From 46cb83674b326f68cf7cbff6d2d2a196b238bbb3 Mon Sep 17 00:00:00 2001
From: eyjhb <eyjhbb@gmail.com>
Date: Mon, 30 Dec 2024 22:53:22 +0100
Subject: [PATCH] miniflux: initialised

---
 machines/gerd.nix                   |  1 +
 machines/gerd/services/miniflux.nix | 48 +++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+)
 create mode 100644 machines/gerd/services/miniflux.nix

diff --git a/machines/gerd.nix b/machines/gerd.nix
index 3fe01d6..e2d670b 100644
--- a/machines/gerd.nix
+++ b/machines/gerd.nix
@@ -22,6 +22,7 @@
     ./gerd/services/stalwart
     ./gerd/services/wger
     ./gerd/services/searx.nix
+    ./gerd/services/miniflux.nix
 
     ./gerd/services/element.nix
     ./gerd/services/matrix-synapse.nix
diff --git a/machines/gerd/services/miniflux.nix b/machines/gerd/services/miniflux.nix
new file mode 100644
index 0000000..672ebe6
--- /dev/null
+++ b/machines/gerd/services/miniflux.nix
@@ -0,0 +1,48 @@
+{ config, lib, pkgs, ... }:
+
+let
+  svc_domain = "miniflux.${config.mine.shared.settings.domain}";
+  port = 6466;
+in {
+  services.miniflux = {
+    enable = true;
+
+    config = {
+      LISTEN_ADDR = "localhost:${builtins.toString port}";
+
+      # disable admin account, disable local auth
+      CREATE_ADMIN = 0;
+      DISABLE_LOCAL_AUTH = "true";
+
+      # use auth proxy
+      # TODO: This should be configureable
+      AUTH_PROXY_HEADER = "Remote-User";
+      AUTH_PROXY_USER_CREATION = "true";
+    };
+  };
+
+  # nginx
+  services.nginx.virtualHosts."${svc_domain}" = config.mine.shared.lib.authelia.mkProtectedWebsite {
+    forceSSL = true;
+    enableACME = true;
+    
+    locations."/" = config.mine.shared.lib.authelia.mkProtectedLocation {
+      proxyPass = "http://localhost:${builtins.toString port}";
+    };
+  };
+
+  # meta
+  mine.shared.meta.miniflux = {
+    name = "Miniflux";
+    description = "We host our own miniflux, use it to read all your feeds!";
+    url = "https://${svc_domain}";
+
+    package = let
+      pkg = config.services.miniflux.package;
+    in {
+      name = pkg.pname;
+      version = pkg.version;
+      meta = pkg.meta;
+    };
+  };
+}