Update

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-11 17:10:45 +02:00
parent b18dba83a4
commit a9875aa0e0
21 changed files with 232 additions and 17604 deletions
--- a/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
+++ b/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
@@ -45,6 +45,8 @@ in
              auth-default-access = "deny-all";
              auth-startup-queries = dbStartupQueries;

+              auth-users = [ "karaolidis:${hmConfig.sops.placeholder."ntfy/users/karaolidis"}:admin" ];
+
              behind-proxy = true;

              attachment-cache-dir = "/var/lib/ntfy/attachments";
@@ -72,11 +74,6 @@ in
              metrics-listen-http = ":9090";
            }
          );
-
-        # FIXME: https://github.com/binwiederhier/ntfy/issues/464
-        ntfy-env.content = ''
-          NTFY_ADMIN_PASSWORD=${hmConfig.sops.placeholder."ntfy/users/karaolidis"}
-        '';
      };
    };

@@ -87,34 +84,22 @@ in

      containers = {
        ntfy = {
-          containerConfig =
-            let
-              entrypoint = pkgs.writeTextFile {
-                name = "entrypoint.sh";
-                executable = true;
-                text = builtins.readFile ./entrypoint.sh;
-              };
-            in
-            {
-              image = "docker-archive:${selfPkgs.docker-ntfy}";
-              networks = [
-                networks.ntfy.ref
-                networks.traefik.ref
-                networks.prometheus.ref
-              ];
-              volumes = [
-                "${volumes.ntfy.ref}:/var/lib/ntfy"
-                "${hmConfig.sops.templates.ntfy.path}:/etc/ntfy/server.yml:ro"
-                "${entrypoint}:/entrypoint.sh:ro"
-              ];
-              environments.NTFY_ADMIN_USER = "karaolidis";
-              environmentFiles = [ hmConfig.sops.templates.ntfy-env.path ];
-              entrypoint = "/entrypoint.sh";
-              labels = [
-                "traefik.enable=true"
-                "traefik.http.routers.ntfy.rule=Host(`ntfy.karaolidis.com`)"
-              ];
-            };
+          containerConfig = {
+            image = "docker-archive:${selfPkgs.docker-ntfy}";
+            networks = [
+              networks.ntfy.ref
+              networks.traefik.ref
+              networks.prometheus.ref
+            ];
+            volumes = [
+              "${volumes.ntfy.ref}:/var/lib/ntfy"
+              "${hmConfig.sops.templates.ntfy.path}:/etc/ntfy/server.yml:ro"
+            ];
+            labels = [
+              "traefik.enable=true"
+              "traefik.http.routers.ntfy.rule=Host(`ntfy.karaolidis.com`)"
+            ];
+          };

          unitConfig.After = [ "sops-nix.service" ];
        };
--- a/hosts/jupiter/users/storm/configs/console/podman/ntfy/entrypoint.sh
+++ b/hosts/jupiter/users/storm/configs/console/podman/ntfy/entrypoint.sh
@@ -1,19 +0,0 @@
-#!/bin/sh
-
-PIPE=$(mktemp -u)
-mkfifo "$PIPE"
-
-ntfy serve > "$PIPE" 2>&1 &
-
-PID=$!
-grep -q -m 1 "INFO Listening on :80\[http\]" < "$PIPE"
-kill "$PID"
-wait "$PID" || true
-rm -f "$PIPE"
-
-export NTFY_PASSWORD="$NTFY_ADMIN_PASSWORD"
-ntfy user add "$NTFY_ADMIN_USER" || true
-ntfy user change-pass "$NTFY_ADMIN_USER"
-ntfy user change-role "$NTFY_ADMIN_USER" admin
-
-exec ntfy serve