From 5ac247d951c13971c2d0f0cd7df8b1e92d9085df Mon Sep 17 00:00:00 2001
From: Asmir A <asmir.abdulahovic@gmail.com>
Date: Fri, 13 Oct 2023 12:52:26 +0200
Subject: [PATCH] magpie: add miniflux credentials

---
 magpie/configuration.nix     |  6 ++++++
 magpie/secrets/miniflux.yaml | 22 ++++++++++++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 magpie/secrets/miniflux.yaml

diff --git a/magpie/configuration.nix b/magpie/configuration.nix
index d181442..59e4610 100644
--- a/magpie/configuration.nix
+++ b/magpie/configuration.nix
@@ -77,6 +77,7 @@
   services.openssh.enable = true;
   services.opendkim.enable = true;
   services.miniflux.enable = true;
+  services.miniflux.adminCredentialsFile = config.sops.secrets."miniflux/admin_pass".path;
   services.restya-board = {
     enable = true;
     /*virtualHost.serverName = "board.project-cloud.net";*/
@@ -187,6 +188,11 @@
     owner = config.users.users.gitea.name;
   };
 
+  sops.secrets."miniflux/admin_pass" = {
+    sopsFile = ./secrets/miniflux.yaml;
+    owner = "miniflux";
+  };
+
   networking.hostName = "magpie";
   networking.wireless.enable = false;
   networking.firewall.enable = false;
diff --git a/magpie/secrets/miniflux.yaml b/magpie/secrets/miniflux.yaml
new file mode 100644
index 0000000..e53d515
--- /dev/null
+++ b/magpie/secrets/miniflux.yaml
@@ -0,0 +1,22 @@
+miniflux:
+    admin_pass: ENC[AES256_GCM,data:5Ic1T0R3g9gVxZsgRmI=,iv:dWTapRKAP1ofhSVEgUr37ChLPieIObP24SGFTq0buk4=,tag:mY/RFXIcBRt9gl6yHzNrlw==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age153y8mz6gqy5t54q4fnrdvjj4v5ls9cgp3hhpd2hzf5tvkcnncf6q4xns0j
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3TE9xUGJZc0oxc3JINDBn
+            b0ZYL3l6aWlkQkNOMjhPOTZ3alFWUTJNWFQ0Cm42WThBVjk3VktsS0E5MWJobUhs
+            Z21CZUJBV0NGSXhrWlZ4QnIrTW5QYU0KLS0tIFZaVEtWOGRSL0ptcFE1YjJZdUh3
+            eHhVY0wyRFRUb1hlM3ZoUDVaYzQ4YmcKEFnW1EbnkpeaikmPuY+BwXRZSIizPs4M
+            X6hnMQDHJoaeMBb24kpwuwpkujO6RLe4DXPe7HsrPDR+/zEMhairQw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-10-13T10:47:50Z"
+    mac: ENC[AES256_GCM,data:xiWmhBSVygBUooCfI8tVUJ44ahARxZzDux5isTPGTOoso5MSydxcJSqPdCXfkXYCJRYi3YSklSnNnadhLBXsSlTbdMkOKRnQb3xANVn9ArweWc1otKUkX1E2aohuEbjmzOPpYw0fU04DHN7PKC/zU90vJ6JXYUvn7QCdqsHKh68=,iv:gdTL1kllhxuJKjz6OcrV8yXnnf1TUeunii5mAprTOE8=,tag:TXawCa4//TeSm6TpuponFw==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.7.3