{ config, lib, pkgs, ... }: { # includes mail address, which includes ntfy token sops.secrets."monit/mail" = {}; services.monit = { enable = true; config = '' include /run/secrets/monit/mail set daemon 120 with start delay 60 set mailserver localhost port 2525 set httpd port 2812 address localhost allow localhost check filesystem root with path / if space usage > 80% then alert if inode usage > 80% then alert check host stuebinm.eu with address stuebinm.eu if failed port 443 with protocol https then alert check host akkoma with address pleroma.stuebinm.eu if failed port 443 with protocol https then alert check host murmur with address meow.noms.ing if failed port 64738 of type tcp using ssl with expect "NixOS" then alert check process sshd with pidfile /var/run/sshd.pid start program "${pkgs.systemd}/bin/systemctl start sshd" stop program "${pkgs.systemd}/bin/systemctl stop sshd" if failed port 22 protocol ssh for 2 cycles then restart check process postfix with pidfile /var/lib/postfix/queue/pid/master.pid start program = "${pkgs.systemd}/bin/systemctl start postfix" stop program = "${pkgs.systemd}/bin/systemctl stop postfix" if failed port 25 protocol smtp for 5 cycles then restart check process dovecot with pidfile /var/run/dovecot2/master.pid start program = "${pkgs.systemd}/bin/systemctl start dovecot2" stop program = "${pkgs.systemd}/bin/systemctl stop dovecot2" if failed host mail.stuebinm.eu port 993 type tcpssl sslauto protocol imap for 5 cycles then restart check host bahnhof.name with address bahnhof.name if failed port 443 with protocol https then alert set mail-format { subject: $SERVICE: $EVENT message: Action: $ACTION $SERVICE: $DESCRIPTION. ($DATE) } ''; }; }