ntfy: separated client and server config

This commit is contained in:
Tigor Hutasuhut 2024-09-05 13:23:04 +07:00
parent 0f56e29da7
commit 41fa538e30
3 changed files with 41 additions and 32 deletions

View file

@ -24,6 +24,10 @@ in
navidrome.enable = mkEnableOption "navidrome";
ntfy-sh.enable = mkEnableOption "ntfy-sh";
ntfy-sh.client.enable = mkOption {
type = types.bool;
default = config.profile.services.ntfy-sh.enable;
};
telemetry = {
enable = mkEnableOption "telemetry";

View file

@ -96,5 +96,6 @@ in
programs.easyeffects.enable = true;
programs.wezterm.enable = true;
podman.enable = true;
services.ntfy-sh.client.enable = true;
};
}

View file

@ -1,14 +1,45 @@
{ config, pkgs, lib, ... }:
let
cfg = config.profile.services.ntfy-sh;
client = cfg.client;
inherit (lib) mkIf;
domain = "ntfy.tigor.web.id";
listenAddress = "0.0.0.0:15150";
in
{
config = mkIf cfg.enable {
lib.mkMerge [
(mkIf cfg.enable {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${config.services.ntfy-sh.settings.listen-http}
reverse_proxy ${listenAddress}
'';
services.ntfy-sh = {
enable = true;
settings =
let
base-dir = "/var/lib/ntfy-sh";
in
rec {
listen-http = listenAddress;
behind-proxy = true;
base-url = "https://${domain}";
# Performance. Cache and Batching.
cache-file = "${base-dir}/cache.db";
cache-duration = "24h";
cache-batch-size = 10;
cache-batch-timeout = "1s";
# Auth
auth-file = "${base-dir}/auth.db";
auth-default-access = "deny-all";
# Attachments
attachment-cache-dir = "${base-dir}/attachments";
attachment-expiry-duration = cache-duration;
};
};
})
(mkIf client.enable {
environment.systemPackages = with pkgs; [
# Access to `ntfy` cli tool
ntfy-sh
@ -42,32 +73,5 @@ in
};
};
};
services.ntfy-sh = {
enable = true;
settings =
let
base-dir = "/var/lib/ntfy-sh";
in
rec {
listen-http = "0.0.0.0:15150";
behind-proxy = true;
base-url = "https://${domain}";
# Performance. Cache and Batching.
cache-file = "${base-dir}/cache.db";
cache-duration = "24h";
cache-batch-size = 10;
cache-batch-timeout = "1s";
# Auth
auth-file = "${base-dir}/auth.db";
auth-default-access = "deny-all";
# Attachments
attachment-cache-dir = "${base-dir}/attachments";
attachment-expiry-duration = cache-duration;
};
};
};
}
})
]