diff --git a/sys/machines/hopper/lab/caddy.nix b/sys/machines/hopper/lab/caddy.nix index 7694562..3657f3a 100644 --- a/sys/machines/hopper/lab/caddy.nix +++ b/sys/machines/hopper/lab/caddy.nix @@ -27,6 +27,13 @@ in { reverse_proxy unix//var/lib/navidrome/navidrome.sock ''; }; + miniflux = { + useACMEHost = domain; + hostName = "mf.${domain}:${toString caddyPort}"; + extraConfig = '' + reverse_proxy unix/${config.services.miniflux.config.LISTEN_ADDR} + ''; + }; slskd = { hostName = "slskd.hopper.xun.host:80"; extraConfig = '' diff --git a/sys/machines/hopper/lab/default.nix b/sys/machines/hopper/lab/default.nix index 76b1d7d..8f871ec 100644 --- a/sys/machines/hopper/lab/default.nix +++ b/sys/machines/hopper/lab/default.nix @@ -12,6 +12,7 @@ ./restic.nix ./samba.nix ./slskd.nix + ./miniflux.nix ./transmission.nix ./vaultwarden.nix ./vpn-namespace.nix diff --git a/sys/machines/hopper/lab/homepage.nix b/sys/machines/hopper/lab/homepage.nix index c24ed7e..0f9ceb8 100644 --- a/sys/machines/hopper/lab/homepage.nix +++ b/sys/machines/hopper/lab/homepage.nix @@ -50,6 +50,12 @@ icon = "navidrome"; }; } + { + "miniflux" = { + href = "https://mf.xunuwu.xyz"; + icon = "miniflux"; + }; + } { "adguard home" = { href = "http://${config.networking.hostName}:${toString config.services.adguardhome.port}"; diff --git a/sys/machines/hopper/lab/miniflux.nix b/sys/machines/hopper/lab/miniflux.nix new file mode 100644 index 0000000..afc72ed --- /dev/null +++ b/sys/machines/hopper/lab/miniflux.nix @@ -0,0 +1,15 @@ +{ + config, + lib, + ... +}: { + systemd.services.miniflux.serviceConfig.RuntimeDirectoryMode = lib.mkForce "0755"; + + services.miniflux = { + enable = true; + adminCredentialsFile = config.sops.secrets.miniflux.path; + config = { + LISTEN_ADDR = "/run/miniflux/miniflux.sock"; + }; + }; +} diff --git a/sys/profiles/secrets/hopper/default.nix b/sys/profiles/secrets/hopper/default.nix index 60a7023..022b849 100644 --- a/sys/profiles/secrets/hopper/default.nix +++ b/sys/profiles/secrets/hopper/default.nix @@ -29,5 +29,9 @@ format = "binary"; sopsFile = ./vaultwarden-env; }; + miniflux = { + format = "binary"; + sopsFile = ./miniflux; + }; }; } diff --git a/sys/profiles/secrets/hopper/miniflux b/sys/profiles/secrets/hopper/miniflux new file mode 100644 index 0000000..b0c13f6 --- /dev/null +++ b/sys/profiles/secrets/hopper/miniflux @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:tNtcieUhH5rRfrpIbCD9DyTVnrfh0QMEdNJXT63D7DMb//HwZQL4IUGb3m3JMYzJ/Bdis5qUX3Z4hR0RAc4Z8VL5QDT2obMdwl+NEyymZCAhCEigGCAwx+D5QYMVN196y64t,iv:Q0QOz97dR1DyX3s9YbrQCkp8Af4Eii2+lRjvS1x/pcM=,tag:kjqASNrvzM1qIE1608GptQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpTUJiczRUOGFZWXYzV2p1\nYzFEeXhMa2NtWTBadmJ6U0JiSVVHOGZVWXhZClY2UElDYkhJOHJJR09CMG1IQm4r\nTmZublloWFk5cWdYWHlqWnZkY3NIeWsKLS0tIGdxQXBQeXlKQlhlU1FkSWhtYjd0\nZnJ4T2lKVlFVVis5K3ZjK3JjMHVXYzgKcHManyk3uMEmx1mnfJM7+/wnA+ssxTKk\nsl0yOgWGVPMSN1CFU0zAW+rx07Z7tdnK1H7129nltyQy1FL/ep9xwg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxTUtacGh3TEoreHBtTXlV\nRklKYkx1QUFXeU91Q0ZLOGp1WnJObE90eVhzCjVicDh1dHQ5WURJVlBjSWpjZmVC\nSjg2Tnk2L0hKTWp0RGFWSE1Fa1ZiVFUKLS0tIG94TjhoajZSQlppVjVLQXpRSVV3\nNDNKdSswUVRjRmd6ZkZYbzdRaTY3MFUKTbMm6YWWO+M4h9JmoqkRkCnoFxaEiF44\nNkHn+4QuKu7xPlQhIyjeYbWLMTMoiMN6QlzasU6M0lHv/9IZ2q/y3Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-03-14T15:57:56Z", + "mac": "ENC[AES256_GCM,data:ciKi5phjUGnqlRHizdYeYpMpRQqc4vuC558Awelp2rgPMbL1gZWkLCiGQnrlumIrw+PvA/ZSWQYAy4uRc61foAWj59KUIhCwLybNSbJeCZHKrT7opIRRGIy7BY2EA1SX3HHfuM3Fo0E59WOcaSavNywPjNpz5MZMWOEbuY/ZS1I=,iv:PU7iBqqovoTnqTIgAsg7EuEr7sWeyAypVw+Z+ZkVoAg=,tag:FgskiHmMtp5aV/PDhZrcuA==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.4" + } +} \ No newline at end of file