From 4456977b9e17470acc6dcc5eb3fc08d47ef83b7f Mon Sep 17 00:00:00 2001 From: danny Date: Mon, 24 Nov 2025 20:27:02 +0800 Subject: [PATCH] chore: update hyprland --- flake.lock | 306 ++++++++++++++--------- flake.nix | 8 +- home/user/hypr/windowrule.nix | 145 ++++++----- system/dev/dn-pre7780/default.nix | 2 +- system/dev/dn-pre7780/services/mail.nix | 14 ++ system/dev/dn-server/options/network.nix | 27 +- system/dev/dn-server/services/ntfy.nix | 3 + system/dev/dn-server/sops/secret.yaml | 6 +- 8 files changed, 309 insertions(+), 202 deletions(-) diff --git a/flake.lock b/flake.lock index 039896b..8fa99ce 100644 --- a/flake.lock +++ b/flake.lock @@ -62,11 +62,11 @@ ] }, "locked": { - "lastModified": 1758302489, - "narHash": "sha256-NvE/uabYsuR7TbmRkSlOe6DB7UnOpD2/kHGyir2J/6A=", + "lastModified": 1762356719, + "narHash": "sha256-qwd/xdoOya1m8FENle+4hWnydCtlXUWLAW/Auk6WL7s=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "11406cc23afeaaef1ee3ccffb9614e67e2458e29", + "rev": "6d0b3567584691bf9d8fedb5d0093309e2f979c7", "type": "github" }, "original": { @@ -699,7 +699,25 @@ }, "flake-utils_7": { "inputs": { - "systems": "systems_11" + "systems": "systems_9" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_8": { + "inputs": { + "systems": "systems_12" }, "locked": { "lastModified": 1731533236, @@ -904,11 +922,11 @@ ] }, "locked": { - "lastModified": 1758572180, - "narHash": "sha256-Is8Rcp99Ynl3JFcU3k2lsmyf8WGacWKZtnVb0mVIZ6M=", + "lastModified": 1762462052, + "narHash": "sha256-6roLYzcDf4V38RUMSqycsOwAnqfodL6BmhRkUtwIgdA=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "32e6b8386f7dc70a4cc01607a826a281f3c52364", + "rev": "ffc999d980c7b3bca85d3ebd0a9fbadf984a8162", "type": "github" }, "original": { @@ -951,8 +969,8 @@ "aquamarine": "aquamarine", "hyprcursor": "hyprcursor", "hyprgraphics": "hyprgraphics", + "hyprland-guiutils": "hyprland-guiutils", "hyprland-protocols": "hyprland-protocols", - "hyprland-qtutils": "hyprland-qtutils", "hyprlang": "hyprlang", "hyprutils": "hyprutils", "hyprwayland-scanner": "hyprwayland-scanner", @@ -962,20 +980,63 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1758574443, - "narHash": "sha256-TPlZf0urtvDH4Cb4By06szJmzR4sBlgQATuGQy8bH6U=", - "ref": "refs/tags/v0.51.1", - "rev": "71a1216abcc7031776630a6d88f105605c4dc1c9", - "revCount": 6436, - "submodules": true, - "type": "git", - "url": "https://github.com/hyprwm/Hyprland" + "lastModified": 1763912895, + "narHash": "sha256-tTdCVeROhYTwV510tygS5AMutJGz5imM++P4+cXAy2w=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "2b0fd417d32278159d0ca1d23fb997588c37995b", + "type": "github" }, "original": { - "ref": "refs/tags/v0.51.1", - "submodules": true, - "type": "git", - "url": "https://github.com/hyprwm/Hyprland" + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-guiutils": { + "inputs": { + "aquamarine": [ + "hyprland", + "aquamarine" + ], + "hyprgraphics": [ + "hyprland", + "hyprgraphics" + ], + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprtoolkit": "hyprtoolkit", + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1762755186, + "narHash": "sha256-ZjjETUHtoEhVN7JI1Cbt3p/KcXpK8ZQaPHx7UkG1OgA=", + "owner": "hyprwm", + "repo": "hyprland-guiutils", + "rev": "66356e20a8ed348aa49c1b9ceace786e224225b3", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-guiutils", + "type": "github" } }, "hyprland-plugins": { @@ -1020,11 +1081,11 @@ ] }, "locked": { - "lastModified": 1749046714, - "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", + "lastModified": 1759610243, + "narHash": "sha256-+KEVnKBe8wz+a6dTLq8YDcF3UrhQElwsYJaVaHXJtoI=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", + "rev": "bd153e76f751f150a09328dbdeb5e4fab9d23622", "type": "github" }, "original": { @@ -1033,74 +1094,6 @@ "type": "github" } }, - "hyprland-qt-support": { - "inputs": { - "hyprlang": [ - "hyprland", - "hyprland-qtutils", - "hyprlang" - ], - "nixpkgs": [ - "hyprland", - "hyprland-qtutils", - "nixpkgs" - ], - "systems": [ - "hyprland", - "hyprland-qtutils", - "systems" - ] - }, - "locked": { - "lastModified": 1749154592, - "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qt-support", - "type": "github" - } - }, - "hyprland-qtutils": { - "inputs": { - "hyprland-qt-support": "hyprland-qt-support", - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprland-qtutils", - "hyprlang", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-qtutils", - "type": "github" - } - }, "hyprlang": { "inputs": { "hyprutils": [ @@ -1117,11 +1110,11 @@ ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1763254292, + "narHash": "sha256-JNgz3Fz2KMzkT7aR72wsgu/xNeJB//LSmdilh8Z/Zao=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "deea98d5b61d066bdc7a68163edd2c4bd28d3a6b", "type": "github" }, "original": { @@ -1184,6 +1177,58 @@ "type": "github" } }, + "hyprtoolkit": { + "inputs": { + "aquamarine": [ + "hyprland", + "hyprland-guiutils", + "aquamarine" + ], + "hyprgraphics": [ + "hyprland", + "hyprland-guiutils", + "hyprgraphics" + ], + "hyprlang": [ + "hyprland", + "hyprland-guiutils", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprland-guiutils", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprland-guiutils", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "hyprland-guiutils", + "nixpkgs" + ], + "systems": [ + "hyprland", + "hyprland-guiutils", + "systems" + ] + }, + "locked": { + "lastModified": 1762463729, + "narHash": "sha256-2fYkU/mdz8WKY3dkDPlE/j6hTxIwqultsx4gMMsMns0=", + "owner": "hyprwm", + "repo": "hyprtoolkit", + "rev": "88483bdee5329ec985f0c8f834c519cd18cfe532", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprtoolkit", + "type": "github" + } + }, "hyprutils": { "inputs": { "nixpkgs": [ @@ -1196,11 +1241,11 @@ ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1763323331, + "narHash": "sha256-+Z0OfCo1MS8/aIutSAW5aJR9zTae1wz9kcJYMgpwN6M=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "0c6411851cc779d551edc89b83966696201611aa", "type": "github" }, "original": { @@ -1332,6 +1377,27 @@ "type": "github" } }, + "mail-ntfy-server": { + "inputs": { + "flake-utils": "flake-utils_4", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1763972872, + "narHash": "sha256-Fr6O5MR7ahoVAqPyT59bdmgIbchacqFO3/LwnIQI62E=", + "owner": "dachxy", + "repo": "mail-ntfy-server", + "rev": "7b62608dfcaac6e8a205c905efe806ce941b996b", + "type": "github" + }, + "original": { + "owner": "dachxy", + "repo": "mail-ntfy-server", + "type": "github" + } + }, "mail-server": { "inputs": { "nixpkgs": [ @@ -1370,7 +1436,7 @@ }, "microvm": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs": [ "nixpkgs" ], @@ -1508,7 +1574,7 @@ "nix-minecraft": { "inputs": { "flake-compat": "flake-compat_6", - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_6", "nixpkgs": [ "nixpkgs" ] @@ -1529,7 +1595,7 @@ }, "nix-search-tv": { "inputs": { - "flake-utils": "flake-utils_6", + "flake-utils": "flake-utils_7", "nixpkgs": "nixpkgs_5" }, "locked": { @@ -1680,11 +1746,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1758277210, - "narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=", + "lastModified": 1763283776, + "narHash": "sha256-Y7TDFPK4GlqrKrivOcsHG8xSGqQx3A6c+i7novT85Uk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8eaee110344796db060382e15d3af0a9fc396e0e", + "rev": "50a96edd8d0db6cc8db57dab6bb6d6ee1f3dc49a", "type": "github" }, "original": { @@ -1823,7 +1889,7 @@ "nixpkgs": [ "nixpkgs" ], - "systems": "systems_9" + "systems": "systems_10" }, "locked": { "lastModified": 1762622004, @@ -1849,11 +1915,11 @@ ] }, "locked": { - "lastModified": 1758108966, - "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "lastModified": 1763319842, + "narHash": "sha256-YG19IyrTdnVn0l3DvcUYm85u3PaqBt6tI6VvolcuHnA=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "rev": "7275fa67fbbb75891c16d9dee7d88e58aea2d761", "type": "github" }, "original": { @@ -1925,6 +1991,7 @@ "hyprland-plugins": "hyprland-plugins", "hyprlock": "hyprlock", "lanzaboote": "lanzaboote", + "mail-ntfy-server": "mail-ntfy-server", "mail-server": "mail-server", "marks-nvim": "marks-nvim", "microvm": "microvm", @@ -2095,7 +2162,7 @@ "nixpkgs" ], "nur": "nur", - "systems": "systems_10", + "systems": "systems_11", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", @@ -2161,6 +2228,21 @@ "type": "github" } }, + "systems_12": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "systems_2": { "locked": { "lastModified": 1681028828, @@ -2411,11 +2493,11 @@ ] }, "locked": { - "lastModified": 1755354946, - "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=", + "lastModified": 1761431178, + "narHash": "sha256-xzjC1CV3+wpUQKNF+GnadnkeGUCJX+vgaWIZsnz9tzI=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0", + "rev": "4b8801228ff958d028f588f0c2b911dbf32297f9", "type": "github" }, "original": { @@ -2426,7 +2508,7 @@ }, "yazi": { "inputs": { - "flake-utils": "flake-utils_7", + "flake-utils": "flake-utils_8", "nixpkgs": "nixpkgs_8", "rust-overlay": "rust-overlay_5" }, diff --git a/flake.nix b/flake.nix index ff3076e..770c4fc 100644 --- a/flake.nix +++ b/flake.nix @@ -35,7 +35,7 @@ }; hyprland = { - url = "git+https://github.com/hyprwm/Hyprland?submodules=1&ref=refs/tags/v0.51.1"; + url = "github:hyprwm/Hyprland"; }; hyprland-plugins = { @@ -137,6 +137,11 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + mail-ntfy-server = { + url = "github:dachxy/mail-ntfy-server"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nix-search-tv.url = "github:3timeslazy/nix-search-tv"; }; @@ -214,6 +219,7 @@ # ==== Common Modules ==== # inputs.home-manager.nixosModules.default + inputs.mail-ntfy-server.nixosModules.default