summaryrefslogtreecommitdiff
path: root/chaski
diff options
context:
space:
mode:
Diffstat (limited to 'chaski')
-rw-r--r--chaski/configuration.nix3
-rw-r--r--chaski/services/conduit.nix24
2 files changed, 27 insertions, 0 deletions
diff --git a/chaski/configuration.nix b/chaski/configuration.nix
index 875e412..d2b1233 100644
--- a/chaski/configuration.nix
+++ b/chaski/configuration.nix
@@ -15,6 +15,9 @@
./services/conduit.nix
];
+ sops.defaultSopsFile = ../secrets/chaski.yaml;
+ # This will automatically import SSH keys as age keys
+ sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
environment.noXlibs = true;
services.nginx.enable = true;
diff --git a/chaski/services/conduit.nix b/chaski/services/conduit.nix
index 022863c..30d6a0b 100644
--- a/chaski/services/conduit.nix
+++ b/chaski/services/conduit.nix
@@ -1,5 +1,14 @@
{ config, lib, pkgs, ... }:
+let
+ botConfig = pkgs.writeText "ntfy-matrix-bot.toml" ''
+ matrix_homeserver = "https://conduit.stuebinm.eu"
+ matrix_username = "testbot"
+ matrix_rooms = [ "#test:conduit.stuebinm.eu" ]
+ ntfy_server = "https://ping.stuebinm.eu"
+ ntfy_topics = [ "monit" ]
+ '';
+in
{
services.matrix-conduit = {
enable = true;
@@ -11,7 +20,22 @@
port = 6167;
allow_registration = false;
};
+ };
+
+ sops.secrets."ntfy-matrix-bot/env" = {};
+ systemd.services.ntfy-matrix-bot = {
+ enable = true;
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ ExecStart = "${lib.getExe pkgs.ntfy-matrix-bot} -c ${botConfig}";
+ Type = "simple";
+ RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
+ DynamicUser = true;
+ BindPaths = botConfig;
+ EnvironmentFile = "/run/secrets/ntfy-matrix-bot/env";
+ };
+ environment.RUST_LOG = "ntfy_matrix_bot=info";
};
services.nginx.virtualHosts."conduit.stuebinm.eu" = {