From 996f826781d34c791992718716e042e4f19ccb4d Mon Sep 17 00:00:00 2001
From: Will Holdsworth <me@fi33.buzz>
Date: Thu, 12 Mar 2026 18:52:03 +1100
Subject: [PATCH] feat(forgejo): add gatus monitoring for ssh connection

---
 modules/nixos/features/forgejo.nix | 29 ++++++++++++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/modules/nixos/features/forgejo.nix b/modules/nixos/features/forgejo.nix
index f6766d9..ac2d647 100644
--- a/modules/nixos/features/forgejo.nix
+++ b/modules/nixos/features/forgejo.nix
@@ -8,6 +8,7 @@ let
   certloc = "/var/lib/acme/fi33.buzz";
   hostname = "git.fi33.buzz";
   url = "https://git.fi33.buzz";
+  sshPort = lib.head config.services.openssh.ports;
 in
 {
   services = {
@@ -24,7 +25,7 @@ in
           DOMAIN = hostname;
           HTTP_PORT = port;
           ROOT_URL = url;
-          SSH_PORT = lib.head config.services.openssh.ports;
+          SSH_PORT = sshPort;
           # keep-sorted end
         };
         service.DISABLE_REGISTRATION = true;
@@ -35,6 +36,32 @@ in
 
     openssh.settings.AllowUsers = [ "git" ];
 
+    gatus.settings.endpoints = [
+      {
+        name = "Forgejo";
+        group = "Private Services";
+        inherit url;
+        interval = "5m";
+        conditions = [
+          "[STATUS] == 200"
+          "[CONNECTED] == true"
+          "[RESPONSE_TIME] < 500"
+        ];
+        alerts = [ { type = "ntfy"; } ];
+      }
+      {
+        name = "Forgejo SSH";
+        group = "Private Services";
+        url = "ssh://${hostname}:${toString sshPort}";
+        interval = "5m";
+        conditions = [
+          "[CONNECTED] == true"
+          "[RESPONSE_TIME] < 500"
+        ];
+        alerts = [ { type = "ntfy"; } ];
+      }
+    ];
+
     borgbackup.jobs = {
       onsite.paths = [ "/var/lib/forgejo" ];
       offsite.paths = [ "/var/lib/forgejo" ];