{ ... }:
{
systemd.tmpfiles.rules = [
"f /run/agenix/freshrss 0770 freshrss freshrss -"
];
services = {
freshrss = {
enable = true;
language = "en";
baseUrl = "https://rss.bhankas.org";
defaultUser = "payas";
passwordFile = "/run/agenix/freshrss";
authType = "form";
database = {
type = "sqlite";
};
virtualHost = "rss.bhankas.org";
nginx = {
virtualHosts = {
"rss.bhankas.org" = {
addSSL = true;
enableACME = true;
locations = {
"/".extraConfig = ''
proxy_set_header Host $host;
'';
"~ ^.+?\.php(/.*)?$".extraConfig = ''
security.acme = {
acceptTerms = true;
certs = {
email = "admin@bhankas.org";
dnsResolver = "1.1.1.1:53";
}