mio-ops/roles/tt-rss.nix

# NixOps configuration for the hosts running Tiny Tiny RSS (TT-RSS)

{ config, pkgs, lib, ... }:

{

  services.tt-rss = {
    enable = true;                                # Enable TT-RSS
    database = {                                  # Configure the database
      type = "pgsql";                              # Database type
      passwordFile = "/run/keys/tt-rss-dbpass";   # Where to find the password
    };
    email = {
      fromAddress = "news@mcwhirter.io";          # Address for outgoing email
      fromName = "News at mcwhirter.io";          # Display name for outgoing email
    };
    selfUrlPath = "https://news.mcwhirter.io/";   # Root web URL
    virtualHost = "news.mcwhirter.io";            # Setup a virtualhost
  };

  services.postgresql = {
    enable = true;                # Ensure postgresql is enabled
    authentication = ''
      local tt_rss all ident map=tt_rss-users
    '';
    identMap =                    # Map the tt-rss user to postgresql
      ''
        tt_rss-users tt_rss tt_rss
      '';
    ensureDatabases = [ "tt_rss" ];   # Ensure the database persists
    ensureUsers = [
      {
        name = "tt_rss";              # Ensure the database user persists
        ensurePermissions = {         # Ensure the database permissions persist
          "DATABASE tt_rss" = "ALL PRIVILEGES";
        };
      }
    ];
  };

  services.nginx = {
    enable = true;                                          # Enable Nginx
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    virtualHosts."news.mcwhirter.io" = {                    # TT-RSS hostname
      enableACME = true;                                    # Use ACME certs
      forceSSL = true;                                      # Force SSL
    };
  };

  security.acme.certs = {
      "news.mcwhirter.io".email = "craige@mcwhirter.io";
  };

  users.groups.keys.members = [ "tt_rss" ];   # Required due to NixOps issue #1204

}
Added deployment of Tiny Tiny RSS (tt-rss) 2019-09-15 23:00:34 +00:00			`# NixOps configuration for the hosts running Tiny Tiny RSS (TT-RSS)`

			`{ config, pkgs, lib, ... }:`

			`{`

			`services.tt-rss = {`
			`enable = true; # Enable TT-RSS`
			`database = { # Configure the database`
			`type = "pgsql"; # Database type`
			`passwordFile = "/run/keys/tt-rss-dbpass"; # Where to find the password`
			`};`
			`email = {`
			`fromAddress = "news@mcwhirter.io"; # Address for outgoing email`
			`fromName = "News at mcwhirter.io"; # Display name for outgoing email`
			`};`
			`selfUrlPath = "https://news.mcwhirter.io/"; # Root web URL`
			`virtualHost = "news.mcwhirter.io"; # Setup a virtualhost`
			`};`

			`services.postgresql = {`
			`enable = true; # Ensure postgresql is enabled`
			`authentication = ''`
			`local tt_rss all ident map=tt_rss-users`
			`'';`
			`identMap = # Map the tt-rss user to postgresql`
			`''`
			`tt_rss-users tt_rss tt_rss`
			`'';`
Bumped to 20.03 2020-04-27 08:07:20 +00:00			`ensureDatabases = [ "tt_rss" ]; # Ensure the database persists`
			`ensureUsers = [`
			`{`
			`name = "tt_rss"; # Ensure the database user persists`
			`ensurePermissions = { # Ensure the database permissions persist`
			`"DATABASE tt_rss" = "ALL PRIVILEGES";`
			`};`
			`}`
			`];`
Added deployment of Tiny Tiny RSS (tt-rss) 2019-09-15 23:00:34 +00:00			`};`

			`services.nginx = {`
			`enable = true; # Enable Nginx`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`
			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`
			`virtualHosts."news.mcwhirter.io" = { # TT-RSS hostname`
			`enableACME = true; # Use ACME certs`
			`forceSSL = true; # Force SSL`
			`};`
			`};`

			`security.acme.certs = {`
			`"news.mcwhirter.io".email = "craige@mcwhirter.io";`
			`};`

Added tt_rss to keys group 2019-11-05 04:33:59 +00:00			`users.groups.keys.members = [ "tt_rss" ]; # Required due to NixOps issue #1204`

Added deployment of Tiny Tiny RSS (tt-rss) 2019-09-15 23:00:34 +00:00			`}`