hackclub/burrow
1
0
Fork 0
Code Pull requests Releases Packages Activity Actions

Fix tailscale landing and zulip bootstrap
Some checks failed
Build Rust / Cargo Test (push) Successful in 3m55s
Details
Build Site / Next.js Build (push) Failing after 2s
Details
Lint Governance / BEP Metadata (push) Successful in 0s
Details

Browse source
This commit is contained in:
Conrad Kramer 2026-04-19 01:31:45 -07:00
parent 142c2ef778
commit 2af7618f52
3 changed files with 33 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nixos/hosts/burrow-forge/default.nix
View file

@ -237,7 +237,7 @@ in
forgejoClientSecretFile = config.age.secrets.burrowForgejoOidcClientSecret.path;
headscaleClientSecretFile = config.age.secrets.burrowHeadscaleOidcClientSecret.path;
tailscaleClientSecretFile = config.age.secrets.burrowTailscaleOidcClientSecret.path;
defaultExternalApplicationSlug = "ts";
defaultExternalApplicationSlug = "tailscale";
googleClientIDFile = config.age.secrets.burrowAuthentikGoogleClientId.path;
googleClientSecretFile = config.age.secrets.burrowAuthentikGoogleClientSecret.path;
googleAccountMapFile = config.age.secrets.burrowAuthentikGoogleAccountMap.path;

24
nixos/modules/burrow-zulip.nix
View file

@ -404,7 +404,8 @@ EOF
Group = "root";
WorkingDirectory = cfg.dataDir;
RemainAfterExit = true;
ExecStop = "${pkgs.bash}/bin/bash -lc 'cd ${lib.escapeShellArg cfg.dataDir} && ${pkgs.podman-compose}/bin/podman-compose -p burrow-zulip down'";
TimeoutStopSec = "20s";
ExecStop = "${pkgs.bash}/bin/bash -lc 'set -euo pipefail; if ${pkgs.podman}/bin/podman container exists burrow-zulip_zulip_1; then ${pkgs.podman}/bin/podman stop --ignore --time 10 burrow-zulip_zulip_1 >/dev/null || true; ${pkgs.podman}/bin/podman rm -f --ignore burrow-zulip_zulip_1 >/dev/null || true; fi'";
};
script = ''
set -euo pipefail
@ -452,13 +453,22 @@ EOF
return 0
fi
export ZULIP_REALM_NAME=${lib.escapeShellArg cfg.realmName}
export ZULIP_ADMIN_EMAIL=${lib.escapeShellArg cfg.administratorEmail}
export ZULIP_OWNER_NAME=${lib.escapeShellArg cfg.realmOwnerName}
local realm_name=${lib.escapeShellArg cfg.realmName}
local admin_email=${lib.escapeShellArg cfg.administratorEmail}
local owner_name=${lib.escapeShellArg cfg.realmOwnerName}
local create_realm_cmd
podman exec burrow-zulip_zulip_1 bash -lc '
su zulip -c "/home/zulip/deployments/current/manage.py create_realm --string-id= --password-file /data/secrets/bootstrap-owner-password --automated \"$ZULIP_REALM_NAME\" \"$ZULIP_ADMIN_EMAIL\" \"$ZULIP_OWNER_NAME\""
'
printf -v create_realm_cmd '%q ' \
/home/zulip/deployments/current/manage.py \
create_realm \
--string-id= \
--password-file /data/secrets/bootstrap-owner-password \
--automated \
"$realm_name" \
"$admin_email" \
"$owner_name"
podman exec burrow-zulip_zulip_1 su zulip -c "$create_realm_cmd"
}
if [ ! -e .initialized ]; then