feat: add freshrss

2026-01-22 16:16:50 +01:00 · 2026-01-11 21:30:27 +01:00 · 2026-01-11 21:30:27 +01:00 · 002fad13df
commit 002fad13df
parent b99299dc45
4 changed files with 63 additions and 1 deletions
--- a/modules/homelab/freshrss.nix
+++ b/modules/homelab/freshrss.nix
@ -0,0 +1,54 @@
+{
+  config,
+  lib,
+  ...
+}:
+lib.mkIf config.fireproof.homelab.enable (let
+  domain = "freshrss.nickolaj.com";
+in {
+  services.freshrss = {
+    enable = true;
+    baseUrl = "https://${domain}";
+    virtualHost = domain;
+    database = {
+      type = "pgsql";
+      host = "/var/run/postgresql/";
+      user = "freshrss";
+      name = "freshrss";
+    };
+    authType = "http_auth";
+    defaultUser = "nickolaj1177@gmail.com";
+  };
+
+  services.postgresql = {
+    ensureDatabases = ["freshrss"];
+    ensureUsers = [
+      {
+        name = "freshrss";
+        ensureDBOwnership = true;
+        ensureClauses.login = true;
+      }
+    ];
+  };
+
+  services.oauth2-proxy.nginx.virtualHosts = {
+    "${domain}" = {
+      allowed_groups = ["default"];
+    };
+  };
+
+  services.nginx.virtualHosts."${domain}" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."~ ^.+?\\.php(/.*)?$" = {
+      extraConfig = lib.mkAfter ''
+        auth_request_set $email  $upstream_http_x_auth_request_email;
+        fastcgi_param REMOTE_USER $email;
+      '';
+    };
+  };
+
+  services.restic.backups.homelab.paths = [
+    "/var/lib/freshrss"
+  ];
+})