From cea96f49fa71e9eaced1fe59fe8c9ab5392c2f6d Mon Sep 17 00:00:00 2001 From: stuebinm Date: Wed, 27 Mar 2024 23:52:39 +0100 Subject: help i wrote a matrix bot not sure if this is a good idea or not, but i always liked how the IRC #voc-wok channel of the c3voc works, and I don't run my own IRC (nor do i want to have my monitoring on infra that is not my own), so I built a similar thing with matrix. --- chaski/configuration.nix | 3 +++ chaski/services/conduit.nix | 24 ++++++++++++++++++++++++ 2 files changed, 27 insertions(+) (limited to 'chaski') diff --git a/chaski/configuration.nix b/chaski/configuration.nix index 875e412..d2b1233 100644 --- a/chaski/configuration.nix +++ b/chaski/configuration.nix @@ -15,6 +15,9 @@ ./services/conduit.nix ]; + sops.defaultSopsFile = ../secrets/chaski.yaml; + # This will automatically import SSH keys as age keys + sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; environment.noXlibs = true; services.nginx.enable = true; diff --git a/chaski/services/conduit.nix b/chaski/services/conduit.nix index 022863c..30d6a0b 100644 --- a/chaski/services/conduit.nix +++ b/chaski/services/conduit.nix @@ -1,5 +1,14 @@ { config, lib, pkgs, ... }: +let + botConfig = pkgs.writeText "ntfy-matrix-bot.toml" '' + matrix_homeserver = "https://conduit.stuebinm.eu" + matrix_username = "testbot" + matrix_rooms = [ "#test:conduit.stuebinm.eu" ] + ntfy_server = "https://ping.stuebinm.eu" + ntfy_topics = [ "monit" ] + ''; +in { services.matrix-conduit = { enable = true; @@ -11,7 +20,22 @@ port = 6167; allow_registration = false; }; + }; + + sops.secrets."ntfy-matrix-bot/env" = {}; + systemd.services.ntfy-matrix-bot = { + enable = true; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${lib.getExe pkgs.ntfy-matrix-bot} -c ${botConfig}"; + Type = "simple"; + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; + DynamicUser = true; + BindPaths = botConfig; + EnvironmentFile = "/run/secrets/ntfy-matrix-bot/env"; + }; + environment.RUST_LOG = "ntfy_matrix_bot=info"; }; services.nginx.virtualHosts."conduit.stuebinm.eu" = { -- cgit v1.2.3