pyrox.dev / nix
My Nix Configuration
fork atom

[systems.marvin] Fix anubis service and add miniflux anubis

pyrox.dev a0f308f8 2d44aad4

verified
options
unified split
Changed files
+21 -6
packages
anubis-files
default.nix
systems
x86_64-linux
marvin
default.nix
services
anubis.nix
miniflux.nix
+1 -1
packages/anubis-files/default.nix 
···

       
10

       
 

       



     

       
11

       
 

       
  buildPhase = ''


     

       
12

       
 

       
    substituteInPlace policies/*.yaml \


     

       
13

       
-

       
      --replace-fail "CUSTOM" $out


     

       
14

       
 

       
  '';


     

       
15

       
 

       



     

       
16

       
 

       
  installPhase = ''


     
···

       
10

       
 

       



     

       
11

       
 

       
  buildPhase = ''


     

       
12

       
 

       
    substituteInPlace policies/*.yaml \


     

       
13

       
+

       
      --replace-fail "CUSTOM" $out/rules


     

       
14

       
 

       
  '';


     

       
15

       
 

       



     

       
16

       
 

       
  installPhase = ''
+1
systems/x86_64-linux/marvin/default.nix 
···

       
8

       
 

       
    ./hardware.nix


     

       
9

       
 

       



     

       
10

       
 

       
    # Running Services


     

       

       

       
     

       
11

       
 

       
    ./services/authentik.nix


     

       
12

       
 

       
    ./services/avahi.nix


     

       
13

       
 

       
    ./services/bots.nix


     
···

       
8

       
 

       
    ./hardware.nix


     

       
9

       
 

       



     

       
10

       
 

       
    # Running Services


     

       
11

       
+

       
    ./services/anubis.nix


     

       
12

       
 

       
    ./services/authentik.nix


     

       
13

       
 

       
    ./services/avahi.nix


     

       
14

       
 

       
    ./services/bots.nix
+2 -2
systems/x86_64-linux/marvin/services/anubis.nix 
···

       
6

       
 

       
  config = {


     

       
7

       
 

       
    services.anubis.defaultOptions = {


     

       
8

       
 

       
      enable = true;


     

       
9

       
-

       
      extraFlags = "-metrics-bind \"\"";


     

       
10

       
 

       
      settings = {


     

       
11

       
 

       
        BIND_NETWORK = "tcp";


     

       
12

       
 

       
        SERVE_ROBOTS_TXT = true;


     
···

       
18

       
 

       
    };


     

       
19

       
 

       
    age.secrets.anubis-key = {


     

       
20

       
 

       
      file = ./secrets/anubis-key.age;


     

       
21

       
-

       
      user = "anubis";


     

       
22

       
 

       
      group = "anubis";


     

       
23

       
 

       
    };


     

       
24

       
 

       
  };


     
···

       
6

       
 

       
  config = {


     

       
7

       
 

       
    services.anubis.defaultOptions = {


     

       
8

       
 

       
      enable = true;


     

       
9

       
+

       
      extraFlags = [ "-metrics-bind \"\"" ];


     

       
10

       
 

       
      settings = {


     

       
11

       
 

       
        BIND_NETWORK = "tcp";


     

       
12

       
 

       
        SERVE_ROBOTS_TXT = true;


     
···

       
18

       
 

       
    };


     

       
19

       
 

       
    age.secrets.anubis-key = {


     

       
20

       
 

       
      file = ./secrets/anubis-key.age;


     

       
21

       
+

       
      owner = "anubis";


     

       
22

       
 

       
      group = "anubis";


     

       
23

       
 

       
    };


     

       
24

       
 

       
  };
+17 -3
systems/x86_64-linux/marvin/services/miniflux.nix 
···

       
1

       
-

       
{config, lib, ...}: let


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
2

       
 

       
  d = lib.py.data.services.miniflux;


     

       
3

       
-

       
in {


     

       

       

       
     

       
4

       
 

       
  services.miniflux = {


     

       
5

       
 

       
    enable = true;


     

       
6

       
 

       
    config = {


     
···

       
15

       
 

       
  };


     

       
16

       
 

       
  users.users.miniflux.isSystemUser = true;


     

       
17

       
 

       
  users.users.miniflux.group = "miniflux";


     

       
18

       
-

       
  users.groups.miniflux = {};


     

       
19

       
 

       
  age.secrets = {


     

       
20

       
 

       
    miniflux-admin = {


     

       
21

       
 

       
      file = ./secrets/miniflux-admin.age;


     

       
22

       
 

       
      owner = "miniflux";


     

       
23

       
 

       
      group = "miniflux";


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
24

       
 

       
    };


     

       
25

       
 

       
  };


     

       
26

       
 

       
}


     
···

       
1

       
+

       
{


     

       
2

       
+

       
  config,


     

       
3

       
+

       
  lib,


     

       
4

       
+

       
  pkgs,


     

       
5

       
+

       
  ...


     

       
6

       
+

       
}:


     

       
7

       
+

       
let


     

       
8

       
 

       
  d = lib.py.data.services.miniflux;


     

       
9

       
+

       
in


     

       
10

       
+

       
{


     

       
11

       
 

       
  services.miniflux = {


     

       
12

       
 

       
    enable = true;


     

       
13

       
 

       
    config = {


     
···

       
22

       
 

       
  };


     

       
23

       
 

       
  users.users.miniflux.isSystemUser = true;


     

       
24

       
 

       
  users.users.miniflux.group = "miniflux";


     

       
25

       
+

       
  users.groups.miniflux = { };


     

       
26

       
 

       
  age.secrets = {


     

       
27

       
 

       
    miniflux-admin = {


     

       
28

       
 

       
      file = ./secrets/miniflux-admin.age;


     

       
29

       
 

       
      owner = "miniflux";


     

       
30

       
 

       
      group = "miniflux";


     

       
31

       
+

       
    };


     

       
32

       
+

       
  };


     

       
33

       
+

       
  services.anubis.instances.miniflux = {


     

       
34

       
+

       
    settings = {


     

       
35

       
+

       
      BIND = ":${toString d.anubis}";


     

       
36

       
+

       
      POLICY_FNAME = "${pkgs.py.anubis-files}/policies/miniflux.yaml";


     

       
37

       
+

       
      TARGET = "http://localhost:${toString d.port}";


     

       
38

       
 

       
    };


     

       
39

       
 

       
  };


     

       
40

       
 

       
}