aylac.top / nixcfg-own-knot
forked from aylac.top/nixcfg
this repo has no description
fork atom
nixcfg-own-knot / modules / nixos / services / ntfy / default.nix
at 424dbb5cdb830d4730fa57dce15c943b392517aa 1.7 kB view raw
1{ 2 config, 3 lib, 4 ... 5}: let 6 name = "ntfy"; 7 cfg = config.myNixOS.services.${name}; 8 9 network = config.mySnippets.aylac-top; 10 service = network.networkMap.${name}; 11in { 12 options.myNixOS.services.${name} = { 13 enable = lib.mkEnableOption "${name} server"; 14 autoProxy = lib.mkOption { 15 default = true; 16 example = false; 17 description = "${name} auto proxy"; 18 type = lib.types.bool; 19 }; 20 }; 21 22 config = lib.mkIf cfg.enable { 23 services.cloudflared.tunnels."${network.cloudflareTunnel}".ingress = lib.mkIf cfg.autoProxy { 24 "${service.vHost}" = "http://${service.hostName}:${toString service.port}"; 25 }; 26 27 containers.ntfy = { 28 autoStart = true; 29 config = { 30 services.ntfy-sh = { 31 enable = true; 32 user = "ntfy"; 33 group = "ntfy"; 34 settings = { 35 listen-http = ":${toString service.port}"; 36 base-url = "https://${service.vHost}"; 37 cache-duration = "30d"; 38 cache-startup-queries = '' 39 pragma journal_mode = WAL; 40 pragma synchronous = normal; 41 pragma temp_store = memory; 42 ''; 43 behind-proxy = true; 44 auth-default-access = "deny-all"; 45 auth-users = [ 46 "ayla:$2a$10$hh05DMOuVQ3Zf67Rn8VUl.HYUop/.90V04IhNPmOsSYh9FSHCbL1K:admin" 47 "auto:$2a$10$w7EDB/6orrpM9JVBqu4jHeBKvXliA4jvRI7Nd.fn.Fo4rGTHD50ju:user" 48 ]; 49 auth-access = [ 50 "everyone:up*:wo" 51 "auto:*:wo" 52 "everyone:message-to-ayla:wo" 53 ]; 54 }; 55 }; 56 57 system.stateVersion = "25.11"; 58 }; 59 }; 60 }; 61}