diff options
Diffstat (limited to 'modules/containers/freshrss/default.nix')
| -rw-r--r-- | modules/containers/freshrss/default.nix | 88 |
1 files changed, 69 insertions, 19 deletions
diff --git a/modules/containers/freshrss/default.nix b/modules/containers/freshrss/default.nix index 7cbe944..7d2e5eb 100644 --- a/modules/containers/freshrss/default.nix +++ b/modules/containers/freshrss/default.nix @@ -1,27 +1,77 @@ -{ ... }: +{ + config, + lib, + ... +}: +with lib; let - directory = "/opt/freshrss"; - port = "8888"; + service = "freshrss"; + cfg = config.modules.containers.${service}; in { - systemd.tmpfiles.rules = builtins.map (x: "d ${x} 0755 share share - -") [ directory ]; + options.modules.containers.${service} = { + enable = mkEnableOption service; + user = mkOption { + default = "share"; + type = types.str; + }; + group = mkOption { + default = "share"; + type = types.str; + }; + port = mkOption { + default = 8888; + type = types.int; + }; + url = mkOption { + default = null; + type = types.str; + }; + configDir = mkOption { + default = "/opt/${service}"; + type = types.str; + }; + }; + + config = mkIf cfg.enable { + users.users.${cfg.user} = { + isSystemUser = true; + group = cfg.group; + }; + + users.groups.${cfg.group} = { }; - virtualisation.oci-containers.containers.freshrss = { - image = "freshrss/freshrss:latest"; - autoStart = true; - ports = [ "${port}:80" ]; - volumes = [ - "${directory}/data:/var/www/FreshRSS/data" - "${directory}/extensions:/var/www/FreshRSS/extensions" + networking.firewall.allowedTCPPorts = [ + 80 + 443 ]; - environment = { - TZ = "America/Detroit"; - CRON_MIN = "*/20"; + + services.caddy = { + enable = true; + virtualHosts = { + ${cfg.url}.extraConfig = '' + encode zstd gzip + reverse_proxy http://localhost:${builtins.toString cfg.port} + ''; + }; }; - }; - services.caddy.virtualHosts."fresh.brownbread.net".extraConfig = '' - encode zstd gzip - reverse_proxy http://localhost:${port} - ''; + systemd.tmpfiles.rules = builtins.map (f: "d ${f} 0755 ${cfg.user} ${cfg.group} - -") [ + cfg.configDir + ]; + + virtualisation.oci-containers.containers.${service} = { + image = "${service}/${service}:latest"; + autoStart = true; + ports = [ "${builtins.toString cfg.port}:80" ]; + volumes = [ + "${cfg.configDir}/data:/var/www/FreshRSS/data" + "${cfg.configDir}/extensions:/var/www/FreshRSS/extensions" + ]; + environment = { + TZ = "America/Detroit"; + CRON_MIN = "*/20"; + }; + }; + }; } |