flake/hosts/aws/tyo0/services/miniflux.nix

41 lines
1.2 KiB
Nix
Raw Normal View History

2024-08-31 02:15:09 +00:00
{ lib, config, ... }:
{
# https://miniflux.app/docs/howto.html#systemd-socket-activation
systemd = {
sockets.miniflux = {
description = "Miniflux Socket";
wantedBy = [ "sockets.target" ];
requiredBy = [ "miniflux.service" ];
listenStreams = [ "/run/miniflux.sock" ];
socketConfig.NoDelay = true;
};
services.miniflux = {
serviceConfig.NonBlocking = true;
};
};
2024-08-11 10:13:36 +00:00
services.miniflux = {
enable = true;
adminCredentialsFile = config.sops.secrets."miniflux/environment".path;
config = {
2024-09-27 10:40:00 +00:00
CREATE_ADMIN = 0;
2024-08-11 10:13:36 +00:00
BASE_URL = "https://rss.ny4.dev";
METRICS_COLLECTOR = 1;
2024-08-11 10:13:36 +00:00
OAUTH2_PROVIDER = "oidc";
OAUTH2_CLIENT_ID = "miniflux";
# OAUTH2_CLIENT_SECRET = "replace_me"; # EnvironmentFile
OAUTH2_REDIRECT_URL = "https://rss.ny4.dev/oauth2/oidc/callback";
OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://id.ny4.dev/realms/ny4";
};
};
2024-08-31 02:15:09 +00:00
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
2024-09-20 17:38:01 +00:00
match = lib.singleton { host = [ "rss.ny4.dev" ]; };
2024-08-31 02:15:09 +00:00
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "unix//run/miniflux.sock"; } ];
2024-08-31 02:15:09 +00:00
};
};
2024-08-11 10:13:36 +00:00
}