Add gitea

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-05-16 18:16:25 +01:00
parent 1a445ab6fd
commit 3c09cf9f69
19 changed files with 471 additions and 184 deletions
--- a/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
+++ b/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
@@ -25,7 +25,7 @@ in
      };

      templates = {
-        "ntfy-server.yml".content =
+        ntfy.content =
          let
            dbStartupQueries = ''
              pragma journal_mode = WAL;
@@ -35,7 +35,7 @@ in
            '';
          in
          builtins.readFile (
-            (pkgs.formats.yaml { }).generate "server.yml" {
+            (pkgs.formats.yaml { }).generate "server.yaml" {
              log-level = "warn";

              base-url = "https://ntfy.karaolidis.com";
@@ -77,34 +77,9 @@ in
          );

        # FIXME: https://github.com/binwiederhier/ntfy/issues/464
-        "ntfy-init.sh" = {
-          content = ''
-            #!/bin/sh
-
-            mkdir -p /tmp
-            PIPE=$(mktemp -u)
-            mkfifo "$PIPE"
-            trap 'rm -f "$PIPE"' EXIT
-
-            ntfy serve > "$PIPE" 2>&1 &
-
-            NTFY_PID=$!
-            grep -q "INFO Listening on :80\[http\]" < "$PIPE"
-            kill "$NTFY_PID"
-            wait "$NTFY_PID" || true
-
-            NTFY_PASSWORD="${
-              hmConfig.sops.placeholder."ntfy/users/karaolidis"
-            }" ntfy user add karaolidis || true
-            NTFY_PASSWORD="${
-              hmConfig.sops.placeholder."ntfy/users/karaolidis"
-            }" ntfy user change-pass karaolidis
-            ntfy user change-role karaolidis admin
-
-            exec ntfy serve
-          '';
-          mode = "0500";
-        };
+        ntfy-env.content = ''
+          NTFY_ADMIN_PASSWORD=${hmConfig.sops.placeholder."ntfy/users/karaolidis"}
+        '';
      };
    };

@@ -115,31 +90,41 @@ in

      containers = {
        ntfy = {
-          containerConfig = {
-            image = "docker-archive:${selfPkgs.docker-ntfy}";
-            networks = [
-              networks.ntfy.ref
-              networks.traefik.ref
-              networks.prometheus.ref
-            ];
-            volumes = [
-              "${volumes.ntfy.ref}:/var/lib/ntfy"
-              "${hmConfig.sops.templates."ntfy-server.yml".path}:/etc/ntfy/server.yml:ro"
-              "${hmConfig.sops.templates."ntfy-init.sh".path}:/entrypoint.sh:ro"
-            ];
-            entrypoint = "/entrypoint.sh";
-            labels = [
-              "traefik.enable=true"
-              "traefik.http.routers.ntfy.rule=Host(`ntfy.karaolidis.com`)"
-            ];
-          };
+          containerConfig =
+            let
+              entrypoint = pkgs.writeTextFile {
+                name = "entrypoint.sh";
+                executable = true;
+                text = builtins.readFile ./entrypoint.sh;
+              };
+            in
+            {
+              image = "docker-archive:${selfPkgs.docker-ntfy}";
+              networks = [
+                networks.ntfy.ref
+                networks.traefik.ref
+                networks.prometheus.ref
+              ];
+              volumes = [
+                "${volumes.ntfy.ref}:/var/lib/ntfy"
+                "${hmConfig.sops.templates.ntfy.path}:/etc/ntfy/server.yml:ro"
+                "${entrypoint}:/entrypoint.sh:ro"
+              ];
+              environments.NTFY_ADMIN_USER = "karaolidis";
+              environmentFiles = [ hmConfig.sops.templates.ntfy-env.path ];
+              entrypoint = "/entrypoint.sh";
+              labels = [
+                "traefik.enable=true"
+                "traefik.http.routers.ntfy.rule=Host(`ntfy.karaolidis.com`)"
+              ];
+            };

          unitConfig.After = [ "sops-nix.service" ];
        };

        prometheus-init.containerConfig.volumes =
          let
-            ntfyConfig = (pkgs.formats.yaml { }).generate "ntfy.yml" {
+            ntfyConfig = (pkgs.formats.yaml { }).generate "ntfy.yaml" {
              scrape_configs =
                let
                  hostname = config.networking.hostName;
@@ -160,7 +145,7 @@ in
                ];
            };
          in
-          [ "${ntfyConfig}:/etc/prometheus/conf.d/ntfy.yml" ];
+          [ "${ntfyConfig}:/etc/prometheus/conf.d/ntfy.yaml" ];
      };
    };
  };
--- a/hosts/jupiter/users/storm/configs/console/podman/ntfy/entrypoint.sh
+++ b/hosts/jupiter/users/storm/configs/console/podman/ntfy/entrypoint.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+mkdir -p /tmp
+PIPE=$(mktemp -u)
+mkfifo "$PIPE"
+trap 'rm -f "$PIPE"' EXIT
+
+ntfy serve > "$PIPE" 2>&1 &
+
+NTFY_PID=$!
+grep -q "INFO Listening on :80\[http\]" < "$PIPE"
+kill "$NTFY_PID"
+wait "$NTFY_PID" || true
+
+export NTFY_PASSWORD="$NTFY_ADMIN_PASSWORD"
+ntfy user add "$NTFY_ADMIN_USER" || true
+ntfy user change-pass "$NTFY_ADMIN_USER"
+ntfy user change-role "$NTFY_ADMIN_USER" admin
+
+exec ntfy serve