From 5334297b9d97ca83c142720a17bd5aaaa339d8d8 Mon Sep 17 00:00:00 2001
From: William <baduhai@proton.me>
Date: Wed, 8 Apr 2026 14:12:19 -0300
Subject: [PATCH] freshrss on alexandria

---
 aspects/hosts/_alexandria/freshrss.nix | 27 ++++++++++++++++++++++++++
 data/services.nix                      |  5 +++++
 secrets/freshrss-adminpass.age         |  5 +++++
 secrets/secrets.nix                    |  5 +++++
 4 files changed, 42 insertions(+)
 create mode 100644 aspects/hosts/_alexandria/freshrss.nix
 create mode 100644 secrets/freshrss-adminpass.age

diff --git a/aspects/hosts/_alexandria/freshrss.nix b/aspects/hosts/_alexandria/freshrss.nix
new file mode 100644
index 0000000..0bd87a2
--- /dev/null
+++ b/aspects/hosts/_alexandria/freshrss.nix
@@ -0,0 +1,27 @@
+{
+  config,
+  inputs,
+  pkgs,
+  lib,
+  ...
+}:
+
+{
+  imports = [ inputs.nixpkgs-stable.nixosModules.freshrss ];
+
+  services.freshrss = {
+    enable = true;
+    defaultUser = "admin";
+    passwordFile = config.age.secrets.freshrss-adminpass.path;
+    baseUrl = "https://rss.baduhai.dev";
+    dataDir = "/data/freshrss";
+    webserver = "nginx";
+    virtualHost = "rss.baduhai.dev";
+  };
+
+  age.secrets.freshrss-adminpass = {
+    file = "${inputs.self}/secrets/freshrss-adminpass.age";
+    owner = "freshrss";
+    group = "freshrss";
+  };
+}
diff --git a/data/services.nix b/data/services.nix
index ae7395c..e95e497 100644
--- a/data/services.nix
+++ b/data/services.nix
@@ -38,5 +38,10 @@
       domain = "jellyfin.baduhai.dev";
       host = "alexandria";
     }
+    {
+      name = "freshrss";
+      domain = "rss.baduhai.dev";
+      host = "alexandria";
+    }
   ];
 }
diff --git a/secrets/freshrss-adminpass.age b/secrets/freshrss-adminpass.age
new file mode 100644
index 0000000..23d916c
--- /dev/null
+++ b/secrets/freshrss-adminpass.age
@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 J6tVTA fdRrrXH3MMJBFeelTnZ8K5N9OwtqhOYGf+jE6Cliux0
+tnRedvv4+SLlDMg+Rjl5Uo3z+NiJm5R3QxWOY433lmw
+--- buo1j1LOow6oO4/AYCiKSupOXsK0obgk91YEH9l7ESY
+6Ù4–„v‡éÿ¥Ÿ>kÁïÇ|g£oÓL¤æâÁ1}`’ê­FØi¢. ¶$ý-Û.ŒoõîÈ]Ð
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index a90cd74..277d880 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -32,4 +32,9 @@ in
     rotterdam-user
     trantor
   ];
+  "freshrss-adminpass.age".publicKeys = [
+    io-user
+    rotterdam-user
+    alexandria
+  ];
 }