Merge branch 'alpine/master' into nixbook/master

nixos/services/mautrix/instagram.nix

@@ -0,0 +1,29 @@
+{config, ...}: let
+  inherit (config) sops;
+  inherit (sops) templates placeholder;
+  inherit (import ./lib.nix) toAppRegistration;
+in {
+  sops.secrets = {
+    "mautrix-instagram/as_token" = {};
+    "mautrix-instagram/hs_token" = {};
+  };
+  sops.templates = {
+    "mautrix-instagram/appservice.yaml" = {
+      owner = "matrix-synapse";
+      content = toAppRegistration {
+        id = "instagram";
+        port = 29328;
+        as_token = placeholder."mautrix-instagram/as_token";
+        hs_token = placeholder."mautrix-instagram/hs_token";
+        sender_localpart = "Gx8tLTHsxVlrdD3qibaPdaP9t7GhfciV";
+        "de.sorunome.msc2409.push_ephemeral" = true;
+      };
+    };
+  };
+
+  # mautrix-instagram server currently in ansible/podman
+
+  services.matrix-synapse.settings.app_service_config_files = [
+    templates."mautrix-instagram/appservice.yaml".path
+  ];
+}

nixos/services/mautrix/lib.nix

@@ -0,0 +1,27 @@
+{
+  toAppRegistration = {
+    port,
+    id,
+    as_token,
+    hs_token,
+    sender_localpart,
+    rate_limited ? false,
+    ...
+  } @ conf:
+    builtins.toJSON ({
+        namespaces = {
+          users = [
+            {
+              exclusive = true;
+              regex = "^@${id}_.*:tristans.cloud$";
+            }
+            {
+              exclusive = true;
+              regex = "^@${id}bot:tristans.cloud$";
+            }
+          ];
+        };
+        url = "http://localhost:${toString port}";
+      }
+      // conf);
+}

nixos/services/mautrix/signal.nix

@@ -0,0 +1,29 @@
+{config, ...}: let
+  inherit (config) sops;
+  inherit (sops) templates placeholder;
+  inherit (import ./lib.nix) toAppRegistration;
+in {
+  sops.secrets = {
+    "mautrix-signal/as_token" = {};
+    "mautrix-signal/hs_token" = {};
+  };
+  sops.templates = {
+    "mautrix-signal/appservice.yaml" = {
+      owner = "matrix-synapse";
+      content = toAppRegistration {
+        id = "signal";
+        port = 29328;
+        as_token = placeholder."mautrix-signal/as_token";
+        hs_token = placeholder."mautrix-signal/hs_token";
+        sender_localpart = "Gx8tLTHsxVlrdD3qibaPdaP9t7GhfciV";
+        "de.sorunome.msc2409.push_ephemeral" = true;
+      };
+    };
+  };
+
+  # mautrix-signal server currently in ansible/podman
+
+  services.matrix-synapse.settings.app_service_config_files = [
+    templates."mautrix-signal/appservice.yaml".path
+  ];
+}

nixos/services/mautrix/whatsapp.nix

@@ -1,32 +1,7 @@
 {config, ...}: let
   inherit (config) sops;
   inherit (sops) templates placeholder;
-
-  toAppRegistration = {
-    port,
-    id,
-    as_token,
-    hs_token,
-    sender_localpart,
-    rate_limited ? false,
-    ...
-  } @ conf:
-    builtins.toJSON ({
-        namespaces = {
-          users = [
-            {
-              exclusive = true;
-              regex = "^@${id}_.*:tristans.cloud$";
-            }
-            {
-              exclusive = true;
-              regex = "^@${id}bot:tristans.cloud$";
-            }
-          ];
-        };
-        url = "http://localhost:${toString port}";
-      }
-      // conf);
+  inherit (import ./lib.nix) toAppRegistration;
 in {
   sops.secrets = {
     "mautrix-whatsapp/as_token" = {};

nixos/services/ntfy.nix

@@ -0,0 +1,19 @@
+{ config, ... }:
+let
+  domain = "up.${config.networking.domain}";
+  port = 8080;
+in
+{
+  services.ntfy-sh = {
+    enable = true;
+    settings = {
+      base-url = "https://${domain}";
+      listen-http = ":${toString port}";
+    };
+  };
+  services.nginx.virtualHosts.${domain} = {
+    forceSSL = true;
+    enableACME = true;
+    locations."~".proxyPass = "http://localhost:${toString port}";
+  };
+}

nixos/services/prometheus.nix

@@ -1,8 +1,9 @@
 {config, ...}: let
   inherit (config.services) prometheus;
   nodes = [
-    "100.65.29.110"
-    "100.106.241.122"
+    "alpine"
+    "fcs-tristan-nixbook"
+    "zenix"
   ];
   addPort = ip: "${ip}:${toString prometheus.exporters.node.port}";
 in {