From fb52d696dec21607cc02ad2c43b5ca47a1cc1158 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 3 Jun 2023 15:39:22 +0200 Subject: ma ntfy: init --- makefu/2configs/deployment/ntfysh.nix | 41 +++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 makefu/2configs/deployment/ntfysh.nix (limited to 'makefu/2configs/deployment') diff --git a/makefu/2configs/deployment/ntfysh.nix b/makefu/2configs/deployment/ntfysh.nix new file mode 100644 index 000000000..1a3311d9e --- /dev/null +++ b/makefu/2configs/deployment/ntfysh.nix @@ -0,0 +1,41 @@ +{ lib, config, ... }: +let + web-port = 19455; + hostn = "ntfy.euer.krebsco.de"; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; +in +{ + services.ntfy-sh = { + enable = true; + settings = { + listen-http = "127.0.0.1:${toString web-port}"; + auth-file = "/var/lib/ntfy-sh/user.db"; + auth-default-access = "deny-all"; + behind-proxy = true; + attachment-cache-dir = "/media/cloud/ntfy-sh/attachments"; + attachment-file-size-limit = "500m"; + attachment-total-size-limit = "100g"; + base-url = "https://ntfy.euer.krebsco.de"; + attachment-expiry-duration = "48h"; + }; + }; + + systemd.services.ntfy-sh.serviceConfig = { + StateDirectory = "ntfy-sh"; + SupplementaryGroups = [ "download" ]; + }; + + services.nginx = { + enable = lib.mkDefault true; + virtualHosts."${hostn}" = { + forceSSL = true; + enableACME = true; + + locations."/" = { + proxyPass = "http://localhost:${toString web-port}/"; + proxyWebsockets = true; + recommendedProxySettings = true; + }; + }; + }; +} -- cgit v1.2.3