diff --git a/modules/nixos/features/bazarr.nix b/modules/nixos/features/bazarr.nix index c25b32d..a121fa5 100644 --- a/modules/nixos/features/bazarr.nix +++ b/modules/nixos/features/bazarr.nix @@ -24,6 +24,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/copyparty.nix b/modules/nixos/features/copyparty.nix index d06aadf..1eff57b 100644 --- a/modules/nixos/features/copyparty.nix +++ b/modules/nixos/features/copyparty.nix @@ -48,6 +48,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/couchdb.nix b/modules/nixos/features/couchdb.nix index 9a53e77..a5edbb0 100644 --- a/modules/nixos/features/couchdb.nix +++ b/modules/nixos/features/couchdb.nix @@ -48,6 +48,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/cryptpad.nix b/modules/nixos/features/cryptpad.nix index a74d2ba..be8c7ad 100644 --- a/modules/nixos/features/cryptpad.nix +++ b/modules/nixos/features/cryptpad.nix @@ -31,6 +31,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/gatus.nix b/modules/nixos/features/gatus.nix index cfd2629..2fe39ce 100644 --- a/modules/nixos/features/gatus.nix +++ b/modules/nixos/features/gatus.nix @@ -1,3 +1,7 @@ +{ + config, + ... +}: let port = 5025; certloc = "/var/lib/acme/fi33.buzz"; @@ -8,7 +12,24 @@ in services = { gatus = { enable = true; + environmentFile = config.age.secrets.gatus.path; settings = { + alerting = { + ntfy = { + topic = "services"; + url = config.services.ntfy-sh.settings.base-url; + token = "$NTFY_TOKEN"; + click = url; + default-alert = { + description = "Health Check Failed"; + send-on-resolved = true; + }; + }; + }; + connectivity.checker = { + target = "1.1.1.1:53"; + interval = "60s"; + }; ui = { title = "Health Dashboard | Fi33Buzz"; description = "Fi33Buzz health dashboard"; @@ -29,4 +50,6 @@ in } ''; }; + + age.secrets.gatus.file = ../../../secrets/gatus.age; } diff --git a/modules/nixos/features/homepage-dashboard.nix b/modules/nixos/features/homepage-dashboard.nix index c329bba..694ad77 100644 --- a/modules/nixos/features/homepage-dashboard.nix +++ b/modules/nixos/features/homepage-dashboard.nix @@ -432,6 +432,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/immich.nix b/modules/nixos/features/immich.nix index f06222d..0908fd1 100644 --- a/modules/nixos/features/immich.nix +++ b/modules/nixos/features/immich.nix @@ -23,6 +23,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/jellyfin.nix b/modules/nixos/features/jellyfin.nix index c2c9df3..6e1f7b8 100644 --- a/modules/nixos/features/jellyfin.nix +++ b/modules/nixos/features/jellyfin.nix @@ -23,6 +23,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/kavita.nix b/modules/nixos/features/kavita.nix index 769a1da..814cd91 100644 --- a/modules/nixos/features/kavita.nix +++ b/modules/nixos/features/kavita.nix @@ -28,6 +28,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/libretranslate.nix b/modules/nixos/features/libretranslate.nix index 8cda40a..ed20161 100644 --- a/modules/nixos/features/libretranslate.nix +++ b/modules/nixos/features/libretranslate.nix @@ -23,6 +23,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/lidarr.nix b/modules/nixos/features/lidarr.nix index 2945dda..620f684 100644 --- a/modules/nixos/features/lidarr.nix +++ b/modules/nixos/features/lidarr.nix @@ -26,6 +26,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/miniflux.nix b/modules/nixos/features/miniflux.nix index e58fad1..fcd6526 100644 --- a/modules/nixos/features/miniflux.nix +++ b/modules/nixos/features/miniflux.nix @@ -30,6 +30,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/ntfy-sh.nix b/modules/nixos/features/ntfy-sh.nix index 4ee0a1b..de396ff 100644 --- a/modules/nixos/features/ntfy-sh.nix +++ b/modules/nixos/features/ntfy-sh.nix @@ -1,3 +1,7 @@ +{ + config, + ... +}: let port = 5002; certloc = "/var/lib/acme/fi33.buzz"; @@ -8,6 +12,7 @@ in services = { ntfy-sh = { enable = true; + environmentFile = config.age.secrets.ntfy.path; settings = { base-url = url; listen-http = ":${toString port}"; @@ -16,8 +21,12 @@ in auth-users = [ "Debit3885:$2a$12$ZeFimzdifNFSmf0W2oi.vuZfsqae75md9nhC/Q2BcKMyvDO8T.uEK:admin" "borgmatic:$2a$12$ZeFimzdifNFSmf0W2oi.vuZfsqae75md9nhC/Q2BcKMyvDO8T.uEK:user" + "gatus:$2a$12$OswG3sB8oDaB.KpawKM3P.78dID.Tj/0y5qeVD5BE6EH5bpGKe.na:user" + ]; + auth-access = [ + "borgmatic:backups:wo" + "gatus:services:wo" ]; - auth-access = [ "borgmatic:backups:wo" ]; }; }; @@ -48,4 +57,6 @@ in } ''; }; + + age.secrets.ntfy.file = ../../../secrets/ntfy.age; } diff --git a/modules/nixos/features/nzbget.nix b/modules/nixos/features/nzbget.nix index fd0b01f..18fc272 100644 --- a/modules/nixos/features/nzbget.nix +++ b/modules/nixos/features/nzbget.nix @@ -30,6 +30,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/paperless.nix b/modules/nixos/features/paperless.nix index 0bf057c..13cdd59 100644 --- a/modules/nixos/features/paperless.nix +++ b/modules/nixos/features/paperless.nix @@ -32,6 +32,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/prowlarr.nix b/modules/nixos/features/prowlarr.nix index 5dcc180..a6126c9 100644 --- a/modules/nixos/features/prowlarr.nix +++ b/modules/nixos/features/prowlarr.nix @@ -24,6 +24,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/qbittorrent.nix b/modules/nixos/features/qbittorrent.nix index bee470a..c44683a 100644 --- a/modules/nixos/features/qbittorrent.nix +++ b/modules/nixos/features/qbittorrent.nix @@ -27,6 +27,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/radarr.nix b/modules/nixos/features/radarr.nix index 1d7301a..cdbfe0d 100644 --- a/modules/nixos/features/radarr.nix +++ b/modules/nixos/features/radarr.nix @@ -26,6 +26,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/radicale.nix b/modules/nixos/features/radicale.nix index 787c809..1cbaf04 100644 --- a/modules/nixos/features/radicale.nix +++ b/modules/nixos/features/radicale.nix @@ -41,6 +41,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/readarr.nix b/modules/nixos/features/readarr.nix index 1ec6fa2..d78a322 100644 --- a/modules/nixos/features/readarr.nix +++ b/modules/nixos/features/readarr.nix @@ -26,6 +26,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/send.nix b/modules/nixos/features/send.nix index f7b3d50..cdb6620 100644 --- a/modules/nixos/features/send.nix +++ b/modules/nixos/features/send.nix @@ -31,6 +31,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/sonarr.nix b/modules/nixos/features/sonarr.nix