31 lines
761 B
Nix
31 lines
761 B
Nix
{ config, ... }:
|
|
let
|
|
tld = "val";
|
|
domain = "rss.${tld}";
|
|
in
|
|
{
|
|
services.freshrss = {
|
|
enable = true;
|
|
baseUrl = "https://${domain}";
|
|
virtualHost = "${domain}";
|
|
|
|
defaultUser = "rpqt";
|
|
passwordFile = config.clan.core.vars.generators.freshrss.files.freshrss-password.path;
|
|
};
|
|
|
|
services.nginx.virtualHosts.${config.services.freshrss.virtualHost} = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
|
|
security.acme.certs.${domain}.server = "https://ca.${tld}/acme/acme/directory";
|
|
|
|
clan.core.vars.generators.freshrss = {
|
|
prompts.freshrss-password = {
|
|
description = "freshrss default user password";
|
|
type = "hidden";
|
|
persist = true;
|
|
};
|
|
files.freshrss-password.owner = config.services.freshrss.user;
|
|
};
|
|
}
|