jet/noisebell
jet/noisebell
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
noisebell/remote/hosted-module.nix

113 lines
3.5 KiB
Nix
Raw Permalink Blame History

{ self, agenix }:
{ config, lib, ... }:
let
cfgCache = config.services.noisebell-cache;
cfgRss = config.services.noisebell-rss;
cfgDiscord = config.services.noisebell-discord;
cfgZulip = config.services.noisebell-zulip;
in
{
imports = [ agenix.nixosModules.default ];
users.groups.noisebell = { };
users.users = lib.mkMerge [
(lib.mkIf cfgCache.enable {
noisebell-cache.extraGroups = [ "noisebell" ];
})
(lib.mkIf cfgRss.enable {
noisebell-rss.extraGroups = [ "noisebell" ];
})
(lib.mkIf cfgDiscord.enable {
noisebell-discord.extraGroups = [ "noisebell" ];
})
(lib.mkIf cfgZulip.enable {
noisebell-zulip.extraGroups = [ "noisebell" ];
})
];
age.secrets.noisebell-pi-to-cache-key = {
file = "${self}/secrets/pi-to-cache-key.age";
group = "noisebell";
mode = "0440";
};
age.secrets.noisebell-cache-to-pi-key = {
file = "${self}/secrets/cache-to-pi-key.age";
group = "noisebell";
mode = "0440";
};
age.secrets.noisebell-discord-token = {
file = "${self}/secrets/discord-token.age";
group = "noisebell";
mode = "0440";
};
age.secrets.noisebell-zulip-api-key = {
file = "${self}/secrets/zulip-api-key.age";
group = "noisebell";
mode = "0440";
};
age.secrets.noisebell-discord-webhook-secret = {
file = "${self}/secrets/discord-webhook-secret.age";
group = "noisebell";
mode = "0440";
};
age.secrets.noisebell-relay-webhook-secret = {
file = "${self}/secrets/relay-webhook-secret.age";
group = "noisebell";
mode = "0440";
};
age.secrets.noisebell-zulip-webhook-secret = {
file = "${self}/secrets/zulip-webhook-secret.age";
group = "noisebell";
mode = "0440";
};
services.noisebell-cache = lib.mkIf cfgCache.enable {
piApiKeyFile = lib.mkDefault config.age.secrets.noisebell-cache-to-pi-key.path;
inboundApiKeyFile = lib.mkDefault config.age.secrets.noisebell-pi-to-cache-key.path;
outboundWebhooks = lib.mkDefault (
(lib.optional cfgDiscord.enable {
url = "http://127.0.0.1:${toString cfgDiscord.port}/webhook";
secretFile = config.age.secrets.noisebell-discord-webhook-secret.path;
})
++ (lib.optional cfgZulip.enable {
url = "http://127.0.0.1:${toString cfgZulip.port}/webhook";
secretFile = cfgZulip.webhookSecretFile;
})
);
};
services.noisebell-rss.cacheUrl = lib.mkIf (cfgRss.enable && cfgCache.enable) (
lib.mkDefault "http://127.0.0.1:${toString cfgCache.port}"
);
services.noisebell-discord.discordTokenFile = lib.mkIf cfgDiscord.enable (
lib.mkDefault config.age.secrets.noisebell-discord-token.path
);
services.noisebell-discord.webhookSecretFile = lib.mkIf cfgDiscord.enable (
lib.mkDefault config.age.secrets.noisebell-discord-webhook-secret.path
);
services.noisebell-discord.cacheUrl = lib.mkIf (cfgDiscord.enable && cfgCache.enable) (
lib.mkDefault "http://127.0.0.1:${toString cfgCache.port}"
);
services.noisebell-discord.imageBaseUrl = lib.mkIf (cfgDiscord.enable && cfgCache.enable) (
lib.mkDefault "https://${cfgCache.domain}/image"
);
services.noisebell-zulip.apiKeyFile = lib.mkIf cfgZulip.enable (
lib.mkDefault config.age.secrets.noisebell-zulip-api-key.path
);
services.noisebell-zulip.webhookSecretFile = lib.mkIf cfgZulip.enable (
lib.mkDefault config.age.secrets.noisebell-zulip-webhook-secret.path
);
services.noisebell-zulip.imageBaseUrl = lib.mkIf (cfgZulip.enable && cfgCache.enable) (
lib.mkDefault "https://${cfgCache.domain}/image"
);
}
Reference in a new issue View git blame Copy permalink