index 8c2b746..696872d 100644 --- a/modules/nixos/features/sonarr.nix +++ b/modules/nixos/features/sonarr.nix @@ -26,6 +26,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/syncthing.nix b/modules/nixos/features/syncthing.nix index af882c0..07976f2 100644 --- a/modules/nixos/features/syncthing.nix +++ b/modules/nixos/features/syncthing.nix @@ -69,6 +69,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/nixos/features/vaultwarden.nix b/modules/nixos/features/vaultwarden.nix index d080ada..5833a18 100644 --- a/modules/nixos/features/vaultwarden.nix +++ b/modules/nixos/features/vaultwarden.nix @@ -36,6 +36,7 @@ in "[CONNECTED] == true" "[RESPONSE_TIME] < 500" ]; + alerts = [ { type = "ntfy"; } ]; } ]; diff --git a/modules/templates/web-feature.nix b/modules/templates/web-feature.nix index 5a2ddbf..8e8978c 100644 --- a/modules/templates/web-feature.nix +++ b/modules/templates/web-feature.nix @@ -10,6 +10,21 @@ in enable = true; }; + gatus.settings.endpoints = [ + { + name = "feature"; + group = ""; + inherit url; + interval = "5m"; + conditions = [ + "[STATUS] == 200" + "[CONNECTED] == true" + "[RESPONSE_TIME] < 500" + ]; + alerts = [ { type = "ntfy"; } ]; + } + ]; + # borgmatic.settings = { # source_directories = [ ]; # postgresql_databases = [ diff --git a/secrets/gatus.age b/secrets/gatus.age new file mode 100644 index 0000000..13d455e --- /dev/null +++ b/secrets/gatus.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 qLT+DQ 3vJV+PZ1IvwiFPplPEwXkaZK4y0QLxkvi/stzAV+HWg +3htQOBS3ph9+OXG2ZYtMyzErGtYRP1vzycua+vhPX+4 +-> ssh-ed25519 NanIwQ 748IDG9uT6jMj0CSU3EeBqRd7lZ7NTJoUldo4FUfkFI +bYaXhcXjYgKqEaUeRZQhx9neK1pDVN3QbhblLOcGUg0 +-> ssh-ed25519 LtK9yQ au/UGPL91M0sUzMeOKPOkltXWDPoWeCrUWrD2OIsJA0 +thILTQH9hrcBYBbRSZaHMODAhCKWsqomDuEK4hcKAqM +--- UpA2kIfSBwfgMxjt2x61KFAiUaV3sHQ6Gp2R87cvnwo +*D27p梔 pQ +Fufpڰ4Q5ѨeӪ ވ;ꖓz8i{@Ǘ \ No newline at end of file diff --git a/secrets/ntfy.age b/secrets/ntfy.age new file mode 100644 index 0000000..c173ff0 --- /dev/null +++ b/secrets/ntfy.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 qLT+DQ jySlchGAPxdkjpZzg+5BLH7O5yM+O5a9CleBVMqbck8 +I5OEMjXJNrNKIBumXmiAMXRa1AZx0cKQ0BfM7HYCcRc +-> ssh-ed25519 NanIwQ 29upo2jTQF8Vz91yWmYCXnQW4LgYcvt1TcF/HLA5klA +eQla3EMQnRPzhd5MyDL3byPhIiio0rFFM+yesPLEtv8 +-> ssh-ed25519 LtK9yQ Vx/lQ6M/wYa9483YpuCwwobNuIZjv/Sy9vl695H05BQ +qqUWRnrMYfflhcznrF2QKfODDa7vmz6Uy7fk1zSpbEE +--- xunznREPjjEVRWAmqI/4xKp/NrNk6C3B1Z+3Vjf2TL4 +m{z\,TSS7Tk)hVX0mN?=ӟx TdY0[)ۓSZ:>FU֙~ \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 4eed98d..8909f33 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -19,6 +19,7 @@ in "borgmatic-pg.age".publicKeys = users; "borgmatic.age".publicKeys = users; "copyparty.age".publicKeys = users; + "gatus.age".publicKeys = users; "git_signing_key.age".publicKeys = users; "git_signing_key.pub.age".publicKeys = users; "immich.age".publicKeys = users; @@ -27,6 +28,7 @@ in "kavita.age".publicKeys = users; "lidarr.age".publicKeys = users; "miniflux-creds.age".publicKeys = users; + "ntfy.age".publicKeys = users; "nzbget.age".publicKeys = users; "paperless.age".publicKeys = users; "porkbun-api.age".publicKeys = users;