add filtron and rss-bridge modules

11 files changed, 156 insertions, 9 deletions

diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
index 9485a9d..d5f15a2 100644
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@@ -1,13 +1,5 @@
 { ... }:
 
 {
-  imports = [
-    ./boot.nix
-    ./environment.nix
-    ./gui.nix
-    ./hardware.nix
-    ./networking.nix
-    ./nix.nix
-    ./user.nix
-  ];
+  imports = [ ./filtron.nix ./personal ./rss-bridge.nix ];
 }
diff --git a/modules/nixos/filtron.nix b/modules/nixos/filtron.nix
new file mode 100644
index 0000000..31d77e9
--- /dev/null
+++ b/modules/nixos/filtron.nix
@@ -0,0 +1,86 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.services.filtron;
+  addressType = lib.types.submodule {
+    options = {
+      address = lib.mkOption {
+        type = lib.types.str;
+        default = "127.0.0.1";
+      };
+      port = lib.mkOption { type = lib.types.port; };
+    };
+  };
+in {
+  options.services.filtron = {
+    enable = lib.mkEnableOption "filtron";
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.personal.filtron;
+      defaultText = lib.literalExample "pkgs.personal.filtron";
+      description = ''
+        The package containing the filtron executable.
+      '';
+    };
+    api = lib.mkOption {
+      type = addressType;
+      default = { address = "localhost"; port = 4005; };
+      description = ''
+        API listen address and port.
+      '';
+    };
+    listen = lib.mkOption {
+      type = addressType;
+      default = { port = 4004; };
+      description = ''
+        Proxy listen address and port.
+      '';
+    };
+    target = lib.mkOption {
+      type = addressType;
+      default = { port = 8888; };
+      description = ''
+        Target address and port for reverse proxy.
+      '';
+    };
+    rules = lib.mkOption {
+      type = with lib.types; listOf (attrsOf anything);
+      description = ''
+        Rule list.
+      '';
+    };
+    readBufferSize = lib.mkOption {
+      type = lib.types.int;
+      default = 16384;
+      description = ''
+        Size of the buffer used for reading.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    users.users.filtron = {
+      description = "Filtron daemon user";
+      group = "filtron";
+      isSystemUser = true;
+    };
+    users.groups.filtron = { };
+
+    systemd.services.filtron = {
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+      description = "Start a filtron instance.";
+      serviceConfig = {
+        User = "filtron";
+        ExecStart = with builtins; ''
+          ${cfg.package}/bin/filtron \
+                  -rules ${toFile "filtron-rules.json" (toJSON cfg.rules)} \
+                  -api "${cfg.api.address}:${toString cfg.api.port}" \
+                  -listen "${cfg.listen.address}:${toString cfg.listen.port}" \
+                  -target "${cfg.target.address}:${toString cfg.target.port}" \
+                  -read-buffer-size ${toString cfg.readBufferSize}
+        '';
+      };
+    };
+  };
+}
diff --git a/modules/nixos/boot.nix b/modules/nixos/personal/boot.nix
index b3f36aa..b3f36aa 100644
--- a/modules/nixos/boot.nix
+++ b/modules/nixos/personal/boot.nix
diff --git a/modules/nixos/personal/default.nix b/modules/nixos/personal/default.nix
new file mode 100644
index 0000000..9485a9d
--- /dev/null
+++ b/modules/nixos/personal/default.nix
@@ -0,0 +1,13 @@
+{ ... }:
+
+{
+  imports = [
+    ./boot.nix
+    ./environment.nix
+    ./gui.nix
+    ./hardware.nix
+    ./networking.nix
+    ./nix.nix
+    ./user.nix
+  ];
+}
diff --git a/modules/nixos/environment.nix b/modules/nixos/personal/environment.nix
index 5c84037..5c84037 100644
--- a/modules/nixos/environment.nix
+++ b/modules/nixos/personal/environment.nix
diff --git a/modules/nixos/gui.nix b/modules/nixos/personal/gui.nix
index d4de375..d4de375 100644
--- a/modules/nixos/gui.nix
+++ b/modules/nixos/personal/gui.nix
diff --git a/modules/nixos/hardware.nix b/modules/nixos/personal/hardware.nix
index 71d48a4..71d48a4 100644
--- a/modules/nixos/hardware.nix
+++ b/modules/nixos/personal/hardware.nix
diff --git a/modules/nixos/networking.nix b/modules/nixos/personal/networking.nix
index 2b853de..2b853de 100644
--- a/modules/nixos/networking.nix
+++ b/modules/nixos/personal/networking.nix
diff --git a/modules/nixos/nix.nix b/modules/nixos/personal/nix.nix
index 24b5012..24b5012 100644
--- a/modules/nixos/nix.nix
+++ b/modules/nixos/personal/nix.nix
diff --git a/modules/nixos/user.nix b/modules/nixos/personal/user.nix
index 0d1585e..0d1585e 100644
--- a/modules/nixos/user.nix
+++ b/modules/nixos/personal/user.nix
diff --git a/modules/nixos/rss-bridge.nix b/modules/nixos/rss-bridge.nix
new file mode 100644
index 0000000..8974ae6
--- /dev/null
+++ b/modules/nixos/rss-bridge.nix
@@ -0,0 +1,56 @@
+{ config, lib, pkgs, ... }:
+
+let cfg = config.services.rss-bridge;
+in {
+  options.services.rss-bridge = {
+    package = lib.mkOption {
+      type = lib.types.package;
+      description = "Which derivation to use.";
+      default = pkgs.rss-bridge;
+      defaultText = lib.literalExample "pkgs.rss-bridge";
+    };
+    debug = lib.mkEnableOption "debug mode";
+    extraBridges = lib.mkOption {
+      type = lib.types.listOf (lib.types.submodule {
+        options = {
+          name = lib.mkOption {
+            type = lib.types.strMatching "[a-zA-Z0-9]*";
+            description = ''
+              The name of the bridge.
+              It need not include 'Bridge' at the end, unlike required in RSS-Bridge.
+            '';
+            example = "SomeAppWithANewsletter";
+          };
+          source = lib.mkOption {
+            type = lib.types.path;
+            description = ''
+              The path to a file whose contents is the PHP sourcecode of the bridge.
+              See also the RSS-Bridge documentation: https://rss-bridge.github.io/rss-bridge/Bridge_API/index.html.
+            '';
+          };
+        };
+      });
+      default = [ ];
+      description = ''
+        A list of additional bridges that aren't already included in RSS-Bridge.
+        These bridges are automatically whitelisted'';
+    };
+  };
+
+  config.services.rss-bridge.whitelist =
+    map (bridge: bridge.name) cfg.extraBridges;
+  config.services.nginx = lib.mkIf (cfg.virtualHost != null) {
+    virtualHosts.${cfg.virtualHost}.root = lib.mkIf (cfg.extraBridges != [ ])
+      (lib.mkForce (pkgs.runCommand "rss-bridge" { } (''
+        mkdir -p $out/bridges
+        cp -r ${cfg.package}/* $out/
+        pushd $out/bridges
+      '' + lib.concatStrings (map (bridge: ''
+        ln -sf ${bridge.source} "${bridge.name}Bridge.php"
+      '') cfg.extraBridges) + ''
+        popd
+      '' + lib.optionalString cfg.debug ''
+        touch $out/DEBUG
+      '')));
+  };
+}