From 9e905990992f52318039f8508a7e6481b4b0e97d Mon Sep 17 00:00:00 2001
From: Asmir A <asmir.abdulahovic@gmail.com>
Date: Fri, 13 Oct 2023 13:29:25 +0200
Subject: [PATCH] magpie/miniflux: export url, add https cert

---
 magpie/configuration.nix | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/magpie/configuration.nix b/magpie/configuration.nix
index 59e4610..c1a4436 100644
--- a/magpie/configuration.nix
+++ b/magpie/configuration.nix
@@ -76,8 +76,15 @@
   services.openssh.settings.PermitRootLogin = "prohibit-password";
   services.openssh.enable = true;
   services.opendkim.enable = true;
-  services.miniflux.enable = true;
-  services.miniflux.adminCredentialsFile = config.sops.secrets."miniflux/admin_pass".path;
+
+  services.miniflux = {
+	  enable = true;
+	  adminCredentialsFile = config.sops.secrets."miniflux_env".path;
+	  config = {
+		LISTEN_ADDR = "localhost:5001";
+		BASE_URL = "https://miniflux.project-cloud.net";
+	  };
+  };
   services.restya-board = {
     enable = true;
     /*virtualHost.serverName = "board.project-cloud.net";*/
@@ -119,6 +126,15 @@
       enableACME = true;
     };
 
+    virtualHosts."miniflux.project-cloud.net" = {
+      quic = true;
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = {
+        proxyPass = "http://localhost:5001";
+      };
+    };
+
     virtualHosts.${config.services.gitea.settings.server.DOMAIN} = {
       quic = true;
       forceSSL = true;
@@ -188,9 +204,8 @@
     owner = config.users.users.gitea.name;
   };
 
-  sops.secrets."miniflux/admin_pass" = {
+  sops.secrets."miniflux_env" = {
     sopsFile = ./secrets/miniflux.yaml;
-    owner = "miniflux";
   };
 
   networking.hostName = "magpie";