rss: fix auth build, fix nginx group rights, log to stdout

This commit is contained in:
Benjamin Yule Bädorf 2024-07-17 18:50:06 +02:00
parent c59fac512e
commit 13c381ff3d
Signed by untrusted user: b12f
GPG key ID: 729956E1124F8F26
2 changed files with 9 additions and 5 deletions

View file

@ -10,9 +10,12 @@ let
webserverGroup = "hakkonaut";
in
{
users.users.nginx.extraGroups = [
webserverGroup
];
services.nginx = {
enable = true;
group = webserverGroup;
enableReload = true;
proxyCachePath.cache = {
enable = true;

View file

@ -12,8 +12,8 @@
hash = "sha256-G6vZBvSWms6s6nHZWsxJjMGuubt/imiBvbp6ykwrZbg=";
};
installPhase = ''
mkdir -p $out
cp -r * $out
mkdir -p $out/auth_oidc
cp -r * $out/auth_oidc
'';
};
in {
@ -48,10 +48,11 @@ in {
virtualHost = "rss.${config.pub-solar-os.networking.domain}";
selfUrlPath = "https://rss.${config.pub-solar-os.networking.domain}";
root = "/var/lib/tt-rss";
logDestination = "";
plugins = [
"auth_internal"
"note"
"ttrss-auth-oidc"
"auth_oidc"
];
pluginPackages = [
ttrss-auth-oidc
@ -70,7 +71,7 @@ in {
};
extraConfig = ''
putenv('TTRSS_SMTP_PASSWORD=' . file_get_contents('${config.age.secrets.tt-rss-smtp-password.path}'));
putenv('TTRSS_AUTH_OIDC_NAME=Keycloak');
putenv('TTRSS_AUTH_OIDC_NAME=pub.solar ID');
putenv('TTRSS_AUTH_OIDC_URL=https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/');
putenv('TTRSS_AUTH_OIDC_CLIENT_ID=tt-rss');
putenv('TTRSS_AUTH_OIDC_CLIENT_SECRET=' . file_get_contents('${config.age.secrets.tt-rss-keycloak-client-secret.path}'));