fireproof/nixos
1
0
Fork 0
mirror of https://github.com/nickolaj-jepsen/nixos.git synced 2026-01-22 16:16:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add freshrss

Browse source
This commit is contained in:
Nickolaj Jepsen 2026-01-11 21:30:27 +01:00
parent b99299dc45
commit 002fad13df
4 changed files with 63 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/homelab/default.nix
View file

@ -6,6 +6,7 @@
imports = [ imports = [
./arr.nix ./arr.nix
./audiobookshelf.nix ./audiobookshelf.nix
./freshrss.nix
./glance.nix ./glance.nix
./home-assistant.nix ./home-assistant.nix
./jellyfin.nix ./jellyfin.nix

54
modules/homelab/freshrss.nix Normal file
View file

@ -0,0 +1,54 @@
{
config,
lib,
...
}:
lib.mkIf config.fireproof.homelab.enable (let
domain = "freshrss.nickolaj.com";
in {
services.freshrss = {
enable = true;
baseUrl = "https://${domain}";
virtualHost = domain;
database = {
type = "pgsql";
host = "/var/run/postgresql/";
user = "freshrss";
name = "freshrss";
};
authType = "http_auth";
defaultUser = "nickolaj1177@gmail.com";
};
services.postgresql = {
ensureDatabases = ["freshrss"];
ensureUsers = [
{
name = "freshrss";
ensureDBOwnership = true;
ensureClauses.login = true;
}
];
};
services.oauth2-proxy.nginx.virtualHosts = {
"${domain}" = {
allowed_groups = ["default"];
};
};
services.nginx.virtualHosts."${domain}" = {
enableACME = true;
forceSSL = true;
locations."~ ^.+?\\.php(/.*)?$" = {
extraConfig = lib.mkAfter ''
auth_request_set $email $upstream_http_x_auth_request_email;
fastcgi_param REMOTE_USER $email;
'';
};
};
services.restic.backups.homelab.paths = [
"/var/lib/freshrss"
];
})

6
modules/homelab/glance.nix
View file

@ -209,6 +209,12 @@ in {
icon = "sh:audiobookshelf"; icon = "sh:audiobookshelf";
same-tab = true; same-tab = true;
} }
{
title = "FreshRSS";
url = "https://freshrss.nickolaj.com";
icon = "sh:freshrss";
same-tab = true;
}
{ {
title = "Sonarr"; title = "Sonarr";
url = "https://sonarr.nickolaj.com"; url = "https://sonarr.nickolaj.com";

3
modules/homelab/sso.nix
View file

@ -46,7 +46,6 @@ in {
name = "zitadel"; name = "zitadel";
ensureDBOwnership = true; ensureDBOwnership = true;
ensureClauses.login = true; ensureClauses.login = true;
ensureClauses.superuser = true;
} }
]; ];
}; };
@ -100,6 +99,8 @@ in {
validateURL = "https://${zitadelDomain}/oauth2/"; validateURL = "https://${zitadelDomain}/oauth2/";
oidcIssuerUrl = "https://${zitadelDomain}:443"; oidcIssuerUrl = "https://${zitadelDomain}:443";
keyFile = config.age.secrets.oauth2-proxy.path; keyFile = config.age.secrets.oauth2-proxy.path;
passBasicAuth = true;
setXauthrequest = true;
nginx.domain = oathproxyDomain; nginx.domain = oathproxyDomain;
email.domains = ["*"]; email.domains = ["*"];
extraConfig = { extraConfig = {