From 13c381ff3da0a3d4882d78627185f771c3d25630 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20Yule=20B=C3=A4dorf?= Date: Wed, 17 Jul 2024 18:50:06 +0200 Subject: [PATCH] rss: fix auth build, fix nginx group rights, log to stdout --- modules/nginx/default.nix | 5 ++++- modules/tt-rss/default.nix | 9 +++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/modules/nginx/default.nix b/modules/nginx/default.nix index c836173..569a1ae 100644 --- a/modules/nginx/default.nix +++ b/modules/nginx/default.nix @@ -10,9 +10,12 @@ let webserverGroup = "hakkonaut"; in { + users.users.nginx.extraGroups = [ + webserverGroup + ]; + services.nginx = { enable = true; - group = webserverGroup; enableReload = true; proxyCachePath.cache = { enable = true; diff --git a/modules/tt-rss/default.nix b/modules/tt-rss/default.nix index dba9e4f..c42fb2f 100644 --- a/modules/tt-rss/default.nix +++ b/modules/tt-rss/default.nix @@ -12,8 +12,8 @@ hash = "sha256-G6vZBvSWms6s6nHZWsxJjMGuubt/imiBvbp6ykwrZbg="; }; installPhase = '' - mkdir -p $out - cp -r * $out + mkdir -p $out/auth_oidc + cp -r * $out/auth_oidc ''; }; in { @@ -48,10 +48,11 @@ in { virtualHost = "rss.${config.pub-solar-os.networking.domain}"; selfUrlPath = "https://rss.${config.pub-solar-os.networking.domain}"; root = "/var/lib/tt-rss"; + logDestination = ""; plugins = [ "auth_internal" "note" - "ttrss-auth-oidc" + "auth_oidc" ]; pluginPackages = [ ttrss-auth-oidc @@ -70,7 +71,7 @@ in { }; extraConfig = '' putenv('TTRSS_SMTP_PASSWORD=' . file_get_contents('${config.age.secrets.tt-rss-smtp-password.path}')); - putenv('TTRSS_AUTH_OIDC_NAME=Keycloak'); + putenv('TTRSS_AUTH_OIDC_NAME=pub.solar ID'); putenv('TTRSS_AUTH_OIDC_URL=https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/'); putenv('TTRSS_AUTH_OIDC_CLIENT_ID=tt-rss'); putenv('TTRSS_AUTH_OIDC_CLIENT_SECRET=' . file_get_contents('${config.age.secrets.tt-rss-keycloak-client-secret.path}'));