From 6791ed04942b616a5713e9b7cf600b1e2dbb2d9f Mon Sep 17 00:00:00 2001
From: Filippo Berto <berto.f@protonmail.com>
Date: Thu, 7 Mar 2024 10:04:53 +0100
Subject: [PATCH] Ntfy config for Thor and Odin

---
 instances/odin/common_configuration.nix |   5 ++++-
 instances/thor/configuration.nix        |   1 +
 modules/hm/ntfy.nix                     |  10 ++++++----
 secrets/ntfy-odin.age                   | Bin 0 -> 518 bytes
 secrets/ntfy-thor.age                   |   9 +++++++++
 secrets/secrets.nix                     |  10 ++++++----
 6 files changed, 26 insertions(+), 9 deletions(-)
 create mode 100644 secrets/ntfy-odin.age
 create mode 100644 secrets/ntfy-thor.age

diff --git a/instances/odin/common_configuration.nix b/instances/odin/common_configuration.nix
index 5ae6324..ffd123f 100644
--- a/instances/odin/common_configuration.nix
+++ b/instances/odin/common_configuration.nix
@@ -1,10 +1,13 @@
 { config, pkgs, lib, ... }:
 {
 
+
   age.secrets = {
-    odin_wg_priv = { file = ../../secrets/odin_wg_priv.age; };
+    ntfy-odin = { file = ../../secrets/ntfy-odin.age; owner = "bertof"; };
+    odin_wg_priv.file = ../../secrets/odin_wg_priv.age;
   };
 
+
   # Use the systemd-boot EFI boot loader.
   boot = {
     # kernelPackages = pkgs.linuxPackages_latest;
diff --git a/instances/thor/configuration.nix b/instances/thor/configuration.nix
index 8b13318..1fb825a 100644
--- a/instances/thor/configuration.nix
+++ b/instances/thor/configuration.nix
@@ -3,6 +3,7 @@
 
   age.secrets = {
     thor_wg_priv = { file = ../../secrets/thor_wg_priv.age; };
+    ntfy-thor = { file = ../../secrets/ntfy-thor.age; owner = "bertof"; };
   };
 
   boot = {
diff --git a/modules/hm/ntfy.nix b/modules/hm/ntfy.nix
index bf90344..ae8413a 100644
--- a/modules/hm/ntfy.nix
+++ b/modules/hm/ntfy.nix
@@ -1,7 +1,9 @@
-{ pkgs, ... }: {
+{ nixosConfig, pkgs, config, ... }:
+let
+  inherit (nixosConfig.networking) hostName;
+in
+{
   home.packages = [ pkgs.ntfy-sh ];
-  xdg.configFile."ntfy/client.yml".text = ''
-    default-host: https://ntfy.bertof.net
-  '';
+  xdg.configFile."ntfy/client.yml".source = config.lib.file.mkOutOfStoreSymlink nixosConfig.age.secrets."ntfy-${hostName}".path;
 }
 
diff --git a/secrets/ntfy-odin.age b/secrets/ntfy-odin.age
new file mode 100644
index 0000000000000000000000000000000000000000..8df0c8bbf3b58adce360faf1dd6bc30850f75b86
GIT binary patch
literal 518
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7a1V40c2qDc_0slF
zH8aU{_KL{Q4+!?pC^JoTt#EM)NGVM$cl0uF@pek_%=ImCcH}DaG%Sp?2oH_a4=Qpp
zbFDBc($33IEeXv^^0SCC2=mU(D9H5>4mT?G$Va!$Bq=q+%~8QKqq4HltUN8$$H$^H
z$jLY$D#SavIH0mhJFnb3UE8><pfD-4$k3_Wz=A73%EQ?s!#6X^B(pp_J1QvM&8XDb
zvLGe1(%i{1$J8jt(;_d=&pXpIBoy5?&$7zM(sYG@Du2HuQ;Ynl9RCon@bu6!cS}Db
zqohF7K<(l}|3dS~tYH1hV1MTj7ZWc1+=?nUqr$|pEVHsAefOZ0B)2O6;N<LZlaS=#
zoXEs7lR%5`f++X&R0A$uU0sEU2*0B6$n5Zp<iJp)pp3GBpwyDc{1o5HQe&TthzxVj
zJkxyN(D0<Nj6kk!!FRZybDyvNs=bHLzTZGHI&<6lpVBc4v{_!S4Y2kOT`W_>Uibaq
zv)Re@n^(qm$9~!N?#hqD^HNT1S)av!@6D;riH0^8=3U==YJcdOXFN*p5?sCqPw8WL
kze)W}d8f1L|H+eB<5&;$y(oUCpC~WTyK%{%PM2NZ09`k~%K!iX

