sid/sid.ovh
1
0
Fork 0
Code Issues 3 Pull requests 2 Projects Releases Packages Wiki Activity Actions

move rss services to sid #49

Merged
sid merged 3 commits from develop into master 2026-05-05 20:19:04 +02:00
Conversation 0 Commits 3 Files changed 6 +23 -15
6 changed files with 23 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hosts/rx4/services/default.nix
View file

@ -18,8 +18,6 @@
./nginx.nix ./nginx.nix
./open-webui-oci.nix ./open-webui-oci.nix
./print-server.nix ./print-server.nix
./rss-bridge.nix
./rsshub-oci.nix
./vaultwarden.nix ./vaultwarden.nix
# ./alditalk-extender.nix # FIXME # ./alditalk-extender.nix # FIXME

2
hosts/sid/services/default.nix
View file

@ -17,6 +17,8 @@
./netdata.nix ./netdata.nix
./nginx.nix ./nginx.nix
./radicale.nix ./radicale.nix
./rss-bridge.nix
./rsshub-oci.nix
./step-ca.nix ./step-ca.nix
]; ];
} }

12
hosts/sid/services/nginx.nix
View file

@ -77,18 +77,6 @@ in
error_log /var/log/nginx/open-webui-error.log debug; error_log /var/log/nginx/open-webui-error.log debug;
''; '';
}; };
virtualHosts."${constants.services.rss-bridge.fqdn}" = {
enableACME = ssl;
forceSSL = ssl;
locations."/" = {
proxyPass = "http://${constants.hosts.rx4.ip}";
};
};
virtualHosts."${constants.services.rsshub-oci.fqdn}" = mkVirtualHost {
inherit ssl;
address = constants.hosts.rx4.ip;
port = constants.services.rsshub-oci.port;
};
virtualHosts."${constants.services.vaultwarden.fqdn}" = { virtualHosts."${constants.services.vaultwarden.fqdn}" = {
useACMEHost = "sid-internal"; useACMEHost = "sid-internal";
forceSSL = ssl; forceSSL = ssl;

2
hosts/rx4/services/rss-bridge.nix → hosts/sid/services/rss-bridge.nix
View file

@ -8,7 +8,7 @@
reverseProxy = { reverseProxy = {
enable = true; enable = true;
subdomain = constants.services.rss-bridge.subdomain; subdomain = constants.services.rss-bridge.subdomain;
forceSSL = false; forceSSL = true;
}; };
}; };
} }

5
hosts/rx4/services/rsshub-oci.nix → hosts/sid/services/rsshub-oci.nix
View file

@ -10,5 +10,10 @@
services.rsshub-oci = { services.rsshub-oci = {
enable = true; enable = true;
inherit (constants.services.rsshub-oci) port; inherit (constants.services.rsshub-oci) port;
reverseProxy = {
enable = true;
subdomain = constants.services.rss-bridge.subdomain;
forceSSL = true;
};
}; };
} }

15
modules/nixos/rsshub-oci/default.nix
View file

@ -7,6 +7,9 @@
let let
cfg = config.services.rsshub-oci; cfg = config.services.rsshub-oci;
domain = config.networking.domain;
subdomain = cfg.reverseProxy.subdomain;
fqdn = if (cfg.reverseProxy.enable && subdomain != "") then "${subdomain}.${domain}" else domain;
images = { images = {
# https://github.com/DIYgod/RSSHub/pkgs/container/rsshub # https://github.com/DIYgod/RSSHub/pkgs/container/rsshub
@ -58,6 +61,10 @@ let
optional optional
types types
; ;
inherit (lib.utils)
mkReverseProxyOption
mkVirtualHost
;
in in
{ {
options.services.rsshub-oci = { options.services.rsshub-oci = {
@ -77,6 +84,7 @@ in
default = null; default = null;
description = "Environment file for secrets."; description = "Environment file for secrets.";
}; };
reverseProxy = mkReverseProxyOption "RSSHub" "rsshub";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -86,6 +94,13 @@ in
dockerCompat = true; dockerCompat = true;
}; };
services.nginx.virtualHosts = mkIf cfg.reverseProxy.enable {
"${fqdn}" = mkVirtualHost {
inherit (cfg) port;
ssl = cfg.reverseProxy.forceSSL;
};
};
networking.firewall.interfaces = networking.firewall.interfaces =
let let
matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; matchAll = if !config.networking.nftables.enable then "podman+" else "podman*";