From 6cadfe3d96713875a7df47f975f42a0cc580439f Mon Sep 17 00:00:00 2001
From: Minijackson <minijackson@riseup.net>
Date: Sun, 30 May 2021 22:52:40 +0200
Subject: miniflux: init

---
 flake.nix                    | 11 ++++++++++-
 usecases/server/miniflux.nix | 29 +++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 usecases/server/miniflux.nix

diff --git a/flake.nix b/flake.nix
index cd03cb5..b7aefc0 100644
--- a/flake.nix
+++ b/flake.nix
@@ -79,6 +79,7 @@
         gotifyServer = (import ./usecases/server/gotify-server.nix inputs);
         hydraServer = (import ./usecases/server/hydra-server.nix inputs);
         jellyfin = (import ./usecases/server/jellyfin.nix inputs);
+        miniflux = (import ./usecases/server/miniflux.nix inputs);
         monitoringServer = (import ./usecases/server/monitoring-server.nix inputs);
         monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs);
         nginx = (import ./usecases/server/nginx.nix inputs);
@@ -180,6 +181,7 @@
               self.nixosModules.usecases.server.gotifyServer
               self.nixosModules.usecases.server.hydraServer
               self.nixosModules.usecases.server.jellyfin
+              self.nixosModules.usecases.server.miniflux
               self.nixosModules.usecases.server.monitoringServer
               self.nixosModules.usecases.server.nginx
               self.nixosModules.usecases.server.radicale
@@ -200,11 +202,18 @@
                   hydraURL = "localhost:3000";
                   notificationSender = "hydra@localhost";
                   secretKeyLocation = builtins.toFile
-                    "secret-key"
+                    "store-secret-key"
                     "testServer:0d5jJjOxIoe6sTr2YKWkQxsM3ZcW+9GAk52yYNVxfYBUxS2nUfzfQk5Jo0OwHnT95bTLXCVNQETGV4m6KHsVCA==";
                 };
 
                 services.jellyfin.allowedPaths = [ ];
+
+                services.miniflux.adminCredentialsFile = builtins.toFile
+                  "miniflux-secret.env"
+                  ''
+                    ADMIN_USERNAME=admin
+                    ADMIN_PASSWORD='hello world'
+                  '';
               })
             ];
           };
diff --git a/usecases/server/miniflux.nix b/usecases/server/miniflux.nix
new file mode 100644
index 0000000..5e00320
--- /dev/null
+++ b/usecases/server/miniflux.nix
@@ -0,0 +1,29 @@
+inputs:
+
+{ config, lib, ... }:
+
+let
+  minifluxPort = 8083;
+in
+{
+  services.miniflux = {
+    enable = true;
+    config = {
+      LISTEN_ADDR = "[${config.topology.mainVpn.currentNodeIP}]:${toString minifluxPort}";
+      METRICS_COLLECTOR = "1";
+      METRICS_ALLOWED_NETWORKS = config.topology.mainVpn.subnet;
+    };
+  };
+
+  assertions = [
+    {
+      assertion = config.services.miniflux.enable ->
+        config.services.miniflux.adminCredentialsFile != null;
+      message = "Please provide non-default credentials for Miniflux";
+    }
+  ];
+
+  networking.firewall.interfaces.${config.topology.mainVpn.interfaceName}.allowedTCPPorts = [
+    minifluxPort
+  ];
+}
-- 
cgit v1.2.3