configuration.nix/hosts/wynne/services/apps/ntfy.nix
2024-09-19 19:08:48 +05:30

64 lines
1.9 KiB
Nix

{ lib, config, ... }:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "ntfy.acomputer.lol";
in
{
services = {
caddy.virtualHosts = {
"${domainName}" = {
logFormat = logFormat domainName;
extraConfig = ''
reverse_proxy ${config.services.ntfy-sh.settings.listen-http}
'';
};
"${config.networking.hostName}.labs.adtya.xyz" = {
logFormat = logFormat domainName;
extraConfig = ''
handle /ntfy-metrics {
uri replace /ntfy-metrics /metrics
reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}
}
'';
};
};
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
ntfy-sh = {
enable = true;
settings = {
base-url = "https://${domainName}";
listen-http = "127.0.0.1:8080";
metrics-listen-http = "127.0.0.1:8081";
auth-file = "/mnt/data/ntfy-sh/user.db";
attachment-cache-dir = "/mnt/data/ntfy-sh/attachments";
cache-file = "/mnt/data/ntfy-sh/cache-file.db";
auth-default-access = "deny-all";
};
};
};
systemd.services.ntfy-sh.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
systemd.services.ntfy-sh.serviceConfig.WorkingDirectory = "/mnt/data/ntfy-sh";
systemd.services.ntfy-sh.serviceConfig.User = "ntfy-sh";
systemd.services.ntfy-sh.serviceConfig.Group = "ntfy-sh";
systemd.services.ntfy-sh.serviceConfig.DynamicUser = lib.mkForce false;
users.users.ntfy-sh.home = "/mnt/data/ntfy-sh";
users.users.ntfy-sh.createHome = true;
}