Loading nixos/modules/services/web-apps/freshrss.nix +43 −18 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ let poolName = "freshrss"; in { meta.maintainers = with maintainers; [ etu stunkymonkey ]; meta.maintainers = with maintainers; [ etu stunkymonkey mattchrist ]; options.services.freshrss = { enable = mkEnableOption (mdDoc "FreshRSS feed reader"); Loading @@ -27,7 +27,8 @@ in }; passwordFile = mkOption { type = types.path; type = types.nullOr types.path; default = null; description = mdDoc "Password for the defaultUser for FreshRSS."; example = "/run/secrets/freshrss"; }; Loading Loading @@ -120,7 +121,13 @@ in user = mkOption { type = types.str; default = "freshrss"; description = lib.mdDoc "User under which Freshrss runs."; description = lib.mdDoc "User under which FreshRSS runs."; }; authType = mkOption { type = types.enum [ "form" "http_auth" "none" ]; default = "form"; description = mdDoc "Authentication type for FreshRSS."; }; }; Loading Loading @@ -160,6 +167,14 @@ in }; in mkIf cfg.enable { assertions = mkIf (cfg.authType == "form") [ { assertion = cfg.passwordFile != null; message = '' `passwordFile` must be supplied when using "form" authentication! ''; } ]; # Set up a Nginx virtual host. services.nginx = mkIf (cfg.virtualHost != null) { enable = true; Loading Loading @@ -227,7 +242,7 @@ in settingsFlags = concatStringsSep " \\\n " (mapAttrsToList (k: v: "${k} ${toString v}") { "--default_user" = ''"${cfg.defaultUser}"''; "--auth_type" = ''"form"''; "--auth_type" = ''"${cfg.authType}"''; "--base_url" = ''"${cfg.baseUrl}"''; "--language" = ''"${cfg.language}"''; "--db-type" = ''"${cfg.database.type}"''; Loading Loading @@ -255,18 +270,28 @@ in FRESHRSS_DATA_PATH = cfg.dataDir; }; script = '' script = let userScriptArgs = ''--user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})"''; updateUserScript = optionalString (cfg.authType == "form") '' ./cli/update-user.php ${userScriptArgs} ''; createUserScript = optionalString (cfg.authType == "form") '' ./cli/create-user.php ${userScriptArgs} ''; in '' # do installation or reconfigure if test -f ${cfg.dataDir}/config.php; then # reconfigure with settings ./cli/reconfigure.php ${settingsFlags} ./cli/update-user.php --user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})" ${updateUserScript} else # check correct folders in data folder ./cli/prepare.php # install with settings ./cli/do-install.php ${settingsFlags} ./cli/create-user.php --user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})" ${createUserScript} fi ''; }; Loading nixos/tests/freshrss-http-auth.nix 0 → 100644 +20 −0 Original line number Diff line number Diff line import ./make-test-python.nix ({ lib, pkgs, ... }: { name = "freshrss"; meta.maintainers = with lib.maintainers; [ mattchrist ]; nodes.machine = { pkgs, ... }: { services.freshrss = { enable = true; baseUrl = "http://localhost"; dataDir = "/srv/freshrss"; authType = "http_auth"; }; }; testScript = '' machine.wait_for_unit("multi-user.target") machine.wait_for_open_port(80) response = machine.succeed("curl -vvv -s -H 'Host: freshrss' -H 'Remote-User: testuser' http://127.0.0.1:80/i/") assert 'Account: testuser' in response, "http_auth method didn't work." ''; }) pkgs/servers/web-apps/freshrss/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -18,7 +18,7 @@ stdenvNoCC.mkDerivation rec { }; passthru.tests = { inherit (nixosTests) freshrss-sqlite freshrss-pgsql; inherit (nixosTests) freshrss-sqlite freshrss-pgsql freshrss-http-auth; }; buildInputs = [ php ]; Loading Loading
