Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ntfy-sh: add runtime secret file support #358060

Closed
wants to merge 2 commits into from
Closed

ntfy-sh: add runtime secret file support #358060

wants to merge 2 commits into from

Conversation

JacobMetz
Copy link

@JacobMetz JacobMetz commented Nov 22, 2024
edited
Loading

ADDED: smtpSenderPassFile and webPushPrivateKeyFile options
ADDED: systemd LoadCredential for secure runtime secret handling
ADDED: security hardening options for notification service
CHANGED: state directory handling

Closes #352461

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
    Note: I attempted to run nixpkgs-review, but my dual core laptop repeatedly froze during the process. If additional testing is required, I would appreciate assistance or confirmation from a reviewer with more capable hardware.
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@github-actions github-actions bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Nov 22, 2024
@NixOSInfra NixOSInfra added the 12. first-time contribution This PR is the author's first one; please be gentle! label Nov 22, 2024
@pluiedev
Copy link
Contributor

Welcome to Nixpkgs! Please squash your commits into just one 🥰

@pluiedev
Copy link
Contributor

Looks like you mis-rebased there. Got a lot of unrelated commits in here

@github-actions github-actions bot added 6.topic: python 6.topic: GNOME GNOME desktop environment and its underlying platform 6.topic: kernel The Linux kernel 8.has: documentation 8.has: changelog 6.topic: rust 6.topic: policy discussion 6.topic: ocaml 6.topic: coq "A formal proof management system" 6.topic: testing Tooling for automated testing of packages and modules 6.topic: cuda Parallel computing platform and API 6.topic: vscode 6.topic: lib The Nixpkgs function library 6.topic: games 6.topic: php 8.has: maintainer-list (update) This PR changes `maintainers/maintainer-list.nix` 6.topic: continuous integration Affects continuous integration (CI) in Nixpkgs, including Ofborg and GitHub Actions labels Nov 22, 2024
@nix-owners nix-owners bot requested a review from aanderse November 22, 2024 21:31
@JacobMetz
Copy link
Author

Looks like you mis-rebased there. Got a lot of unrelated commits in here

I am not sure why but I can't seem to fix it. Do you mind helping me out?

@pluiedev
Copy link
Contributor

pluiedev commented Nov 22, 2024
edited
Loading

I think you just did a mass ping. Please make a new PR without, y'know, involving all these people 😅

@pluiedev pluiedev closed this Nov 22, 2024
@JacobMetz
Copy link
Author

Oh my god sorry. Will do.

@JacobMetz JacobMetz deleted the ntfy-secret-files branch November 22, 2024 21:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pluiedev pluiedev pluiedev left review comments

@aanderse aanderse Awaiting requested review from aanderse

@alyssais alyssais Awaiting requested review from alyssais

@Artturin Artturin Awaiting requested review from Artturin

@azuwis azuwis Awaiting requested review from azuwis

@drupol drupol Awaiting requested review from drupol

@emilazy emilazy Awaiting requested review from emilazy

@Ericson2314 Ericson2314 Awaiting requested review from Ericson2314

@fabianhjr fabianhjr Awaiting requested review from fabianhjr

@figsoda figsoda Awaiting requested review from figsoda

@globin globin Awaiting requested review from globin

@infinisil infinisil Awaiting requested review from infinisil

@joachifm joachifm Awaiting requested review from joachifm

@jtojnar jtojnar Awaiting requested review from jtojnar

@LeSuisse LeSuisse Awaiting requested review from LeSuisse

@Ma27 Ma27 Awaiting requested review from Ma27

Assignees
No one assigned
Labels
6.topic: continuous integration Affects continuous integration (CI) in Nixpkgs, including Ofborg and GitHub Actions 6.topic: coq "A formal proof management system" 6.topic: cuda Parallel computing platform and API 6.topic: games 6.topic: GNOME GNOME desktop environment and its underlying platform 6.topic: kernel The Linux kernel 6.topic: lib The Nixpkgs function library 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 6.topic: ocaml 6.topic: php 6.topic: policy discussion 6.topic: python 6.topic: rust 6.topic: testing Tooling for automated testing of packages and modules 6.topic: vscode 8.has: changelog 8.has: documentation 8.has: maintainer-list (update) This PR changes `maintainers/maintainer-list.nix` 8.has: module (update) This PR changes an existing module in `nixos/` 12. first-time contribution This PR is the author's first one; please be gentle!
Projects
CUDA Team
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

nixos/ntfy-sh: Add options for secrets files
3 participants
@JacobMetz @pluiedev @NixOSInfra