Add freshrss nspawn container

hosts/stratus/containers/nspawn/freshrss/default.nix

@@ -0,0 +1,38 @@
+{ lib, ... }:
+let
+  serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name
+  subdomain = "rss";
+in
+{
+  sops.secrets."container/freshrss/admin-password" = { };
+
+  containers.${serviceName}.config =
+    {
+      config,
+      domain,
+      dataDir,
+      ...
+    }:
+    let
+      userName = config.users.users.freshrss.name;
+      groupName = config.users.groups.freshrss.name;
+    in
+    {
+      systemd.tmpfiles.rules = [
+        "z /run/secrets/container/freshrss/admin-password - ${userName} ${groupName} -"
+      ];
+
+      services.freshrss = {
+        enable = true;
+        inherit dataDir;
+        baseUrl = "https://${subdomain}.${domain}";
+        defaultUser = "seb";
+        passwordFile = "/run/secrets/container/freshrss/admin-password";
+      };
+
+      myConfig.tailscale = {
+        inherit subdomain;
+        serve = "80";
+      };
+    };
+}