literal 0
HcmV?d00001

diff --git a/secrets/ntfy-thor.age b/secrets/ntfy-thor.age
new file mode 100644
index 0000000..75d21a9
--- /dev/null
+++ b/secrets/ntfy-thor.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 hGQASA rGz3KIFwbIda+VM7YMzRvXBJvVHuE2cJ0nLGiJD7siI
+nEVPRhQzoiBlGRQag6eTUtZua/MTFx/06BIvMgR/tNg
+-> ssh-ed25519 4behFA voJaWXy/ftgRIulnXvqVgBQR5P09mU0XrsaG+uSpZU4
+6FrzXmBt4ofDRNKjsQw/L36422UPNFjz6X0X9PFfxbw
+-> ssh-ed25519 v7O/FA fJ/ZYJuR405nK6HmsD9fNJJsyffv68ypNe0aovmmOmY
+ymMtzf0QWZ8g91iVuE0zAE2rh7lhtVUfD7OrUkwUZG8
+--- 1UUB/m9RHtEs0trMLq0ArNTTr/2/zuCJJGLNus/dnqs
+ói~&ãM¡•Î[Í×<ŠÅÙwr­Ž@nÔx�$r)e�	´,ú.ö0…[aã”0W鑸
¦¿×
öûÓŠY"œíGi¬:¸ø§YÊrQZ—*9V;ŽŠ·æ()wœ¤$rÆ^ëþçÍå¥YŒÊJ�Ì$š
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index e019ff2..29ab4ca 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -14,20 +14,22 @@ let
 in
 {
   # "oauth_proxy_client_credentials.age".publicKeys = devUsers ++ systems;
-  "spotify_password.age".publicKeys = devUsers ++ systems;
-  "garage_rpc_secret.age".publicKeys = devUsers ++ systems;
+  "baldur_wg_priv.age".publicKeys = devUsers ++ systems;
   "garage_bertof_baldur_key.age".publicKeys = devUsers ++ [ baldur ];
   "garage_bertof_freya_key.age".publicKeys = devUsers ++ [ freya ];
   "garage_bertof_loki_key.age".publicKeys = devUsers ++ [ loki ];
   "garage_bertof_odin_key.age".publicKeys = devUsers ++ [ odin ];
   "garage_bertof_thor_key.age".publicKeys = devUsers ++ [ thor ];
+  "garage_rpc_secret.age".publicKeys = devUsers ++ systems;
   "garage_tiziano_baldur_key.age".publicKeys = devUsers ++ [ baldur ];
   "garage_tiziano_loki_key.age".publicKeys = devUsers ++ [ loki ];
+  "kavita_token.age".publicKeys = devUsers ++ [ loki ];
   "nextcloud_admin_secret.age".publicKeys = devUsers ++ [ freya ];
-  "baldur_wg_priv.age".publicKeys = devUsers ++ systems;
+  "ntfy-odin.age".publicKeys = devUsers ++ [ odin ];
+  "ntfy-thor.age".publicKeys = devUsers ++ [ thor ];
   "odin_wg_priv.age".publicKeys = devUsers ++ [ odin ];
   "oppo_wg_priv.age".publicKeys = devUsers ++ systems;
+  "spotify_password.age".publicKeys = devUsers ++ systems;
   "thor_wg_priv.age".publicKeys = devUsers ++ [ thor ];
   "wg_psk.age".publicKeys = devUsers ++ systems;
-  "kavita_token.age".publicKeys = devUsers ++ [ loki ];
 }