{ config, inputs, lib, libNginx, ... }: with lib; let cfg = config.nixfiles.modules.alertmanager; in { imports = [inputs.alertmanager-ntfy.nixosModules.default]; options.nixfiles.modules.alertmanager = { enable = mkEnableOption "Alertmanager"; port = mkOption { description = "Port."; type = with types; port; default = 30112; }; domain = mkOption { description = "Domain name sans protocol scheme."; type = with types; nullOr str; default = "alertmanager.${config.networking.domain}"; }; }; config = mkIf cfg.enable { nixfiles.modules = { ntfy.enable = true; nginx = { enable = true; upstreams.alertmanager.servers."127.0.0.1:${toString cfg.port}" = {}; virtualHosts.${cfg.domain} = { locations."/".proxyPass = "http://alertmanager"; extraConfig = libNginx.config.internalOnly; }; }; }; services = { prometheus.alertmanager = { enable = true; listenAddress = "127.0.0.1"; inherit (cfg) port; extraFlags = [ "--cluster.listen-address=\"\"" "--web.external-url=https://${cfg.domain}" ]; configuration = { global = { smtp_from = "alertmanager@${my.domain.shire}"; smtp_smarthost = "${my.domain.shire}:584"; }; route = { receiver = my.username; group_by = ["alertname"]; }; receivers = [ { name = my.username; # TODO # email_configs = [ # { # to = "${my.username}+alert@${my.domain.shire}"; # } # ]; webhook_configs = [ { url = with config.pinpox.services.alertmanager-ntfy; "http://${httpAddress}:${httpPort}"; } ]; } ]; }; }; }; pinpox.services.alertmanager-ntfy = { enable = true; httpAddress = "127.0.0.1"; httpPort = toString (config.nixfiles.modules.ntfy.port + 1); ntfyTopic = "${config.services.ntfy-sh.settings.base-url}/alertmanager"; ntfyPriority = "high"; envFile = "/dev/null"; }; }; }