RSS reader #217
|
@ -10,9 +10,7 @@ let
|
||||||
webserverGroup = "hakkonaut";
|
webserverGroup = "hakkonaut";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
users.users.nginx.extraGroups = [
|
users.users.nginx.extraGroups = [ webserverGroup ];
|
||||||
webserverGroup
|
|
||||||
];
|
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: let
|
}:
|
||||||
|
let
|
||||||
ttrss-auth-oidc = pkgs.stdenv.mkDerivation {
|
ttrss-auth-oidc = pkgs.stdenv.mkDerivation {
|
||||||
name = "ttrss-auth-oidc";
|
name = "ttrss-auth-oidc";
|
||||||
version = "7ebfbc91e92bb133beb907c6bde79279ee5156df";
|
version = "7ebfbc91e92bb133beb907c6bde79279ee5156df";
|
||||||
|
@ -16,7 +17,8 @@
|
||||||
cp -r * $out/auth_oidc
|
cp -r * $out/auth_oidc
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
age.secrets.tt-rss-database-password = {
|
age.secrets.tt-rss-database-password = {
|
||||||
file = "${flake.self}/secrets/tt-rss-database-password.age";
|
file = "${flake.self}/secrets/tt-rss-database-password.age";
|
||||||
owner = "tt_rss";
|
owner = "tt_rss";
|
||||||
|
@ -54,9 +56,7 @@ in {
|
||||||
"note"
|
"note"
|
||||||
"auth_oidc"
|
"auth_oidc"
|
||||||
];
|
];
|
||||||
pluginPackages = [
|
pluginPackages = [ ttrss-auth-oidc ];
|
||||||
ttrss-auth-oidc
|
|
||||||
];
|
|
||||||
email = {
|
email = {
|
||||||
server = "mail.pub.solar";
|
server = "mail.pub.solar";
|
||||||
security = "tls";
|
security = "tls";
|
||||||
|
@ -70,12 +70,12 @@ in {
|
||||||
createLocally = true;
|
createLocally = true;
|
||||||
};
|
};
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
putenv('TTRSS_SMTP_PASSWORD=' . file_get_contents('${config.age.secrets.tt-rss-smtp-password.path}'));
|
putenv('TTRSS_SMTP_PASSWORD=' . file_get_contents('${config.age.secrets.tt-rss-smtp-password.path}'));
|
||||||
putenv('TTRSS_AUTH_OIDC_NAME=pub.solar ID');
|
putenv('TTRSS_AUTH_OIDC_NAME=pub.solar ID');
|
||||||
putenv('TTRSS_AUTH_OIDC_URL=https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/');
|
putenv('TTRSS_AUTH_OIDC_URL=https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/');
|
||||||
putenv('TTRSS_AUTH_OIDC_CLIENT_ID=tt-rss');
|
putenv('TTRSS_AUTH_OIDC_CLIENT_ID=tt-rss');
|
||||||
putenv('TTRSS_AUTH_OIDC_CLIENT_SECRET=' . file_get_contents('${config.age.secrets.tt-rss-keycloak-client-secret.path}'));
|
putenv('TTRSS_AUTH_OIDC_CLIENT_SECRET=' . file_get_contents('${config.age.secrets.tt-rss-keycloak-client-secret.path}'));
|
||||||
putenv('TTRSS_FEED_CRYPT_KEY=' . file_get_contents('${config.age.secrets.tt-rss-feed-crypt-key.path}'));
|
putenv('TTRSS_FEED_CRYPT_KEY=' . file_get_contents('${config.age.secrets.tt-rss-feed-crypt-key.path}'));
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue