Home Gen69 @ 2025-10-31-00:59 by jonas@monolith

home/jonas@monolith.nix

@@ -11,6 +11,14 @@
   sops = {
     age.keyFile = "${home.homeDirectory}/.config/sops/age/keys.txt";
   };
+  sops.secrets.gotifyDaemonToken = {
+    sopsFile = ../secrets/jonas/gotify.yaml;
+    key = "monolithDesktopToken";
+  };
+  sops.secrets.gotifyCLIToken = {
+    sopsFile = ../secrets/jonas/gotify.yaml;
+    key = "cliToken";
+  };
 
   # hive moduless
   hive.doom.enable = true;
@@ -34,6 +42,13 @@
   hive.yubikey.enable = true;
   hive.zsh.enable = true;
   hive.jj.enable = true;
+  hive.gotify = {
+    cli.enable = true;
+    daemon.enable = true;
+    cli.tokenSopsKey = config.sops.secrets.gotifyCLIToken.name;
+    daemon.tokenSopsKey = config.sops.secrets.gotifyDaemonToken.name;
+    host = "gotify.jroeger.de";
+  };
 
   # Make session variables available in systemd units
   # SEE: https://github.com/nix-community/home-manager/pull/5543

modules/default.nix

@@ -38,6 +38,7 @@
       ./home/doom
       ./home/firefox.nix
       ./home/flameshot.nix
+      ./home/gotify.nix
       ./home/hyprland
       ./home/jj.nix
       ./home/kdeconnect.nix

modules/home/gotify.nix

@@ -0,0 +1,153 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  cfg = config.hive.gotify;
+  cli-config = {
+    token = config.sops.placeholder.${cfg.cli.tokenSopsKey};
+    inherit (cfg.cli) url defaultPriority;
+  };
+  daemon-config = {
+    gotify =
+      {
+        inherit (cfg.daemon) url;
+        token = config.sops.placeholder.${cfg.daemon.tokenSopsKey};
+        auto_delete = cfg.daemon.autoDelete;
+        min_priority = cfg.daemon.minPriority;
+      }
+      // lib.optionalAttrs (cfg.daemon.onMsgCommand != null) {
+        on_msg_command = cfg.daemon.onMsgCommand;
+      };
+  };
+
+  valueToString = val:
+    if (builtins.typeOf val == "string")
+    then "\"${val}\""
+    else
+      (
+        if (builtins.typeOf val == "int")
+        then "${toString val}"
+        else
+          (
+            if (builtins.typeOf val == "bool")
+            then
+              (
+                if val
+                then "true"
+                else "false"
+              )
+            else (abort "Expected string int or bool, got ${builtins.typeOf val} with value ${toString val}")
+          )
+      );
+
+  toTOML = attrs:
+    lib.concatStrings (
+      lib.attrValues (
+        lib.mapAttrs (
+          name: config: ''
+            [${name}]
+            ${lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs (k: v: "${k} = ${valueToString v}") config))}
+          ''
+        )
+        attrs
+      )
+    );
+in {
+  options.hive.gotify = {
+    cli = {
+      enable = lib.mkEnableOption "Enable Gotify cli tool";
+      url = lib.mkOption {
+        type = lib.types.singleLineStr;
+        default = "https://${cfg.host}:${toString cfg.port}";
+        example = "http://gotify.example.com";
+        description = "The http url of the gotify server (for the cli tool)";
+      };
+      tokenSopsKey = lib.mkOption {
+        type = lib.types.singleLineStr;
+        description = "The sops key of the token secret";
+      };
+      defaultPriority = lib.mkOption {
+        type = lib.types.int;
+        default = 0;
+        example = 3;
+        description = "The default priority of the dispatched messages";
+      };
+    };
+    daemon = {
+      enable = lib.mkEnableOption "Enable the Gotify desktop notification daemon";
+      url = lib.mkOption {
+        type = lib.types.singleLineStr;
+        default = "wss://${cfg.host}:${toString cfg.port}";
+        example = "ws://gotify.example.com";
+        description = "The websocket url of the gotify server (for the desktop tool)";
+      };
+      tokenSopsKey = lib.mkOption {
+        type = lib.types.singleLineStr;
+        description = "The sops key of the token secret";
+      };
+      autoDelete = lib.mkOption {
+        type = lib.types.bool;
+        default = false;
+        example = true;
+        description = "Delete messages that have been handled";
+      };
+      minPriority = lib.mkOption {
+        type = lib.types.int;
+        default = 0;
+        example = 1;
+        description = "Ignore messages with priority lower than given value";
+      };
+      onMsgCommand = lib.mkOption {
+        type = lib.types.nullOr lib.types.singleLineStr;
+        default = null;
+        example = "/usr/bin/beep";
+        description = ''          A command to tun for each message with env vars
+                    GOTIFY_MSG_PRIORITY, GOTIFY_MSG_TITLE and GOTIFY_MSG_TEXTs
+                    If unset use the standard desktop notification passing
+        '';
+      };
+    };
+    host = lib.mkOption {
+      type = lib.types.singleLineStr;
+      example = "example.com";
+      description = "The hostname of the gotify server";
+    };
+    port = lib.mkOption {
+      type = lib.types.int;
+      default = 443;
+      example = 443;
+      description = "The port of the gotify server";
+    };
+  };
+
+  config = let
+    cli = lib.mkIf cfg.cli.enable {
+      home.packages = [pkgs.gotify-cli];
+      sops.templates."gotify-cli-json" = {
+        content = lib.generators.toJSON {} cli-config;
+        path = "${config.xdg.configHome}/gotify/cli.json";
+      };
+    };
+    daemon = lib.mkIf cfg.daemon.enable {
+      systemd.user.services.gotify-desktop = {
+        Unit = {
+          Description = "Gotify Desktop notification service";
+          After = ["sops-nix.service"]; # After the secrets have been rendered
+        };
+        Service = {
+          ExecStart = "${pkgs.gotify-desktop}/bin/gotify-desktop";
+        };
+        Install = {
+          WantedBy = ["multi-user.target"];
+        };
+      };
+      sops.templates."gotify-daemon-toml" = {
+        content = toTOML daemon-config;
+        path = "${config.xdg.configHome}/gotify-desktop/config.toml";
+      };
+    };
+  in
+    lib.mkMerge [cli daemon];
+}

