2024-05-04 15:27:04 +01:00
|
|
|
let
|
|
|
|
|
appName = "miniflux";
|
|
|
|
|
appImage = "docker.io/miniflux/miniflux";
|
2024-06-22 23:01:39 +01:00
|
|
|
functions = import ./functions.nix {};
|
2024-05-04 15:27:04 +01:00
|
|
|
in
|
2024-06-07 14:53:17 +01:00
|
|
|
{
|
|
|
|
|
lib,
|
|
|
|
|
config,
|
|
|
|
|
kubenix,
|
|
|
|
|
...
|
|
|
|
|
}: {
|
|
|
|
|
kubernetes.resources.deployments.miniflux = {
|
|
|
|
|
metadata.namespace = "miniflux";
|
|
|
|
|
spec = {
|
|
|
|
|
selector.matchLabels.app = appName;
|
|
|
|
|
template = {
|
|
|
|
|
metadata.labels.app = appName;
|
|
|
|
|
spec = {
|
|
|
|
|
containers = {
|
|
|
|
|
miniflux = {
|
|
|
|
|
image = appImage;
|
|
|
|
|
envFrom = [
|
|
|
|
|
{secretRef.name = "miniflux";}
|
2024-06-22 23:01:39 +01:00
|
|
|
{configMapRef.name = config.kubernetes.resources.configMaps.miniflux.metadata.name;}
|
2024-06-07 14:53:17 +01:00
|
|
|
];
|
|
|
|
|
resources = {
|
|
|
|
|
requests = {
|
|
|
|
|
cpu = "1m";
|
|
|
|
|
memory = "256Mi";
|
|
|
|
|
};
|
|
|
|
|
limits = {
|
|
|
|
|
cpu = "1";
|
|
|
|
|
memory = "512Mi";
|
|
|
|
|
};
|
2024-05-04 15:27:04 +01:00
|
|
|
};
|
2024-06-07 14:53:17 +01:00
|
|
|
ports.http.containerPort = 8080;
|
2024-05-04 15:27:04 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-06-07 14:53:17 +01:00
|
|
|
kubernetes.resources.services.miniflux = {
|
|
|
|
|
metadata.namespace = "miniflux";
|
|
|
|
|
metadata.labels.app = appName;
|
|
|
|
|
spec = {
|
|
|
|
|
selector.app = appName;
|
|
|
|
|
ports.http = {
|
|
|
|
|
port = 8080;
|
|
|
|
|
targetPort = 8080;
|
|
|
|
|
};
|
2024-05-04 15:27:04 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2024-06-07 14:53:17 +01:00
|
|
|
kubernetes.resources.ingresses.miniflux = {
|
|
|
|
|
metadata.namespace = "miniflux";
|
|
|
|
|
metadata.annotations = {
|
|
|
|
|
"cert-manager.io/cluster-issuer" = "le-issuer";
|
|
|
|
|
};
|
|
|
|
|
spec = {
|
|
|
|
|
tls = [
|
|
|
|
|
{
|
|
|
|
|
hosts = ["rss.gmem.ca"];
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
rules = [
|
|
|
|
|
{
|
|
|
|
|
host = "rss.gmem.ca";
|
|
|
|
|
http.paths = [
|
|
|
|
|
{
|
|
|
|
|
path = "/";
|
|
|
|
|
pathType = "Prefix";
|
|
|
|
|
backend.service = {
|
|
|
|
|
name = "miniflux";
|
|
|
|
|
port.number = 8080;
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
2024-05-04 15:27:04 +01:00
|
|
|
};
|
|
|
|
|
|
2024-06-07 14:53:17 +01:00
|
|
|
kubernetes.resources."monitoring.coreos.com"."v1".ServiceMonitor.miniflux = {
|
|
|
|
|
metadata.namespace = "miniflux";
|
|
|
|
|
spec = {
|
|
|
|
|
selector.matchLabels.app = appName;
|
|
|
|
|
endpoints = [
|
|
|
|
|
{
|
|
|
|
|
port = "http";
|
|
|
|
|
interval = "60s";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
2024-05-04 15:27:04 +01:00
|
|
|
};
|
2024-06-07 14:53:17 +01:00
|
|
|
|
|
|
|
|
kubernetes.resources.configMaps.miniflux = {
|
|
|
|
|
metadata.namespace = "miniflux";
|
|
|
|
|
data = {
|
|
|
|
|
CLEANUP_ARCHIVE_UNREAD_DAYS = "60";
|
|
|
|
|
METRICS_COLLECTOR = "1";
|
|
|
|
|
METRICS_ALLOWED_NETWORKS = "0.0.0.0/0";
|
|
|
|
|
BASE_URL = "https://rss.gmem.ca/";
|
2024-06-22 23:01:39 +01:00
|
|
|
RUN_MIGRATIONS = "1";
|
|
|
|
|
CREATE_ADMIN = "1";
|
|
|
|
|
OAUTH2_PROVIDER = "oidc";
|
|
|
|
|
OAUTH2_REDIRECT_URL = "https://rss.gmem.ca/oauth2/oidc/callback";
|
|
|
|
|
OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://authentik.gmem.ca/application/o/miniflux/";
|
|
|
|
|
OAUTH2_USER_CREATION = "1";
|
|
|
|
|
YOUTUBE_EMBED_URL_OVERRIDE = "https://piped.gmem.ca/embed/";
|
2024-06-07 14:53:17 +01:00
|
|
|
};
|
2024-05-04 15:27:04 +01:00
|
|
|
};
|
2024-06-22 23:01:39 +01:00
|
|
|
|
|
|
|
|
kubernetes.resources."secrets.infisical.com"."v1alpha1".InfisicalSecret.miniflux = functions.secret "miniflux";
|
2024-06-07 14:53:17 +01:00
|
|
|
}
|