nixos/modules/services/web-apps/freshrss.nix +43 −18 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ let poolName = "freshrss"; in { meta.maintainers = with maintainers; [ etu stunkymonkey ]; meta.maintainers = with maintainers; [ etu stunkymonkey mattchrist ]; options.services.freshrss = { enable = mkEnableOption (mdDoc "FreshRSS feed reader"); Loading @@ -27,7 +27,8 @@ in }; passwordFile = mkOption { type = types.path; type = types.nullOr types.path; default = null; description = mdDoc "Password for the defaultUser for FreshRSS."; example = "/run/secrets/freshrss"; }; Loading Loading @@ -120,7 +121,13 @@ in user = mkOption { type = types.str; default = "freshrss"; description = lib.mdDoc "User under which Freshrss runs."; description = lib.mdDoc "User under which FreshRSS runs."; }; authType = mkOption { type = types.enum [ "form" "http_auth" "none" ]; default = "form"; description = mdDoc "Authentication type for FreshRSS."; }; }; Loading Loading @@ -160,6 +167,14 @@ in }; in mkIf cfg.enable { assertions = mkIf (cfg.authType == "form") [ { assertion = cfg.passwordFile != null; message = '' `passwordFile` must be supplied when using "form" authentication! ''; } ]; # Set up a Nginx virtual host. services.nginx = mkIf (cfg.virtualHost != null) { enable = true; Loading Loading @@ -227,7 +242,7 @@ in settingsFlags = concatStringsSep " \\\n " (mapAttrsToList (k: v: "${k} ${toString v}") { "--default_user" = ''"${cfg.defaultUser}"''; "--auth_type" = ''"form"''; "--auth_type" = ''"${cfg.authType}"''; "--base_url" = ''"${cfg.baseUrl}"''; "--language" = ''"${cfg.language}"''; "--db-type" = ''"${cfg.database.type}"''; Loading Loading @@ -255,18 +270,28 @@ in FRESHRSS_DATA_PATH = cfg.dataDir; }; script = '' script = let userScriptArgs = ''--user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})"''; updateUserScript = optionalString (cfg.authType == "form") '' ./cli/update-user.php ${userScriptArgs} ''; createUserScript = optionalString (cfg.authType == "form") '' ./cli/create-user.php ${userScriptArgs} ''; in '' # do installation or reconfigure if test -f ${cfg.dataDir}/config.php; then # reconfigure with settings ./cli/reconfigure.php ${settingsFlags} ./cli/update-user.php --user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})" ${updateUserScript} else # check correct folders in data folder ./cli/prepare.php # install with settings ./cli/do-install.php ${settingsFlags} ./cli/create-user.php --user ${cfg.defaultUser} --password "$(cat ${cfg.passwordFile})" ${createUserScript} fi ''; }; Loading
nixos/tests/freshrss-http-auth.nix 0 → 100644 +20 −0 Original line number Diff line number Diff line import ./make-test-python.nix ({ lib, pkgs, ... }: { name = "freshrss"; meta.maintainers = with lib.maintainers; [ mattchrist ]; nodes.machine = { pkgs, ... }: { services.freshrss = { enable = true; baseUrl = "http://localhost"; dataDir = "/srv/freshrss"; authType = "http_auth"; }; }; testScript = '' machine.wait_for_unit("multi-user.target") machine.wait_for_open_port(80) response = machine.succeed("curl -vvv -s -H 'Host: freshrss' -H 'Remote-User: testuser' http://127.0.0.1:80/i/") assert 'Account: testuser' in response, "http_auth method didn't work." ''; })
pkgs/servers/web-apps/freshrss/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -18,7 +18,7 @@ stdenvNoCC.mkDerivation rec { }; passthru.tests = { inherit (nixosTests) freshrss-sqlite freshrss-pgsql; inherit (nixosTests) freshrss-sqlite freshrss-pgsql freshrss-http-auth; }; buildInputs = [ php ]; Loading