secrets/jonas/gotify.yaml

@@ -0,0 +1,17 @@
+monolithDesktopToken: ENC[AES256_GCM,data:mjyX9EjhYhOgB2Svn4E8,iv:/iOwIfa7ttM8DpnhpZma+uXHi8RWyGrhlDoBmzoEgEM=,tag:PzWQ/zIlCPjH34vNECs9iQ==,type:str]
+cliToken: ENC[AES256_GCM,data:CWBcgbGYB408j+XIK9MK,iv:jZphMY9DJOZo8mLa9Vc3d3ymDOHb85QuTEg2/iTf0+Q=,tag:dvDfLA40QTpt7ftV//javg==,type:str]
+sops:
+    age:
+        - recipient: age1expg8vyduf290pz7l4f3mjzvk9f0azfdn48pyjzs3m6p7v4qjq0qwtn36z
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHb2JYb2JWakdtZ2NjTmsx
+            RldpMUx1ekV0eEFudDBncnVsa3l2cWpLaFNBCnNRT1NxaGFiaXBOK2JvUjlvd2lN
+            R2tEOXd2K09iV3JZVTdjZ1EzaTQzTFUKLS0tIHYxMklrcWZza3RlaUFzV3JoMjh5
+            clpiRTAxWUZENnhFcmhxcWN1RFFyZ1kKnQWAQpvqwX/pueV9uPiTGYaxWT66p5pK
+            Vn0tK396IxKtx8MVivDF16oI/w63mvyLWTGU8CCUu/5Np3FRIvD75Q==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-10-30T23:55:47Z"
+    mac: ENC[AES256_GCM,data:+KEeVxj3F6GirGHIykw98FBN84krNegTZQp2+0nd711B6Q4vlDGpMNSwxiJOnz5Bzm0x48NDLAiNiBjTqipuZIz0zSnUXypBsSN5/HAhwjm079RunCENcL2YciwMMr1B2cdoOBeobVYzr/vV7P9ieOiTLTlE8542/nnNwyvmISY=,iv:U1J78i1DHAzXhHCQDZs2adKvVo+u3zsbkr68J3xMYUE=,tag:e6ymRRqVCjeemG3TcHHROQ==,type:str]
+    unencrypted_suffix: _unencrypted
+    version: 3.11.0