79 lines
2 KiB
Nix
79 lines
2 KiB
Nix
{
|
|
name = "FreshRSS";
|
|
description = ''
|
|
RSS reader and sync server
|
|
'';
|
|
|
|
traefikRoutes =
|
|
{
|
|
host,
|
|
...
|
|
}:
|
|
let
|
|
hostname = host.hostname;
|
|
config = host.config.freshrss;
|
|
in
|
|
[
|
|
{
|
|
name = "${hostname}-freshrss";
|
|
rule = "Host(`${config.domain}`)";
|
|
target = "http://${host.ip}:80";
|
|
}
|
|
];
|
|
|
|
nixosModule =
|
|
{ lib, config, ... }:
|
|
{
|
|
options.freshrss = {
|
|
domain = lib.mkOption {
|
|
type = lib.types.str;
|
|
};
|
|
adminUser = lib.mkOption {
|
|
type = lib.types.str;
|
|
};
|
|
};
|
|
|
|
config =
|
|
let
|
|
cfg = config.freshrss;
|
|
secrets = config.sops.secrets;
|
|
in
|
|
{
|
|
networking.firewall.allowedTCPPorts = [
|
|
80 # Nginx running freshrss
|
|
];
|
|
|
|
sops.secrets = {
|
|
"freshrss/db_pass" = {
|
|
owner = "freshrss";
|
|
};
|
|
"freshrss/admin_pass" = {
|
|
owner = "freshrss";
|
|
};
|
|
};
|
|
systemd.tmpfiles.rules = [
|
|
"d '${config.services.freshrss.dataDir}/cache' 0750 ${config.services.freshrss.user} ${config.services.freshrss.user} - -"
|
|
"d '${config.services.freshrss.dataDir}/users' 0750 ${config.services.freshrss.user} ${config.services.freshrss.user} - -"
|
|
"d '${config.services.freshrss.dataDir}/favicons' 0750 ${config.services.freshrss.user} ${config.services.freshrss.user} - -"
|
|
];
|
|
|
|
# Create the database
|
|
postgres.databases = [ "freshrss" ];
|
|
|
|
# Enable and configure the service
|
|
services.freshrss = {
|
|
enable = true;
|
|
baseUrl = "https://${cfg.domain}";
|
|
virtualHost = cfg.domain;
|
|
dataDir = "/cephfs/appdata/freshrss";
|
|
defaultUser = cfg.adminUser;
|
|
passwordFile = secrets."freshrss/admin_pass".path;
|
|
|
|
database = {
|
|
type = "pgsql";
|
|
passFile = secrets."freshrss/db_pass".path;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|