2 files changed,
109 insertions(+),
0 deletions(-)
Author:
Oleksandr Smirnov
olexsmir@gmail.com
Committed at:
2026-04-22 20:14:20 +0300
Authored at:
2026-04-22 20:13:02 +0300
Change ID:
uqpsozszurkwloxuvpwkmqpzkzwkqlwo
Parent:
71ed842
jump to
| A | flake.lock |
| A | flake.nix |
A
flake.lock
··· 1 +{ 2 + "nodes": { 3 + "nixpkgs": { 4 + "locked": { 5 + "lastModified": 1776876315, 6 + "narHash": "sha256-WjF9bvfRDHrq4NpUPKHUhbGL+WcAtwzFReUQ6j7QAG8=", 7 + "owner": "NixOS", 8 + "repo": "nixpkgs", 9 + "rev": "fe5d6c30270c004681694d1142efa4eaeb0780ce", 10 + "type": "github" 11 + }, 12 + "original": { 13 + "owner": "NixOS", 14 + "repo": "nixpkgs", 15 + "type": "github" 16 + } 17 + }, 18 + "root": { 19 + "inputs": { 20 + "nixpkgs": "nixpkgs" 21 + } 22 + } 23 + }, 24 + "root": "root", 25 + "version": 7 26 +}
A
flake.nix
··· 1 +{ 2 + description = "rss-tools"; 3 + inputs.nixpkgs.url = "github:NixOS/nixpkgs"; 4 + outputs = { self, nixpkgs }: 5 + let 6 + systems = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ]; 7 + forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f nixpkgs.legacyPackages.${system}); 8 + in { 9 + packages = forAllSystems (pkgs: 10 + let version = self.rev or "dev"; 11 + in { 12 + default = self.packages.${pkgs.stdenv.hostPlatform.system}.rss-tools; 13 + rss-tools = pkgs.buildGo126Module { 14 + pname = "rss-tools"; 15 + version = version; 16 + src = ./.; 17 + vendorHash = "sha256-HxCJvHCIve83OMvInOZtgcveC9uVZ5YAZAi5cL26akI="; 18 + ldflags = [ "-s" "-w" ]; 19 + meta = with pkgs.lib; { license = licenses.mit; }; 20 + }; 21 + } 22 + ); 23 + 24 + nixosModules.default = { config, lib, pkgs, ... }: 25 + with lib; 26 + let cfg = config.services.rss-tools; 27 + in { 28 + options.services.rss-tools = { 29 + enable = mkEnableOption "rss-tools service"; 30 + 31 + package = mkOption { 32 + type = types.package; 33 + default = self.packages.${pkgs.stdenv.hostPlatform.system}.rss-tools; 34 + defaultText = literalExpression "self.packages.\${pkgs.stdenv.hostPlatform.system}.rss-tools"; 35 + description = "rss-tools package to run."; 36 + }; 37 + 38 + settingsFile = mkOption { 39 + type = types.nullOr types.str; 40 + default = null; 41 + example = "/run/secrets/rss-tools.json"; 42 + description = "Path to JSON config file passed to --config."; 43 + }; 44 + 45 + dbPath = mkOption { 46 + type = types.str; 47 + default = "%S/rss-tools/db"; 48 + example = "/var/lib/rss-tools/rss.db"; 49 + description = "Path to local bbolt DB file passed to --db."; 50 + }; 51 + }; 52 + 53 + config = mkIf cfg.enable { 54 + assertions = [ 55 + { 56 + assertion = cfg.settingsFile != null; 57 + message = "services.rss-tools.settingsFile must be set"; 58 + } 59 + ]; 60 + 61 + systemd.services.rss-tools = { 62 + description = "rss-tools service"; 63 + wantedBy = [ "multi-user.target" ]; 64 + after = [ "network.target" ]; 65 + serviceConfig = { 66 + Type = "simple"; 67 + DynamicUser = true; 68 + StateDirectory = "rss-tools"; 69 + WorkingDirectory = "%S/rss-tools"; 70 + ExecStart = "${cfg.package}/bin/rss-tools --config ${cfg.settingsFile} --db ${cfg.dbPath}"; 71 + Restart = "on-failure"; 72 + RestartSec = "5s"; 73 + NoNewPrivileges = true; 74 + PrivateTmp = true; 75 + ProtectSystem = "strict"; 76 + ProtectHome = true; 77 + ReadWritePaths = [ (builtins.dirOf cfg.dbPath) ]; 78 + }; 79 + }; 80 + }; 81 + }; 82 + }; 83 +}