86 lines
4.3 KiB
Nix
86 lines
4.3 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
system.stateVersion = "24.11";
|
|
|
|
networking.hostName = "noisebell-remote";
|
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
services.openssh.enable = true;
|
|
services.caddy.enable = true;
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
# Add your SSH public key here
|
|
];
|
|
|
|
# ── Secrets ───────────────────────────────────────────────────────────
|
|
|
|
age.secrets.pi-api-key.file = ./secrets/pi-api-key.age;
|
|
age.secrets.pi-inbound-api-key.file = ./secrets/pi-inbound-api-key.age;
|
|
age.secrets.discord-token.file = ./secrets/discord-token.age;
|
|
age.secrets.discord-webhook-secret.file = ./secrets/discord-webhook-secret.age;
|
|
age.secrets.rss-webhook-secret.file = ./secrets/rss-webhook-secret.age;
|
|
age.secrets.zulip-api-key.file = ./secrets/zulip-api-key.age;
|
|
age.secrets.zulip-webhook-secret.file = ./secrets/zulip-webhook-secret.age;
|
|
age.secrets.matrix-access-token.file = ./secrets/matrix-access-token.age;
|
|
age.secrets.matrix-webhook-secret.file = ./secrets/matrix-webhook-secret.age;
|
|
|
|
# ── Cache ─────────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-cache = {
|
|
enable = true;
|
|
domain = "noisebell.extremist.software";
|
|
piAddress = "http://noisebell:80";
|
|
inboundApiKeyFile = config.age.secrets.pi-api-key.path;
|
|
piApiKeyFile = config.age.secrets.pi-inbound-api-key.path;
|
|
outboundWebhooks = [
|
|
{ url = "https://discord.noisebell.extremist.software/webhook"; secretFile = config.age.secrets.discord-webhook-secret.path; }
|
|
{ url = "https://rss.noisebell.extremist.software/webhook"; secretFile = config.age.secrets.rss-webhook-secret.path; }
|
|
{ url = "https://zulip.noisebell.extremist.software/webhook"; secretFile = config.age.secrets.zulip-webhook-secret.path; }
|
|
{ url = "https://matrix.noisebell.extremist.software/webhook"; secretFile = config.age.secrets.matrix-webhook-secret.path; }
|
|
];
|
|
};
|
|
|
|
# ── Discord ───────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-discord = {
|
|
enable = true;
|
|
domain = "discord.noisebell.extremist.software";
|
|
discordTokenFile = config.age.secrets.discord-token.path;
|
|
channelId = "000000000000000000"; # Replace with actual channel ID
|
|
webhookSecretFile = config.age.secrets.discord-webhook-secret.path;
|
|
};
|
|
|
|
# ── RSS ───────────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-rss = {
|
|
enable = true;
|
|
domain = "rss.noisebell.extremist.software";
|
|
webhookSecretFile = config.age.secrets.rss-webhook-secret.path;
|
|
};
|
|
|
|
# ── Zulip ─────────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-zulip = {
|
|
enable = true;
|
|
domain = "zulip.noisebell.extremist.software";
|
|
serverUrl = "https://noisebridge.zulipchat.com"; # Replace with actual Zulip server
|
|
botEmail = "noisebell-bot@noisebridge.zulipchat.com"; # Replace with actual bot email
|
|
apiKeyFile = config.age.secrets.zulip-api-key.path;
|
|
webhookSecretFile = config.age.secrets.zulip-webhook-secret.path;
|
|
stream = "general"; # Replace with target stream
|
|
topic = "door status";
|
|
};
|
|
|
|
# ── Matrix ────────────────────────────────────────────────────────────
|
|
|
|
services.noisebell-matrix = {
|
|
enable = true;
|
|
domain = "matrix.noisebell.extremist.software";
|
|
homeserver = "https://matrix.org"; # Replace with actual homeserver
|
|
accessTokenFile = config.age.secrets.matrix-access-token.path;
|
|
roomId = "!REPLACE:matrix.org"; # Replace with actual room ID
|
|
webhookSecretFile = config.age.secrets.matrix-webhook-secret.path;
|
|
};
|
|
}
|