2022-11-09 00:33:38 +01:00
|
|
|
{ custom, domain }: { config, ... }:
|
2022-11-10 23:52:02 +01:00
|
|
|
let
|
|
|
|
ttrssEnvironment = {
|
|
|
|
TZ = "Europe/Zurich";
|
|
|
|
TTRSS_DB_USER = "ttrss";
|
|
|
|
TTRSS_DB_NAME = "ttrssdb";
|
|
|
|
TTRSS_DB_HOST = "host.docker.internal";
|
|
|
|
TTRSS_SELF_URL_PATH = "https://${domain}/tt-rss";
|
|
|
|
TTRSS_SESSION_COOKIE_LIFETIME = "604800";
|
2022-11-15 15:11:38 +01:00
|
|
|
TTRSS_PLUGINS = "af_comics, af_readability, auth_internal, hotkeys_swap_jk, nginx_xaccel";
|
2022-11-10 23:52:02 +01:00
|
|
|
};
|
2022-11-12 18:08:20 +01:00
|
|
|
ttrssService = "${config.virtualisation.oci-containers.backend}-ttrss";
|
|
|
|
backupService = "${config.virtualisation.oci-containers.backend}-backup";
|
|
|
|
updaterService = "${config.virtualisation.oci-containers.backend}-updater";
|
2022-11-10 23:52:02 +01:00
|
|
|
in
|
2022-11-02 21:38:40 +01:00
|
|
|
{
|
|
|
|
imports = [
|
2022-11-04 19:35:57 +01:00
|
|
|
(import "${custom.inputs.self}/modules/nginx-fpm" {
|
2022-11-10 23:35:49 +01:00
|
|
|
dataDir = "/var/lib/ttrss/html";
|
2022-11-09 00:33:38 +01:00
|
|
|
inherit custom domain;
|
2022-11-02 21:38:40 +01:00
|
|
|
})
|
2022-11-04 19:35:57 +01:00
|
|
|
"${custom.inputs.self}/modules/postgresql"
|
2022-11-02 21:38:40 +01:00
|
|
|
];
|
2022-11-04 19:35:57 +01:00
|
|
|
age.secrets.ttrssEnv.file = "${custom.inputs.self}/scrts/ttrss_env.age";
|
2022-11-02 21:38:40 +01:00
|
|
|
|
|
|
|
services.postgresql = {
|
2022-11-09 21:33:08 +01:00
|
|
|
authentication = "host ttrssdb ttrss 172.16.0.0/12 scram-sha-256";
|
2022-11-02 21:38:40 +01:00
|
|
|
ensureDatabases = [ "ttrssdb" ];
|
2022-11-08 23:56:41 +01:00
|
|
|
ensureUsers = [{
|
|
|
|
name = "ttrss";
|
|
|
|
ensurePermissions = {
|
|
|
|
"DATABASE ttrssdb " = "ALL PRIVILEGES";
|
|
|
|
};
|
|
|
|
}];
|
2022-11-02 21:38:40 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
virtualisation.oci-containers = {
|
2022-11-03 09:37:37 +01:00
|
|
|
backend = "docker";
|
2022-11-02 21:38:40 +01:00
|
|
|
containers."ttrss" = {
|
|
|
|
image = "ghcr.io/nebucatnetzer/tt-rss-aarch64/ttrss-fpm-pgsql-static";
|
2022-11-10 23:35:49 +01:00
|
|
|
autoStart = true;
|
2022-11-10 23:52:02 +01:00
|
|
|
environment = ttrssEnvironment;
|
|
|
|
environmentFiles = [ config.age.secrets.ttrssEnv.path ];
|
|
|
|
ports = [
|
|
|
|
"9000:9000"
|
|
|
|
];
|
|
|
|
volumes = [
|
|
|
|
"/var/lib/ttrss/html:/var/www/html"
|
2022-11-15 16:21:23 +01:00
|
|
|
"/etc/timezone:/etc/timezone:ro"
|
|
|
|
"/etc/localtime:/etc/localtime:ro"
|
2022-11-10 23:52:02 +01:00
|
|
|
];
|
|
|
|
extraOptions = [ "--add-host=host.docker.internal:host-gateway" ];
|
|
|
|
};
|
|
|
|
containers."backup" = {
|
|
|
|
image = "ghcr.io/nebucatnetzer/tt-rss-aarch64/ttrss-fpm-pgsql-static";
|
|
|
|
autoStart = true;
|
|
|
|
environment = ttrssEnvironment;
|
|
|
|
environmentFiles = [ config.age.secrets.ttrssEnv.path ];
|
|
|
|
volumes = [
|
|
|
|
"/var/lib/ttrss/html:/var/www/html"
|
|
|
|
"/var/lib/ttrss/backup:/backup"
|
2022-11-15 16:21:23 +01:00
|
|
|
"/etc/timezone:/etc/timezone:ro"
|
|
|
|
"/etc/localtime:/etc/localtime:ro"
|
2022-11-10 23:52:02 +01:00
|
|
|
];
|
2022-11-10 23:58:19 +01:00
|
|
|
cmd = [ "/opt/tt-rss/dcron.sh" "-f" ];
|
2022-11-10 23:52:02 +01:00
|
|
|
extraOptions = [ "--add-host=host.docker.internal:host-gateway" ];
|
|
|
|
};
|
|
|
|
containers."updater" = {
|
|
|
|
image = "ghcr.io/nebucatnetzer/tt-rss-aarch64/ttrss-fpm-pgsql-static";
|
|
|
|
autoStart = true;
|
|
|
|
environment = ttrssEnvironment;
|
2022-11-03 23:36:21 +01:00
|
|
|
environmentFiles = [ config.age.secrets.ttrssEnv.path ];
|
2022-11-02 21:38:40 +01:00
|
|
|
volumes = [
|
2022-11-10 23:35:49 +01:00
|
|
|
"/var/lib/ttrss/html:/var/www/html"
|
2022-11-15 16:21:23 +01:00
|
|
|
"/etc/timezone:/etc/timezone:ro"
|
|
|
|
"/etc/localtime:/etc/localtime:ro"
|
2022-11-02 21:38:40 +01:00
|
|
|
];
|
2022-11-10 23:52:02 +01:00
|
|
|
cmd = [ "/opt/tt-rss/updater.sh" ];
|
|
|
|
dependsOn = [ "ttrss" ];
|
2022-11-03 23:36:21 +01:00
|
|
|
extraOptions = [ "--add-host=host.docker.internal:host-gateway" ];
|
2022-11-02 21:38:40 +01:00
|
|
|
};
|
|
|
|
};
|
2022-11-08 23:59:46 +01:00
|
|
|
|
|
|
|
services.nginx.virtualHosts."${domain}".locations = {
|
|
|
|
"/".extraConfig = ''
|
|
|
|
try_files $uri $uri/ = 404;
|
|
|
|
'';
|
|
|
|
"/tt-rss/cache".extraConfig = ''
|
|
|
|
aio threads;
|
|
|
|
internal;
|
|
|
|
'';
|
|
|
|
"/tt-rss/backups".extraConfig = ''
|
|
|
|
internal;
|
|
|
|
'';
|
|
|
|
};
|
2022-11-12 20:48:26 +01:00
|
|
|
systemd.services.${ttrssService}.after = [ "nginx.service" ];
|
|
|
|
systemd.services.postgresql.after = [ "${ttrssService}.service" ];
|
2022-11-02 21:38:40 +01:00
|
|
|
}
|
2022-11-13 14:04:30 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|