Merge pull request 'move rss services to sid' (#49 ) from develop into master

Reviewed-on: #49
corrected port
2026-05-05 20:19:03 +02:00 · 2026-05-05 20:13:49 +02:00 · 2026-05-05 19:31:56 +02:00 · 2026-05-05 19:08:32 +02:00
6 changed files with 23 additions and 15 deletions
--- a/hosts/rx4/services/default.nix
+++ b/hosts/rx4/services/default.nix
@ -18,8 +18,6 @@
    ./nginx.nix
    ./open-webui-oci.nix
    ./print-server.nix
-    ./rss-bridge.nix
-    ./rsshub-oci.nix
    ./vaultwarden.nix

    # ./alditalk-extender.nix # FIXME
--- a/hosts/sid/services/default.nix
+++ b/hosts/sid/services/default.nix
@ -17,6 +17,8 @@
    ./netdata.nix
    ./nginx.nix
    ./radicale.nix
+    ./rss-bridge.nix
+    ./rsshub-oci.nix
    ./step-ca.nix
  ];
 }
--- a/hosts/sid/services/nginx.nix
+++ b/hosts/sid/services/nginx.nix
@ -77,18 +77,6 @@ in
        error_log /var/log/nginx/open-webui-error.log debug;
      '';
    };
-    virtualHosts."${constants.services.rss-bridge.fqdn}" = {
-      enableACME = ssl;
-      forceSSL = ssl;
-      locations."/" = {
-        proxyPass = "http://${constants.hosts.rx4.ip}";
-      };
-    };
-    virtualHosts."${constants.services.rsshub-oci.fqdn}" = mkVirtualHost {
-      inherit ssl;
-      address = constants.hosts.rx4.ip;
-      port = constants.services.rsshub-oci.port;
-    };
    virtualHosts."${constants.services.vaultwarden.fqdn}" = {
      useACMEHost = "sid-internal";
      forceSSL = ssl;
--- a/hosts/sid/services/rss-bridge.nix
+++ b/hosts/sid/services/rss-bridge.nix
@ -8,7 +8,7 @@
    reverseProxy = {
      enable = true;
      subdomain = constants.services.rss-bridge.subdomain;
-      forceSSL = false;
+      forceSSL = true;
    };
  };
 }
--- a/hosts/sid/services/rsshub-oci.nix
+++ b/hosts/sid/services/rsshub-oci.nix
@ -10,5 +10,10 @@
  services.rsshub-oci = {
    enable = true;
    inherit (constants.services.rsshub-oci) port;
+    reverseProxy = {
+      enable = true;
+      subdomain = constants.services.rss-bridge.subdomain;
+      forceSSL = true;
+    };
  };
 }
--- a/modules/nixos/rsshub-oci/default.nix
+++ b/modules/nixos/rsshub-oci/default.nix
@ -7,6 +7,9 @@

 let
  cfg = config.services.rsshub-oci;
+  domain = config.networking.domain;
+  subdomain = cfg.reverseProxy.subdomain;
+  fqdn = if (cfg.reverseProxy.enable && subdomain != "") then "${subdomain}.${domain}" else domain;

  images = {
    # https://github.com/DIYgod/RSSHub/pkgs/container/rsshub
@ -58,6 +61,10 @@ let
    optional
    types
    ;
+  inherit (lib.utils)
+    mkReverseProxyOption
+    mkVirtualHost
+    ;
 in
 {
  options.services.rsshub-oci = {
@ -77,6 +84,7 @@ in
      default = null;
      description = "Environment file for secrets.";
    };
+    reverseProxy = mkReverseProxyOption "RSSHub" "rsshub";
  };

  config = mkIf cfg.enable {
@ -86,6 +94,13 @@ in
      dockerCompat = true;
    };

+    services.nginx.virtualHosts = mkIf cfg.reverseProxy.enable {
+      "${fqdn}" = mkVirtualHost {
+        inherit (cfg) port;
+        ssl = cfg.reverseProxy.forceSSL;
+      };
+    };
+
    networking.firewall.interfaces =
      let
        matchAll = if !config.networking.nftables.enable then "podman+" else "podman*";
Author	SHA1	Message	Date
sid	af0a423feb	Merge pull request 'move rss services to sid' (#49 ) from develop into master Some checks failed Deploy configs / deploy-configs (push) Failing after 11s Details Reviewed-on: #49	2026-05-05 20:19:03 +02:00
sid	f1d652f370	corrected port All checks were successful Flake check / flake-check (pull_request) Successful in 25s Details Build hosts / build-hosts (pull_request) Successful in 28s Details	2026-05-05 20:13:49 +02:00
sid	da1e8d80ec	removed double vhost on sid Some checks failed Build hosts / build-hosts (pull_request) Failing after 8s Details Flake check / flake-check (pull_request) Failing after 6s Details	2026-05-05 19:31:56 +02:00
sid	43244fd370	move rss services to sid Some checks failed Flake check / flake-check (pull_request) Failing after 6s Details Build hosts / build-hosts (pull_request) Failing after 10s Details	2026-05-05 19:08:32 +02:00