inputs.nix-index-database.nixosModules.nix-index inputs.disko.nixosModules.disko inputs.sops-nix.nixosModules.sops diff --git a/home/user/hypr/windowrule.nix b/home/user/hypr/windowrule.nix index 8396cdb..3744bc3 100644 --- a/home/user/hypr/windowrule.nix +++ b/home/user/hypr/windowrule.nix @@ -7,117 +7,114 @@ in { wayland.windowManager.hyprland.settings = { windowrule = [ - "pseudo, class:(org.fcitx.)" - "float, class:file_progress" - "float, class:confirm" - "float, class:dialog" - "float, class:download" - "float, class:notification" - "float, class:error" - "float, class:splash" - "float, class:confirmreset" - "float, title:Open File" - "float, title:branchdialog" - "float, class:pavucontrol-qt" - "float, class:pavucontrol" - "float, class:file-roller" - "fullscreen, title:wlogout" - "float, title:wlogout" - "fullscreen, title:wlogout" + "match:class ^(org.fcitx.), pseudo true" + "match:class file_progress, float true" + "match:class confirm, float true" + "match:class dialog, float true" + "match:class download, float true" + "match:class notification, float true" + "match:class error, float true" + "match:class splash, float true" + "match:class confirmreset, float true" + "match:title Open File, float true" + "match:title branchdialog, float true" + "match:class pavucontrol-qt, float true" + "match:class pavucontrol, float true" + "match:class file-roller, float true" + "match:title wlogout, fullscreen true" + "match:title wlogout, float true" + "match:title wlogout, fullscreen true" - "float, title:^(Media viewer)$" - "float, title:^(File Operation Progress)$" - "float, class:^(it.mijorus.smile)" - "float, class:^(xdg-desktop-portal-gtk)$" - "float, title:^(Steam Settings)$" + "match:title ^(Media viewer)$, float true" + "match:title ^(File Operation Progress)$, float true" + "match:class ^(it.mijorus.smile), float true" + "match:class ^(xdg-desktop-portal-gtk)$, float true" + "match:title ^(Steam Settings)$, float true" - "fullscreen, initialClass:^(cs2)$" + "fullscreen true, match:initial_class ^(cs2)$" # Zen browser - "opacity 0.9999 override, initialClass:^(zen)(.*)" + "opacity 0.9999 override, match:initial_class ^(zen)(.*)" # Ghostty - "opacity 0.9999 override, initialClass:^(com.mitchellh.ghostty)$" + "opacity 0.9999 override, match:initial_class ^(com.mitchellh.ghostty)$" # Picture in picture windows - "float, title:^(Picture-in-Picture)$" - "pin, title:^(Picture-in-Picture)$" - "float, class:^(vesktop)$,title:^(Discord Popout)$" - "pin, class:^(vesktop)$,title:^(Discord Popout)$" - "float, class:^(steam)$,title:^(Friends List)$" + "float true, match:title ^(Picture-in-Picture)$" + "pin true, match:title ^(Picture-in-Picture)$" + "float true, match:class ^(vesktop)$, match:title ^(Discord Popout)$" + "pin true, match:class ^(vesktop)$, match:title ^(Discord Popout)$" + "float true, match:class ^(steam)$, match:title ^(Friends List)$" # Meidia control - "move ${right} ${top}, class: ^(org.pulseaudio.pavucontrol)$" - "size 30% 33%, class: ^(org.pulseaudio.pavucontrol)$" + "move ${right} ${top}, match:class ^(org.pulseaudio.pavucontrol)$" + "size 30% 33%, match:class ^(org.pulseaudio.pavucontrol)$" # Local Send (File