diff options
| author | seth <[email protected]> | 2023-05-21 21:20:28 -0400 |
|---|---|---|
| committer | seth <[email protected]> | 2023-05-21 21:20:28 -0400 |
| commit | 3a7cc8116cce947f5652e0e46f4d60d59bfb5717 (patch) | |
| tree | 9450413a40fd28b685deb5e26e229aeb4102eaa5 /hosts | |
| parent | 50da869402b650aaa39b7cbaf38a7639b2bb2d9c (diff) | |
atlas: start hosting miniflux
Diffstat (limited to 'hosts')
| -rw-r--r-- | hosts/atlas/default.nix | 8 | ||||
| -rw-r--r-- | hosts/atlas/miniflux.nix | 20 | ||||
| -rw-r--r-- | hosts/atlas/nginx.nix | 32 |
3 files changed, 59 insertions, 1 deletions
diff --git a/hosts/atlas/default.nix b/hosts/atlas/default.nix index 50fa986..220592d 100644 --- a/hosts/atlas/default.nix +++ b/hosts/atlas/default.nix @@ -5,6 +5,8 @@ }: { imports = [ ./hardware-configuration.nix + ./miniflux.nix + ./nginx.nix ./prometheus.nix ]; @@ -22,7 +24,11 @@ loader.efi.canTouchEfiVariables = true; }; - networking.hostName = "atlas"; + networking = { + domain = "mydadleft.me"; + hostName = "atlas"; + }; + system.stateVersion = "22.11"; users.users = let diff --git a/hosts/atlas/miniflux.nix b/hosts/atlas/miniflux.nix new file mode 100644 index 0000000..a7886e6 --- /dev/null +++ b/hosts/atlas/miniflux.nix @@ -0,0 +1,20 @@ +{ + config, + self, + ... +}: { + config = { + age.secrets = { + miniflux.file = "${self}/secrets/hosts/${config.networking.hostName}/miniflux.age"; + }; + + services.miniflux = { + enable = true; + adminCredentialsFile = config.age.secrets.miniflux.path; + config = { + BASE_URL = "https://miniflux.${config.networking.domain}"; + LISTEN_ADDR = "localhost:7000"; + }; + }; + }; +} diff --git a/hosts/atlas/nginx.nix b/hosts/atlas/nginx.nix new file mode 100644 index 0000000..1fcfd45 --- /dev/null +++ b/hosts/atlas/nginx.nix @@ -0,0 +1,32 @@ +{config, ...}: { + networking.firewall.allowedTCPPorts = [80 443]; + + security.acme = { + acceptTerms = true; + defaults.email = "[email protected]"; + }; + + services.nginx = { + enable = true; + + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts = let + mkProxy = endpoint: port: { + "${endpoint}" = { + proxyPass = "http://127.0.0.1:${port}"; + proxyWebsockets = true; + }; + }; + inherit (config.networking) domain; + in { + "miniflux.${domain}" = { + enableACME = true; + locations = mkProxy "/" "7000"; + }; + }; + }; +} |