diff --git a/Deployments/tt-rss.nix b/Deployments/tt-rss.nix new file mode 100644 index 0000000..b337f3c --- /dev/null +++ b/Deployments/tt-rss.nix @@ -0,0 +1,48 @@ +# NixOps configuration for the hosts running Tiny Tiny RSS (TT-RSS) + +{ config, pkgs, lib, ... }: + +{ + + services.tt-rss = { + enable = true; # Enable TT-RSS + database = { # Configure the database + type = "pgsql"; # Database type + passwordFile = "/run/keys/tt-rss-dbpass"; # Where to find the password + }; + email = { + fromAddress = "news@mcwhirter.io"; # Address for outgoing email + fromName = "News at mcwhirter.io"; # Display name for outgoing email + }; + selfUrlPath = "https://news.mcwhirter.io/"; # Root web URL + virtualHost = "news.mcwhirter.io"; # Setup a virtualhost + }; + + services.postgresql = { + enable = true; # Ensure postgresql is enabled + authentication = '' + local tt_rss all ident map=tt_rss-users + ''; + identMap = # Map the tt-rss user to postgresql + '' + tt_rss-users tt_rss tt_rss + ''; + }; + + services.nginx = { + enable = true; # Enable Nginx + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts."news.mcwhirter.io" = { # TT-RSS hostname + enableACME = true; # Use ACME certs + forceSSL = true; # Force SSL + }; + }; + + security.acme.certs = { + "news.mcwhirter.io".email = "craige@mcwhirter.io"; + }; + +} diff --git a/Hosts/cuallaidh.nix b/Hosts/cuallaidh.nix index 32d4c30..9124dc9 100644 --- a/Hosts/cuallaidh.nix +++ b/Hosts/cuallaidh.nix @@ -10,6 +10,7 @@ [ ../Deployments/gitea.nix ../Deployments/hydra.nix + ../Deployments/tt-rss.nix ]; deployment.targetHost = "172.105.197.118";