configuration.nix/hosts/wynne/services/apps/ntfy.nix

{ lib, config, ... }:
let
  inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
  domainName = "ntfy.acomputer.lol";
in
{
  services = {
    caddy.virtualHosts = {
      "${domainName}" = {
        inherit logFormat;
        extraConfig = ''
          reverse_proxy ${config.services.ntfy-sh.settings.listen-http}
        '';
      };
      "${config.networking.hostName}.labs.adtya.xyz" = {
        inherit logFormat;
        extraConfig = ''
          ${tlsAcmeDnsChallenge}
          handle /ntfy-metrics {
            uri replace /ntfy-metrics /metrics
            reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}
          }
        '';
      };
    };

    frp.settings.proxies = [
      {
        name = "http.${domainName}";
        type = "http";
        customDomains = [ "${domainName}" ];
        localPort = 80;
        transport.useCompression = true;
      }
      {
        name = "https.${domainName}";
        type = "https";
        customDomains = [ "${domainName}" ];
        localPort = 443;
        transport.useCompression = true;
      }
    ];
    ntfy-sh = {
      enable = true;
      settings = {
        base-url = "https://${domainName}";
        listen-http = "127.0.0.1:8080";
        metrics-listen-http = "127.0.0.1:8081";
        auth-file = "/mnt/data/ntfy-sh/user.db";
        attachment-cache-dir = "/mnt/data/ntfy-sh/attachments";
        cache-file = "/mnt/data/ntfy-sh/cache-file.db";
        enable-login = true;

        auth-default-access = "deny-all";
      };
    };
  };
  systemd.services.ntfy-sh.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
  systemd.services.ntfy-sh.serviceConfig.WorkingDirectory = "/mnt/data/ntfy-sh";
  systemd.services.ntfy-sh.serviceConfig.User = "ntfy-sh";
  systemd.services.ntfy-sh.serviceConfig.Group = "ntfy-sh";
  systemd.services.ntfy-sh.serviceConfig.DynamicUser = lib.mkForce false;
  users.users.ntfy-sh.home = "/mnt/data/ntfy-sh";
  users.users.ntfy-sh.createHome = true;

}
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`{ lib, config, ... }:`
wynne: enable ntfy.sh 2024-09-17 23:13:44 +05:30			`let`
all: cleanup caddy 2024-10-27 23:09:50 +05:30			`inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;`
wynne: enable ntfy.sh 2024-09-17 23:13:44 +05:30			`domainName = "ntfy.acomputer.lol";`
			`in`
			`{`
			`services = {`
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`caddy.virtualHosts = {`
			`"${domainName}" = {`
all: cleanup caddy 2024-10-27 23:09:50 +05:30			`inherit logFormat;`
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`extraConfig = ''`
wynne: refactor 2024-09-19 19:08:48 +05:30			`reverse_proxy ${config.services.ntfy-sh.settings.listen-http}`
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`'';`
			`};`
			`"${config.networking.hostName}.labs.adtya.xyz" = {`
all: cleanup caddy 2024-10-27 23:09:50 +05:30			`inherit logFormat;`
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`extraConfig = ''`
all: cleanup caddy 2024-10-27 23:09:50 +05:30			`${tlsAcmeDnsChallenge}`
wynne: refactor 2024-09-19 19:08:48 +05:30			`handle /ntfy-metrics {`
			`uri replace /ntfy-metrics /metrics`
			`reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}`
			`}`
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`'';`
			`};`
wynne: enable ntfy.sh 2024-09-17 23:13:44 +05:30			`};`

			`frp.settings.proxies = [`
			`{`
			`name = "http.${domainName}";`
			`type = "http";`
			`customDomains = [ "${domainName}" ];`
			`localPort = 80;`
			`transport.useCompression = true;`
			`}`
			`{`
			`name = "https.${domainName}";`
			`type = "https";`
			`customDomains = [ "${domainName}" ];`
			`localPort = 443;`
			`transport.useCompression = true;`
			`}`
			`];`
			`ntfy-sh = {`
			`enable = true;`
			`settings = {`
			`base-url = "https://${domainName}";`
			`listen-http = "127.0.0.1:8080";`
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`metrics-listen-http = "127.0.0.1:8081";`
wynne: ntfy - reconfigure directories 2024-09-17 23:47:19 +05:30			`auth-file = "/mnt/data/ntfy-sh/user.db";`
			`attachment-cache-dir = "/mnt/data/ntfy-sh/attachments";`
			`cache-file = "/mnt/data/ntfy-sh/cache-file.db";`
wynne: enable login in ntfy 2024-10-25 22:57:53 +05:30			`enable-login = true;`
wynne: ntfy - reconfigure directories 2024-09-17 23:47:19 +05:30
			`auth-default-access = "deny-all";`
wynne: enable ntfy.sh 2024-09-17 23:13:44 +05:30			`};`
			`};`
			`};`
wynne: ntfy - reconfigure directories 2024-09-17 23:47:19 +05:30			`systemd.services.ntfy-sh.unitConfig.RequiresMountsFor = [ "/mnt/data" ];`
wynne: ntfy - setup metrics 2024-09-18 00:30:39 +05:30			`systemd.services.ntfy-sh.serviceConfig.WorkingDirectory = "/mnt/data/ntfy-sh";`
			`systemd.services.ntfy-sh.serviceConfig.User = "ntfy-sh";`
			`systemd.services.ntfy-sh.serviceConfig.Group = "ntfy-sh";`
			`systemd.services.ntfy-sh.serviceConfig.DynamicUser = lib.mkForce false;`
			`users.users.ntfy-sh.home = "/mnt/data/ntfy-sh";`
			`users.users.ntfy-sh.createHome = true;`

wynne: enable ntfy.sh 2024-09-17 23:13:44 +05:30			`}`