pub-solar/infra
6
1
Fork 3
Code Issues 24 Pull requests 10 Actions Packages Projects 1 Releases Wiki Activity

RSS reader #217

Merged
b12f merged 10 commits from feat/tt-rss into main 2024-07-18 16:52:55 +00:00
Conversation 0 Commits 10 Files changed 9 +12 -14
2 changed files with 12 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 79679720ff - Show all commits

4
modules/nginx/default.nix
View file

@ -10,9 +10,7 @@ let
webserverGroup = "hakkonaut"; webserverGroup = "hakkonaut";
in in
{ {
users.users.nginx.extraGroups = [ users.users.nginx.extraGroups = [ webserverGroup ];
webserverGroup
];
services.nginx = { services.nginx = {
enable = true; enable = true;

22
modules/tt-rss/default.nix
View file

@ -3,7 +3,8 @@
config, config,
pkgs, pkgs,
... ...
}: let }:
let
ttrss-auth-oidc = pkgs.stdenv.mkDerivation { ttrss-auth-oidc = pkgs.stdenv.mkDerivation {
name = "ttrss-auth-oidc"; name = "ttrss-auth-oidc";
version = "7ebfbc91e92bb133beb907c6bde79279ee5156df"; version = "7ebfbc91e92bb133beb907c6bde79279ee5156df";
@ -16,7 +17,8 @@
cp -r * $out/auth_oidc cp -r * $out/auth_oidc
''; '';
}; };
in { in
{
age.secrets.tt-rss-database-password = { age.secrets.tt-rss-database-password = {
file = "${flake.self}/secrets/tt-rss-database-password.age"; file = "${flake.self}/secrets/tt-rss-database-password.age";
owner = "tt_rss"; owner = "tt_rss";
@ -54,9 +56,7 @@ in {
"note" "note"
"auth_oidc" "auth_oidc"
]; ];
pluginPackages = [ pluginPackages = [ ttrss-auth-oidc ];
ttrss-auth-oidc
];
email = { email = {
server = "mail.pub.solar"; server = "mail.pub.solar";
security = "tls"; security = "tls";
@ -70,12 +70,12 @@ in {
createLocally = true; createLocally = true;
}; };
extraConfig = '' extraConfig = ''
putenv('TTRSS_SMTP_PASSWORD=' . file_get_contents('${config.age.secrets.tt-rss-smtp-password.path}')); putenv('TTRSS_SMTP_PASSWORD=' . file_get_contents('${config.age.secrets.tt-rss-smtp-password.path}'));
putenv('TTRSS_AUTH_OIDC_NAME=pub.solar ID'); putenv('TTRSS_AUTH_OIDC_NAME=pub.solar ID');
putenv('TTRSS_AUTH_OIDC_URL=https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/'); putenv('TTRSS_AUTH_OIDC_URL=https://auth.${config.pub-solar-os.networking.domain}/realms/${config.pub-solar-os.auth.realm}/');
putenv('TTRSS_AUTH_OIDC_CLIENT_ID=tt-rss'); putenv('TTRSS_AUTH_OIDC_CLIENT_ID=tt-rss');
putenv('TTRSS_AUTH_OIDC_CLIENT_SECRET=' . file_get_contents('${config.age.secrets.tt-rss-keycloak-client-secret.path}')); putenv('TTRSS_AUTH_OIDC_CLIENT_SECRET=' . file_get_contents('${config.age.secrets.tt-rss-keycloak-client-secret.path}'));
putenv('TTRSS_FEED_CRYPT_KEY=' . file_get_contents('${config.age.secrets.tt-rss-feed-crypt-key.path}')); putenv('TTRSS_FEED_CRYPT_KEY=' . file_get_contents('${config.age.secrets.tt-rss-feed-crypt-key.path}'));
''; '';
}; };
} }