diff --git a/home/jonas@monolith.nix b/home/jonas@monolith.nix index 9fdd221..fc7bcfd 100644 --- a/home/jonas@monolith.nix +++ b/home/jonas@monolith.nix @@ -11,6 +11,10 @@ sops = { age.keyFile = "${home.homeDirectory}/.config/sops/age/keys.txt"; }; + sops.secrets.gotifyToken = { + sopsFile = ../secrets/jonas/gotify.yaml; + key = "monolithToken"; + }; # hive moduless hive.doom.enable = true; @@ -34,6 +38,12 @@ hive.yubikey.enable = true; hive.zsh.enable = true; hive.jj.enable = true; + hive.gotify = { + cli.enable = true; + daemon.enable = true; + tokenSopsKey = config.sops.secrets.gotifyToken.name; + host = "gotify.example.de"; + }; # Make session variables available in systemd units # SEE: https://github.com/nix-community/home-manager/pull/5543 diff --git a/modules/default.nix b/modules/default.nix index 94d4ef0..4577948 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -38,6 +38,7 @@ ./home/doom ./home/firefox.nix ./home/flameshot.nix + ./home/gotify.nix ./home/hyprland ./home/jj.nix ./home/kdeconnect.nix diff --git a/modules/home/gotify.nix b/modules/home/gotify.nix new file mode 100644 index 0000000..df32b29 --- /dev/null +++ b/modules/home/gotify.nix @@ -0,0 +1,116 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.hive.gotify; + cli-config = { + token = config.sops.placeholder.${cfg.tokenSopsKey}; + inherit (cfg.cli) url defaultPriority; + }; + daemon-config = { + gotify = + { + inherit (cfg.daemon) url; + token = config.sops.placeholder.${cfg.tokenSopsKey}; + auto_delete = cfg.daemon.autoDelete; + min_priority = cfg.daemon.minPriority; + } + // lib.optionalAttrs (cfg.daemon.onMsgCommand != null) { + on_msg_command = cfg.daemon.onMsgCommand; + }; + }; +in { + options.hive.gotify = { + cli = { + enable = lib.mkEnableOption "Enable Gotify cli tool"; + url = lib.mkOption { + type = lib.types.singleLineStr; + default = "https://${cfg.host}:${toString cfg.port}"; + example = "http://gotify.example.com"; + description = "The http url of the gotify server (for the cli tool)"; + }; + defaultPriority = lib.mkOption { + type = lib.types.int; + default = 0; + example = 3; + description = "The default priority of the dispatched messages"; + }; + }; + daemon = { + enable = lib.mkEnableOption "Enable the Gotify desktop notification daemon"; + url = lib.mkOption { + type = lib.types.singleLineStr; + default = "wss://${cfg.host}:${toString cfg.port}"; + example = "ws://gotify.example.com"; + description = "The websocket url of the gotify server (for the desktop tool)"; + }; + autoDelete = lib.mkOption { + type = lib.types.bool; + default = false; + example = true; + description = "Delete messages that have been handled"; + }; + minPriority = lib.mkOption { + type = lib.types.int; + default = 0; + example = 1; + description = "Ignore messages with priority lower than given value"; + }; + onMsgCommand = lib.mkOption { + type = lib.types.nullOr lib.types.singleLineStr; + default = null; + example = "/usr/bin/beep"; + description = '' A command to tun for each message with env vars + GOTIFY_MSG_PRIORITY, GOTIFY_MSG_TITLE and GOTIFY_MSG_TEXTs + If unset use the standard desktop notification passing + ''; + }; + }; + host = lib.mkOption { + type = lib.types.singleLineStr; + example = "example.com"; + description = "The hostname of the gotify server"; + }; + port = lib.mkOption { + type = lib.types.int; + default = 443; + example = 443; + description = "The port of the gotify server"; + }; + tokenSopsKey = lib.mkOption { + type = lib.types.singleLineStr; + description = "The sops key of the token secret"; + }; + }; + + config = let + cli = lib.mkIf cfg.cli.enable { + home.packages = [pkgs.gotify-cli]; + sops.templates."gotify-cli-json" = { + content = lib.generators.toJSON {} cli-config; + path = "${config.xdg.configHome}/gotify/cli.json"; + }; + }; + daemon = lib.mkIf cfg.daemon.enable { + systemd.user.services.gotify-desktop = { + Unit = { + Description = "Gotify Desktop notification service"; + After = ["sops-nix.service"]; # After the secrets have been rendered + }; + Service = { + ExecStart = "${pkgs.gotify-desktop}"; + }; + Install = { + WantedBy = ["graphical.target"]; + }; + }; + sops.templates."gotify-daemon-toml" = { + content = lib.generators.toINI {} daemon-config; + path = "${config.xdg.configHome}/gotify-desktop/config.toml"; + }; + }; + in + lib.mkMerge [cli daemon]; +} diff --git a/secrets/jonas/gotify.yaml b/secrets/jonas/gotify.yaml new file mode 100644 index 0000000..7eaec14 --- /dev/null +++ b/secrets/jonas/gotify.yaml @@ -0,0 +1,16 @@ +monolithToken: ENC[AES256_GCM,data:fNTDbsDJ53a/h5fV1NCF,iv:skRCUDjAaIhMG1qdQAXMKIidZNKUxHFUISdgy7tTxOY=,tag:/U1cSvR3ZQGimfaQ17dt4g==,type:str] +sops: + age: + - recipient: age1expg8vyduf290pz7l4f3mjzvk9f0azfdn48pyjzs3m6p7v4qjq0qwtn36z + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHb2JYb2JWakdtZ2NjTmsx + RldpMUx1ekV0eEFudDBncnVsa3l2cWpLaFNBCnNRT1NxaGFiaXBOK2JvUjlvd2lN + R2tEOXd2K09iV3JZVTdjZ1EzaTQzTFUKLS0tIHYxMklrcWZza3RlaUFzV3JoMjh5 + clpiRTAxWUZENnhFcmhxcWN1RFFyZ1kKnQWAQpvqwX/pueV9uPiTGYaxWT66p5pK + Vn0tK396IxKtx8MVivDF16oI/w63mvyLWTGU8CCUu/5Np3FRIvD75Q== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-10-30T22:05:53Z" + mac: ENC[AES256_GCM,data:7XTlZdQlbMLxt9Qwl3POFsNe+OBgpHxLMD+EmzQyiP5RTBUZWU7hZBHQCpYgNk+UbValqwr0tASXIIljEQe5HgFYf9d1BRKG9SDQSiEJh97gictp6QKmKqKoN2XaiTiiDAFMDsOWE3tTbLLmTXw0el4v+A5Ijy4v8/VuXG92tK0=,iv:2e5VGgCWFuBtmfPlKc/AvcQ91+zFuX8uvSVxXef0yiI=,tag:4Slc+jYXve9KcChf/78/kQ==,type:str] + unencrypted_suffix: _unencrypted + version: 3.11.0