about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--modules/services/rss.nix (renamed from modules/services/tt-rss.nix)27
-rw-r--r--systems/cobalt/default.nix4
-rw-r--r--systems/cobalt/secrets/secrets.yaml5
3 files changed, 18 insertions, 18 deletions
diff --git a/modules/services/tt-rss.nix b/modules/services/rss.nix
index 4351065..7c44580 100644
--- a/modules/services/tt-rss.nix
+++ b/modules/services/rss.nix
@@ -2,38 +2,35 @@
 
 with lib;
 let
-  cfg = config.modules.services.tt-rss;
+  cfg = config.modules.services.rss;
 in
 {
-  options.modules.services.tt-rss = {
-    enable = mkEnableOption "Tiny Tiny RSS Client";
+  options.modules.services.rss = {
+    enable = mkEnableOption "RSS Aggregator";
     domain = mkOption { type = types.str; };
     realHost = mkOption { type = types.str; default = "rss.${cfg.domain}"; };
+    secrets.admin-password = mkOption { type = types.str; description = "path to file containing admin password"; };
   };
 
   config = mkIf cfg.enable {
-    services.tt-rss = {
+    services.freshrss = {
       enable = true;
       virtualHost = cfg.realHost;
-      selfUrlPath = "https://${cfg.realHost}";
+      baseUrl = "https://${cfg.realHost}";
 
-      themePackages = [
-        pkgs.tt-rss-theme-feedly
-      ];
-
-      plugins = [
-        "auth_internal"
-        "note"
-      ];
+      defaultUser = "admin";
+      passwordFile = cfg.secrets.admin-password;
 
       database = {
         type = "pgsql";
-        password = null;
         host = "/run/postgresql";
       };
-
     };
 
+    environment.persistence."/persist".directories = [
+      "/var/lib/freshrss"
+    ];
+
     services.nginx.virtualHosts.${cfg.realHost} = {
       forceSSL = true;
       useACMEHost = cfg.domain;
diff --git a/systems/cobalt/default.nix b/systems/cobalt/default.nix
index d5c5a8f..05f75d3 100644
--- a/systems/cobalt/default.nix
+++ b/systems/cobalt/default.nix
@@ -168,6 +168,7 @@ in
   # owner = "openldap";
   # };
   sops.secrets.searx-env = { };
+  sops.secrets.freshrss-admin-pass = { owner = "freshrss"; };
 
   nix.experimentalFeatures = "nix-command flakes";
 
@@ -326,10 +327,11 @@ in
       domain = "exotic.sh";
       realHost = "todo.exotic.sh";
     };
-    services.tt-rss = {
+    services.rss = {
       enable = true;
       domain = "exotic.sh";
       realHost = "rss.exotic.sh";
+      secrets.admin-password = config.sops.secrets.freshrss-admin-pass.path;
     };
     services.searx = {
       enable = true;
diff --git a/systems/cobalt/secrets/secrets.yaml b/systems/cobalt/secrets/secrets.yaml
index 18c819d..be519e0 100644
--- a/systems/cobalt/secrets/secrets.yaml
+++ b/systems/cobalt/secrets/secrets.yaml
@@ -17,6 +17,7 @@ system-imap-pass: ENC[AES256_GCM,data:T4yuF8+dkLjuiGhZUK33xvVqvyhs6vUL35/EUyue1L
 internal-imap-pass: ENC[AES256_GCM,data:2+Bk1hxM+veEXvSpqSZw1I9NaNBjE79CpJmLi2WHrMt5fQtfQCECNj0Pvwvj2QUrmt7HKZFT7GNbJopM,iv:nrOWRovsbkk4aIf0lS78daL2Jy6L5fVNkn2ZubK1xEI=,tag:/X8A5YJy3NNSSoV96IXPDg==,type:str]
 grafana-admin-pass: ENC[AES256_GCM,data:88z+mLcZ5s1u/8LWYcnOOhWTkff8sv1NIhQ=,iv:YdGaKCaq1bCCLsuYIug6NFO2rhqX/Xyt5yQ/hgWOfko=,tag:D+xWcN2bC2Q1Q2mjtpWqLg==,type:str]
 searx-env: ENC[AES256_GCM,data:FX5CpcDqkpUH2bsS00gFCzPFcInNMbf1Z0mBmoHXk2BJ54AVOVVM1aiVwXDyWnX2wN4gO8nHFypAY451R6UiSt7FAWlkYbBdlv7EsLyaLUR+,iv:c9B+tkipD3IbWTNCzOTvV1MtwJJsOonhxSM+31CHoXg=,tag:hP/BX6TahGqecTtUO3LorQ==,type:str]
+freshrss-admin-pass: ENC[AES256_GCM,data:xfDBsL9OWmOJy7wCKSJPobsk33pwT+E6ylGfjsZDbPozClT6I5nXtQ==,iv:c8au21XjXE97g3SS5JFwVk45NrsnO8aCHWpWP5o0bfY=,tag:Q65jkxymo/VMHOScFq8hPw==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -41,8 +42,8 @@ sops:
             cUpBZ01CMEFjNnNuWjlYejVKajkwcGMKehqYCZP0zZHDTfJrC/5LYiE/3doa0OiM
             OKXhOuUX8HF8RfkyiOSMpntxuNX2jSvd9sQRYnHkUvgm793+IuQjrg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-12-04T11:08:32Z"
-    mac: ENC[AES256_GCM,data:fPhtlUiSvlIlJusSVwu+tSkYjQSc4MjKRko7fIJrZLaiTjORYFbbDosH7Y2XLAoiXhWrQsZs2n7Nk0xi5iDS4RtnDJ7smIzojh6ePOjVlu/gNm7o9d7gphF0y2gB8cchw/Iv2f89S9z2PPGeQqPzUnuvJFhiKVlMA1b2geHK8A8=,iv:u916JFQus/0gPOdZtb29UPbqoqMjVyBmruFvFcFTdDE=,tag:ipYMgxNto1oBT7p5CrsK2A==,type:str]
+    lastmodified: "2023-12-06T14:07:55Z"
+    mac: ENC[AES256_GCM,data:aUq03Frpab/ixsQ6CqISOjEEwbUmIWKfuFbUNhZKoXGa5pqHZJD8P6PxoEWbAm59O/5h5LnPFJF44TMKZ7R2WQ3Twlq8fiM+J0Q7aaHUvsy7HEKQR4DMKgZ9QHikx77Z3+7zmGntszrQqS2ayd9ad3b/TGcBvaAD+iHIjvSJnas=,iv:xod4JS7GLTCNvV4d08qtv2O1FVvoAUzCRZTgKM3CptE=,tag:SbCke7FgMLLwLi+R3hT6Rg==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.8.1