Sharing) - "move ${right} 8%, class: ^(localsend_app)$" - "size 20% 80%, class: ^(localsend_app)$" + "move ${right} 8%, match:class ^(localsend_app)$" + "size 20% 80%, match:class ^(localsend_app)$" # Bluetooth - "move ${right} ${top}, class: ^(blueberry.py)$" - "size 25% 45%, class: ^(blueberry.py)$" + "move ${right} ${top}, match:class ^(blueberry.py)$" + "size 25% 45%, match:class ^(blueberry.py)$" # Media Control - "float, class: ^(org.pulseaudio.pavucontrol)$" - "pin, class: ^(org.pulseaudio.pavucontrol)$" - "animation slide top 20%, class: ^(org.pulseaudio.pavucontrol)$" + "float true, match:class ^(org.pulseaudio.pavucontrol)$" + "pin true, match:class ^(org.pulseaudio.pavucontrol)$" + "animation slide top 20%, match:class ^(org.pulseaudio.pavucontrol)$" # Local Send (File Sharing) - "float, class: ^(localsend_app)$" - "pin, class: ^(localsend_app)$" - "animation slide right 20%, class: ^(localsend_app)$" + "float true, match:class ^(localsend_app)$" + "pin true, match:class ^(localsend_app)$" + "animation slide right 20%, match:class ^(localsend_app)$" # Airplay - "move ${right} 10%, class: ^(GStreamer)$" - "size 21% 80%, class: ^(GStreamer)$" - "pin, class: ^(GStreamer)$" - "float, class: ^(GStreamer)$" - "opacity 1.0 override 1.0 override, class: ^(GStreamer)$" - "noblur, class: ^(GStreamer)$" - "animation slide right 20%, class: ^(GStreamer)$" - "keepaspectratio, class: ^(GStreamer)$" + "move ${right} 10%, match:class ^(GStreamer)$" + "size 21% 80%, match:class ^(GStreamer)$" + "pin true, match:class ^(GStreamer)$" + "float true, match:class ^(GStreamer)$" + "opacity 1.0 override 1.0 override, match:class ^(GStreamer)$" + "no_blur true, match:class ^(GStreamer)$" + "animation slide right 20%, match:class ^(GStreamer)$" + "keep_aspect_ratio true, match:class ^(GStreamer)$" # Bluetooth - "float, class: ^(blueberry.py)$" - "pin, class: ^(blueberry.py)$" - "animation slide top 20%, class: ^(blueberry.py)$" + "float true, match:class ^(blueberry.py)$" + "pin true, match:class ^(blueberry.py)$" + "animation slide top 20%, match:class ^(blueberry.py)$" # Steam - "workspace 7 silent, class: ^(steam)$" - "workspace unset, class: ^(steam)$, floating: 1" + "workspace 7 silent, match:class ^(steam)$" + "workspace unset, match:class ^(steam)$, match:float true" # steam game - "workspace 7 silent, class: ^(steam_app_)(.*)" + "workspace 7 silent, match:class ^(steam_app_)(.*)" # VLC - "workspace 3, initialClass: ^(vlc), floating: 0" + "workspace 3, match:initial_class ^(vlc), match:float false" # discord - "workspace 4 silent, initialClass: ^(discord), floating: 0" + "workspace 4 silent, match:initial_class ^(discord), match:float false" # Davinci resolve - "center 1, initialClass: ^(resolve), floating: 1" + "center 1, match:initial_class ^(resolve), match:float true" # Disable Tansparent - "opacity 1.0 override 1.0 override, tag:${notransTag}" - "noblur, tag: ^(${notransTag})$" + "opacity 1.0 override 1.0 override, match:tag ${notransTag}" + "no_blur true, match:tag ^(${notransTag})$" ]; layerrule = [ - "blur, waybar" - "blur, logout_dialog" - "unset, rofi" - "blur, rofi" - "ignorezero, rofi" - "unset, swaync-control-center" - "unset, swaync-notification-window" - "blur, swaync-control-center" - "blur, swaync-notification-window" - "ignorezero, swaync-control-center" - "ignorezero, swaync-notification-window" - "ignorealpha 0.1, swaync-control-center" - "ignorealpha 0.1, swaync-notification-window" + "match:namespace waybar, blur on" + "match:namespace logout_dialog, blur on" + "match:namespace rofi, blur on" + "match:namespace rofi, ignore_alpha 0" + "match:namespace swaync-control-center, blur on" + "match:namespace swaync-notification-window, blur on" + "match:namespace swaync-control-center, ignore_alpha 0" + "match:namespace swaync-notification-window, ignore_alpha 0" + "match:namespace swaync-control-center, ignore_alpha 0.1" + "match:namespace swaync-notification-window, ignore_alpha 0.1" ]; }; } diff --git a/system/dev/dn-pre7780/default.nix b/system/dev/dn-pre7780/default.nix index 4cee111..f259dff 100644 --- a/system/dev/dn-pre7780/default.nix +++ b/system/dev/dn-pre7780/default.nix @@ -49,7 +49,7 @@ in } { from = 31000; - to = 31010; + to = 32000; } ]; diff --git a/system/dev/dn-pre7780/services/mail.nix b/system/dev/dn-pre7780/services/mail.nix index 864d160..2175705 100644 --- a/system/dev/dn-pre7780/services/mail.nix +++ b/system/dev/dn-pre7780/services/mail.nix @@ -202,4 +202,18 @@ in ''; }; }; + + services.mail-ntfy-server = { + enable = true; + settings = { + NTFY_URL = "https://ntfy.net.dn"; + NTFY_TOPIC = "dachxy-mail"; + NTFY_RCPTS = [ "dachxy@dnywe.com" ]; + HOST = "127.0.0.1"; + PORT = 31010; + }; + environmentFiles = [ + config.sops.secrets."ntfy".path + ]; + }; } diff --git a/system/dev/dn-server/options/network.nix b/system/dev/dn-server/options/network.nix index 0eecfdd..b77f00c 100644 --- a/system/dev/dn-server/options/network.nix +++ b/system/dev/dn-server/options/network.nix @@ -62,14 +62,9 @@ in }; }; - systemd.services.fetch-allowed-domains = { - path = with pkgs; [ - nftables - dig.dnsutils - ]; - after = [ "network.target" ]; - serviceConfig = { - ExecStart = "${pkgs.writeShellScript "fetch-allowed-domains" '' + systemd.services.fetch-allowed-domains = + let + script = pkgs.writeShellScript "fetch-allowed-domains" '' DOMAINS=(${toString (map (x: ''"${x}"'') cfg.allowedDomains)}) SETNAME="inet filter ${cfg.rules.setName}" @@ -83,9 +78,19 @@ in echo "Added $ip for $domain" done done - ''}"; - Type = "oneshot"; + ''; + in + { + path = with pkgs; [ + nftables + dig.dnsutils + ]; + after = [ "network.target" ]; + serviceConfig = { + ExecStart = "${script}"; + Type = "oneshot"; + }; + restartTriggers = [ script ]; }; - }; }; } diff --git a/system/dev/dn-server/services/ntfy.nix b/system/dev/dn-server/services/ntfy.nix index 00a53d6..0129915 100644 --- a/system/dev/dn-server/services/ntfy.nix +++ b/system/dev/dn-server/services/ntfy.nix @@ -9,6 +9,7 @@ in { systemConf.security.allowedDomains = [ "ntfy.sh" + "web.push.apple.com" ]; services.ntfy-sh = { @@ -22,6 +23,8 @@ in auth-default-access = "deny-all"; enable-login = true; auth-file = "/var/lib/ntfy-sh/user.db"; + web-push-public-key = "BHN3E5Mwckakf6gOf2uAaiTueB-2L6i96QA1l0r1rSTX_N4qGtMgobmIgEfdY6LAFxradYLtRmwEzTzEnp_Xs5w"; + web-push-file = "/var/lib/ntfy-sh/webpush.db"; }; environmentFile = config.sops.secrets."ntfy".path; }; diff --git a/system/dev/dn-server/sops/secret.yaml b/system/dev/dn-server/sops/secret.yaml index a138c20..0647ab7 100644 --- a/system/dev/dn-server/sops/secret.yaml +++ b/system/dev/dn-server/sops/secret.yaml @@ -40,7 +40,7 @@ crowdsec: capi.yaml: ENC[AES256_GCM,data:+13mu3XXst8J5okb+jQ/IPOd5TfdcDgLuTP8L46U53GTgTJChQoT4Ttw6xKQhp6L7vNoArQBQL66leRt3DEXATUjxl/Zoi2eymxqLn6/NUpPkv0g7hszJGVbMZEUGjo3IAk5ZRQWaNXHA9mRq/OkHzpMMM6ZpCd0KpY92QbLSHxJ6yUMazL1Wh4hwvyWyN6lLxujrgnZWOQDPZYQmIi+c/Af,iv:OO+Ujqq89SbWcRoqhwiJX2jtIJIUrtgG9xll7WuDhzw=,tag:R+Mx2UAkwA238quvMKCBLQ==,type:str] consoleToken: ENC[AES256_GCM,data:G/UfbMqHW0lecT7vKmZsusvXzgxz6apdRQ==,iv:JJTN1RPhFNMd2gqE3Vw2FvC+bA/vgOiYNfBhr96veIw=,tag:HKbhtwCWkLte8e8uGDt2Gw==,type:str] opencloud: ENC[AES256_GCM,data:NrhvojLoMUbGkWNkfDN12iAU70F9o1MXa3m8RzYtcBU1r9zk0e+4ZlPAqw2SIobMDC3vo3few7cA21ruYGP2p36lskG6UjafyJPJoHQcxlq04Kp/9GVeSsvI3KP08WLmoaBqk6b+f1K57P4OzSHPYKQ4/f51B4yhmt8n/DNg7RgF8wNKi4KUTOBuC/j+T+51vsJdjqHUuBi1y2ZqaolAwfEYbnswNVJUcOxHUezIAGke/22U0fS01+p1JQ/PAzSeDdxuX8dAMDVYHHZ13A07kXIRchpSb63Y5pTLUUAl25zAaSYoq+fZ0s61DZrYCaityZCishhCpJwmyoOsCWEesOpRFYNjIALIxWmM9b3aU/5G1WNiPRdlfvZpowhm3r+4X7QGCoXvuoI94l8DuXW7wN77XhLr7s4w,iv:TrUgpRHN7NYFZw+tihcxJ+dhNi4nIuNHMxNWgCE53AA=,tag:YZNL/Pv8S0hYtSt5IBE1GA==,type:str] -ntfy: ENC[AES256_GCM,data:BapVKt2WzKLMP6KsxZ32+SS0mpIy0waqUTI7Rj0yyWA1mF9bstp0VfRv/6Dna41ttecFjyLRMmlF0jLqHXcNtqmlB3lHiE5IvVcEadjGB5C1fcQKrj5CveVPecvxzc+CfMMt4tlzike9TYL2tP5siGQzU7HvpNfIlT/Qfi40j8l7eT+Tne+XAadu/GQ1CH5dWKr8gPrR8fpfw6CgDvvc05SBLlfM2LsfTxz/UNV3vAbfRLchCsqd9s9jcR4UJPoJv6HVe480HXgY5SLcZA/Gh58=,iv:MqYwns9JITCskQo+ADgWghfRCwiSV+IGdUvi568Fmrc=,tag:Re20TMCnk5EA+X9wQRYg3w==,type:str] +ntfy: ENC[AES256_GCM,data:y2evjuP49mnN8dCnS+nC6KGYEiO5ZPykgtHXQJqYoW/yq7zMpPowe5cFdKYO6MYWYFwT4Vy8okl64h8GQXZOPfqjEct2eB23GL6021ZCm5FmGJf4pYERwuYV0LC3VV74nnvTd9rDhWeSDd1awXzwkbviy7CtI55R3+ZBxRKhIYL31f4T4OHs51wldJWE6Lf8f6eNldN0M+Ki4Pxvyhbtt/A3OLmfSKhCd+eehdCABkuWaiPAu55dJS/m/b8++lQaod0Vmdbp9WlLGP5Ep7G5XwG92F5PgPr6dRa78x5AcvahVgSr8inlTVhXrue5EBzd3TAj2cIf953S2V6GKCFqhdjajbPvqzqXVxC5JuTCX9d6bWAMVGkVqeF0i33kHewM+cT3iGAYUSt38UTvCqI7UY5X0AIlZe5S8J2BCoDlRbHA7mERQrDl2Q==,iv:n+ubsZKbW2odqQeK4aqhxPxdCxtCsO7wS2wIthaQPHE=,tag:j7Ju4FrPYnKfUcy5pNQI3w==,type:str] sops: age: - recipient: age17rjcght2y5p4ryr76ysnxpy2wff62sml7pyc5udcts48985j05vqpwdfq2 @@ -70,7 +70,7 @@ sops: OFloWEFuTC9GTXJsMG5NNktmdmIrY1kK0yN0ae0xNaydujV5lt2FiwXdyursG0DK 9i/B3TTAm9csDMMSTSFbiAUJDzG7kIqn++JU/cxvsGScSnhMqjEK/g== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-11-22T18:17:35Z" - mac: ENC[AES256_GCM,data:88NsRj8t483hQ1jWu3u+772he7G2oyybf+pcgyFoBpfrb5GZqXzlae7TpTqstRLvXLcvaXXWI+QUA9WKvuozHEZ2OPzP84JbTjj72POBaIf5k9jHwzNrbXdWPlQF0PLHjnguniDeKLMC8KI7Aypww7CM3N3Gkuyr6bVGGDIsPLw=,iv:D0O8HmtjYyTRd+ZeDkGctA79i+LVOh2f8B1vUjWYqPI=,tag:OU77+XJh9nOOo54fmj35kQ==,type:str] + lastmodified: "2025-11-24T10:30:46Z" + mac: ENC[AES256_GCM,data:yBegCnXXKimHlZ5UcPL6O9VbhdpASMd09t7m2fxLFGYgHXYFsuRda8puVpe9EiukNRJzhkWZRjJUHI+nE2cdibx5Ewaom8lbe8pKB1A7qrVSXjU+f5HTMjUdB+ACAcGlErc0wniekwSQj2LfIYknYm2nVz2M5VeDbYxz7F5PAO0=,iv:vMdsGEe1ZPQdNtSXhtwC0StiuhBVViCuBGTURep37UM=,tag:mB2kZZcrGnmChQQRc4wvTA==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0