harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixcfg/modules/nixos/services/systemd-email-notify/default.nix
Harald Hoyer 7df551d46f feat: extend systemd-email-notify module with optional ntfy support 
Add configurable ntfy options (tokenFile, url, topic) to the shared
emailOnFailure module. When tokenFile is set, a ntfy-failure@ template
service is added alongside the existing email notifications. Systems
without ntfy configured are unaffected.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 16:38:14 +01:00

124 lines
3.3 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}:
with lib;
with lib.metacfg;
let
cfg = config.metacfg.emailOnFailure;
checkConditions = pkgs.writeScript "checkConditions" ''
#!/bin/sh
STATUS=$(systemctl status --full "$1")
case "$STATUS" in
*"activating (auto-restart) (Result: timeout)"*) exit 1 ;;
*) exit 0 ;;
esac
'';
sendmail = pkgs.writeScript "sendmail" ''
#!/bin/sh
${pkgs.system-sendmail}/bin/sendmail -t <<ERRMAIL
To: $1
From: ${config.systemd.email-notify.mailFrom}
Subject: Status of service $2
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
$(systemctl status --full "$2")
ERRMAIL
'';
onFailureUnits =
[ "email@%n.service" ]
++ optionals (cfg.ntfy.tokenFile != null) [ "ntfy-failure@%n.service" ];
in
{
options = {
metacfg.emailOnFailure = with types; {
enable = mkBoolOpt false "Whether or not to send mails on failure.";
ntfy.tokenFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to a file containing the ntfy bearer token. Enables ntfy notifications when set.";
};
ntfy.url = mkOption {
type = types.str;
default = "http://127.0.0.1:2586";
description = "Base URL of the ntfy server.";
};
ntfy.topic = mkOption {
type = types.str;
default = "alerts";
description = "Ntfy topic to publish failure notifications to.";
};
};
systemd.email-notify.mailTo = mkOption {
type = types.str;
default = "admin";
description = "Email address to which the service status will be mailed.";
};
systemd.email-notify.mailFrom = mkOption {
type = types.str;
default = "admin";
description = "Email address from which the service status will be mailed.";
};
systemd.services = mkOption {
type =
with types;
attrsOf (submodule {
config.onFailure = onFailureUnits;
});
};
};
config = mkIf cfg.enable (mkMerge [
{
systemd.services."email@" = {
description = "Sends a status mail via sendmail on service failures.";
onFailure = mkForce [ ];
unitConfig = {
StartLimitIntervalSec = "5m";
StartLimitBurst = 1;
};
serviceConfig = {
ExecCondition = "${checkConditions} %i";
ExecStart = "${sendmail} ${config.systemd.email-notify.mailTo} %i";
Type = "oneshot";
};
};
}
(mkIf (cfg.ntfy.tokenFile != null) {
systemd.services."ntfy-failure@" = {
description = "Send ntfy notification on service failure";
onFailure = mkForce [ ];
serviceConfig = {
Type = "oneshot";
ExecStart = pkgs.writeShellScript "ntfy-failure-notify" ''
TOKEN=$(cat ${cfg.ntfy.tokenFile})
UNIT="$1"
${pkgs.curl}/bin/curl -s \
-H "Authorization: Bearer $TOKEN" \
-H "Title: Service failed: $UNIT" \
-H "Priority: urgent" \
-H "Tags: rotating_light" \
-d "$(systemctl status --full "$UNIT" 2>&1 | head -40)" \
${cfg.ntfy.url}/${cfg.ntfy.topic}
'';
};
scriptArgs = "%i";
};
})
]);
}
Reference in a new issue View git blame Copy permalink