ntfy: added notifications when user logs in via SSH, also added notifications for qBittorrent and ytptube

This commit is contained in:
Tigor Hutasuhut 2024-09-20 18:42:07 +07:00
parent b786265aa6
commit 1383b523bb
3 changed files with 52 additions and 4 deletions

View file

@ -1,6 +1,7 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.profile.openssh; cfg = config.profile.openssh;
inherit (lib.meta) getExe;
in in
{ {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
@ -37,5 +38,23 @@ in
overalljails = true; # Calculate the bantime based on all the violations overalljails = true; # Calculate the bantime based on all the violations
}; };
}; };
sops.secrets."ntfy/tokens/homeserver" = { sopsFile = ../../secrets/ntfy.yaml; };
sops.templates."ntfy-ssh-login.sh" = {
content = builtins.readFile (lib.meta.getExe (pkgs.writeShellScriptBin "ntfy-ssh-login.sh" /*sh*/ ''
if [ "$PAM_TYPE" == "open_session" ]; then
${getExe pkgs.curl} -X POST \
-H "X-Priority: 4" \
-H "X-Tags: warning" \
-H "Authorization: Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}" \
-d "SSH login: $PAM_USER from $PAM_RHOST" \
https://ntfy.tigor.web.id/ssh
fi
''));
};
security.pam.services.sshd.text = lib.mkDefault (lib.mkAfter ''
session optional pam_exec.so ${getExe pkgs.bash} ${config.sops.templates."ntfy-ssh-login.sh".path}
'');
}; };
} }

View file

@ -63,7 +63,7 @@ in
-H "X-Title: $1" \ -H "X-Title: $1" \
-H "X-Tags: white_check_mark,$2" \ -H "X-Tags: white_check_mark,$2" \
-d "Number of Files: $7, Size: $size" \ -d "Number of Files: $7, Size: $size" \
https://ntfy.tigor.web.id/qbittorrent https://ntfy.tigor.web.id/qbittorrent?priority=4
''); '');
start-notify-script = pkgs.writeScriptBin "notify-start.sh" (optionalString config.services.ntfy-sh.enable /*sh*/ '' start-notify-script = pkgs.writeScriptBin "notify-start.sh" (optionalString config.services.ntfy-sh.enable /*sh*/ ''
#!/bin/bash #!/bin/bash

View file

@ -17,14 +17,43 @@ let
}; };
webhook = builtins.readFile ((pkgs.formats.json { }).generate "webhooks.json" [ webhook = builtins.readFile ((pkgs.formats.json { }).generate "webhooks.json" [
{ {
name = "NTFY Webhook"; name = "NTFY Webhook Added";
on = [ "added" "completed" "error" "not_live" ]; on = [ "added" ];
request = {
url = "https://ntfy.tigor.web.id/ytptube?tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20added.";
type = "json";
method = "POST";
headers = {
Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}'';
X-Tags = "rocket";
};
};
}
{
name = "NTFY Webhook Completed";
on = [ "completed" ];
request = { request = {
url = "https://ntfy.tigor.web.id/ytptube?tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20%7B%7B%20.status%20%7D%7D"; url = "https://ntfy.tigor.web.id/ytptube?tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20%7B%7B%20.status%20%7D%7D";
type = "json"; type = "json";
method = "POST"; method = "POST";
headers = { headers = {
Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}''; Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}'';
X-Tags = "heavy_check_mark";
X-Priority = "4";
};
};
}
{
name = "NTFY Webhook Error";
on = [ "error" ];
request = {
url = "https://ntfy.tigor.web.id/ytptube?tpl=1&t=%7B%7B.title%7D%7D&m=%5B%7B%7B%20.folder%20%7D%7D%5D%20Download%20%7B%7B%20.status%20%7D%7D";
type = "json";
method = "POST";
headers = {
Authorization = ''Bearer ${config.sops.placeholder."ntfy/tokens/homeserver"}'';
X-Priority = "4";
X-Tags = "x";
}; };
}; };
} }