diff options
author | sefidel <contact@sefidel.net> | 2023-12-09 21:35:15 +0900 |
---|---|---|
committer | sefidel <contact@sefidel.net> | 2023-12-09 21:42:28 +0900 |
commit | 4a71d7b81260dca99ce3bd2f4697b15e67f80b24 (patch) | |
tree | 041071b6f077821860002b224186fa5a6e38f94f /modules | |
parent | 0cf559e51258f13b4842d3374b495d14bf641e4a (diff) | |
download | infra-4a71d7b81260dca99ce3bd2f4697b15e67f80b24.tar.gz infra-4a71d7b81260dca99ce3bd2f4697b15e67f80b24.zip |
feat(modules/rss): add rss-bridge
Diffstat (limited to 'modules')
-rw-r--r-- | modules/services/rss.nix | 63 |
1 files changed, 44 insertions, 19 deletions
diff --git a/modules/services/rss.nix b/modules/services/rss.nix index 7c44580..c7fadd3 100644 --- a/modules/services/rss.nix +++ b/modules/services/rss.nix @@ -10,30 +10,55 @@ in domain = mkOption { type = types.str; }; realHost = mkOption { type = types.str; default = "rss.${cfg.domain}"; }; secrets.admin-password = mkOption { type = types.str; description = "path to file containing admin password"; }; + bridge = { + enable = mkEnableOption "RSS Bridge"; + domain = mkOption { type = types.str; default = cfg.domain; }; + realHost = mkOption { type = types.str; default = "rss-bridge.${cfg.bridge.domain}"; }; + whitelist = mkOption { type = types.listOf types.str; default = []; }; + }; }; - config = mkIf cfg.enable { - services.freshrss = { - enable = true; - virtualHost = cfg.realHost; - baseUrl = "https://${cfg.realHost}"; + config = mkIf cfg.enable (mkMerge [ + { + services.freshrss = { + enable = true; + virtualHost = cfg.realHost; + baseUrl = "https://${cfg.realHost}"; - defaultUser = "admin"; - passwordFile = cfg.secrets.admin-password; + defaultUser = "admin"; + passwordFile = cfg.secrets.admin-password; - database = { - type = "pgsql"; - host = "/run/postgresql"; + database = { + type = "pgsql"; + host = "/run/postgresql"; + }; }; - }; - environment.persistence."/persist".directories = [ - "/var/lib/freshrss" - ]; + environment.persistence."/persist".directories = [ + "/var/lib/freshrss" + ]; - services.nginx.virtualHosts.${cfg.realHost} = { - forceSSL = true; - useACMEHost = cfg.domain; - }; - }; + services.nginx.virtualHosts.${cfg.realHost} = { + forceSSL = true; + useACMEHost = cfg.domain; + }; + } + (mkIf cfg.bridge.enable { + services.rss-bridge = { + enable = true; + virtualHost = cfg.bridge.realHost; + } // optionalAttrs (cfg.bridge.whitelist != []) { + whitelist = cfg.bridge.whitelist; + }; + + environment.persistence."/persist".directories = [ + "/var/lib/rss-bridge" + ]; + + services.nginx.virtualHosts.${cfg.bridge.realHost} = { + forceSSL = true; + useACMEHost = cfg.bridge.domain; + }; + }) + ]); } |