summaryrefslogtreecommitdiff
path: root/modules/nixos/mixins/miniflux.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/mixins/miniflux.nix')
-rw-r--r--modules/nixos/mixins/miniflux.nix47
1 files changed, 47 insertions, 0 deletions
diff --git a/modules/nixos/mixins/miniflux.nix b/modules/nixos/mixins/miniflux.nix
new file mode 100644
index 0000000..187ddc0
--- /dev/null
+++ b/modules/nixos/mixins/miniflux.nix
@@ -0,0 +1,47 @@
+{
+ config,
+ lib,
+ secretsDir,
+ ...
+}:
+
+{
+ config = lib.mkMerge [
+ {
+ services.miniflux = {
+ adminCredentialsFile = config.age.secrets.miniflux.path;
+ config = {
+ BASE_URL = "https://miniflux.${config.networking.domain}";
+ LISTEN_ADDR = "localhost:7000";
+ };
+ };
+ }
+
+ (lib.mkIf config.services.miniflux.enable {
+ age.secrets.miniflux.file = secretsDir + "/miniflux.age";
+
+ services = {
+ nginx.virtualHosts.${lib.removePrefix "https://" config.services.miniflux.config.BASE_URL} = {
+ locations."/" = {
+ proxyPass = "http://${config.services.miniflux.config.LISTEN_ADDR}";
+ };
+ };
+ };
+
+ /*
+ # Create the socket manually to ensure NGINX has permission for the socket's parent directory
+ # ...since for some reason Miniflux will not give it the same `0777` permission as the socket itself
+ systemd = {
+ services.miniflux = {
+ requires = [ "miniflux.socket" ];
+ };
+
+ sockets.miniflux = {
+ wantedBy = [ "sockets.target" ];
+ listenStreams = [ "/run/miniflux.sock" ];
+ };
+ };
+ */
+ })
+ ];
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 09:45:53 +0000