+  volumePath = "/overseer/services";
+  sopsFolder = inputs.nix-secrets + "/sops";
+in
+{
+  systemd.tmpfiles.rules = [
+    "d ${volumePath}/booklore"
+    "d ${volumePath}/booklore/books"
+    "d ${volumePath}/booklore/bookdrop"
+    "d ${volumePath}/booklore/data"
+    "d ${volumePath}/booklore/database"
+  ];
+
+  sops.secrets = {
+    "booklore/db/root_pass" = {
+      sopsFile = "${sopsFolder}/services.yaml";
+    };
+    "booklore/db/pass" = {
+      sopsFile = "${sopsFolder}/services.yaml";
+    };
+  };
+
+  sops.templates."booklore-env".content = ''
+    MYSQL_ROOT_PASSWORD = ${config.sops.placeholder."booklore/db/root_pass"}
+    MYSQL_PASSWORD = ${config.sops.placeholder."booklore/db/pass"}
+    DATABASE_PASSWORD = ${config.sops.placeholder."booklore/db/pass"}
  '';
+
+  services.caddy.virtualHosts."booklore.wanderingcrow.net".extraConfig = ''
+    reverse_proxy localhost:${port}
+  '';
+
  virtualisation.quadlet = {
    containers = {
      booklore-web.containerConfig = {
        image = "ghcr.io/booklore-app/booklore:v1.14.1";
-        environments = {
-          USER_ID = "0";
-          GROUP_ID = "0";
-          TZ = "America/New_York";
-          DATABASE_URL = "jdbc:mariadb://booklore-db:3306/booklore";
-          DB_USER = "booklore";
-          DB_PASSWORD = "changeme";
-          BOOKLORE_PORT = "6060";
-        };
-        publishPorts = [
-          ""
-        ];
        pod = config.virtualisation.quadlet.pods.booklore.ref;
+        environments = {
+          DATABASE_URL = "jdbc:mariadb://localhost:3306/booklore";
+          DATABASE_USERNAME = "booklore";
+          BOOKLORE_PORT = "6060";
+          # FIXME: convert to secrets
+          DATABASE_PASSWORD = "changeme";
+        };
+        environmentFiles = [
+          config.sops.templates."booklore-env".path
+        ];
+        volumes = [
+          "${volumePath}/booklore/books:/books"
+          "${volumePath}/booklore/bookdrop:/bookdrop"
+          "${volumePath}/booklore/data:/app/data"
+        ];
      };
      booklore-db.containerConfig = {
-        image = "lscr.io/linuxserver/mariadb:11.4.5";
+        image = "lscr.io/linuxserver/mariadb:11.4.8";
+        pod = config.virtualisation.quadlet.pods.booklore.ref;
        environments = {
-          PUID = "1000";
-          PGID = "1000";
-          TZ = "America/New_York";
-          MYSQL_ROOT_PASSWORD = "changeme";
-          MYSQL_DATABASE = "booklore";
+          TZ = "Etc/UTC";
+          PUID = "0";
+          PGID = "0";
          MYSQL_USER = "booklore";
+          MYSQL_DATABASE = "booklore";
+          # FIXME: convert to secrets
+          MYSQL_ROOT_PASSWORD = "changeme";
          MYSQL_PASSWORD = "changeme";
        };
-        pod = config.virtualisation.quadlet.pods.booklore.ref;
+        environmentFiles = [
+          config.sops.templates."booklore-env".path
+        ];
+        volumes = [
+          "${volumePath}/booklore/database:/config"
+        ];
      };
    };
-    pods.booklore = { };
+    pods.booklore = {
+      podConfig.publishPorts = [
+        "${port}:6060"
+      ];
+    };
  };
 }