feat: setup email notification on systemd failures

home-pc.nix

@@ -11,6 +11,8 @@
     ./desktop
     ./virtualisation/libvirt.nix
     ./virtualisation/docker.nix
+    ./modules/emailNotify.nix
+    ./services/mail.nix
     ./services/samba/home-pc.nix
     ./services/syncthing/home-pc.nix
     ./services/restic/home-pc.nix
@@ -43,6 +45,11 @@
     "87.98.162.88" = [ "portcheck.transmissionbt.com" ];
   };
 
+  systemd.emailNotify.enable = true;
+  systemd.emailNotify.mailTo = "admin@felschr.com";
+  systemd.emailNotify.mailFrom =
+    "${config.networking.hostName} <felschr@web.de>";
+
   services.printing.drivers = with pkgs; [ epson-escpr ];
 
   # only change this when specified in release notes

modules/emailNotify.nix

@@ -0,0 +1,67 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.systemd.emailNotify;
+  sendmail = pkgs.writeScript "sendmail" ''
+    #!${pkgs.runtimeShell}
+
+    ${pkgs.system-sendmail}/bin/sendmail -t <<ERRMAIL
+    To: ${cfg.mailTo}
+    From: ${cfg.mailFrom}
+    Subject: Status of service $1
+    Content-Transfer-Encoding: 8bit
+    Content-Type: text/plain; charset=UTF-8
+    $(systemctl status --full "$1")
+    ERRMAIL
+  '';
+in {
+  options = {
+    systemd.emailNotify = {
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description =
+          "Whether to enable email notification for failed services.";
+      };
+
+      mailTo = mkOption {
+        type = types.str;
+        default = null;
+        description =
+          "Email address to which the service status will be mailed.";
+      };
+
+      mailFrom = mkOption {
+        type = types.str;
+        default = null;
+        description =
+          "Email address from which the service status will be mailed.";
+      };
+    };
+
+    systemd.services = mkOption {
+      type = with types;
+        attrsOf (submodule {
+          config.onFailure = optional cfg.enable "email@%n.service";
+        });
+    };
+  };
+
+  config = mkIf cfg.enable {
+    assertions = singleton {
+      assertion = cfg.mailTo != null && cfg.mailFrom != null;
+      message = "You need to specify a sender and a receiver";
+    };
+
+    systemd.services."email@" = {
+      description = "Sends a status mail via sendmail on service failures.";
+      onFailure = lib.mkForce [ ];
+      serviceConfig = {
+        ExecStart = "${sendmail} %i";
+        Type = "oneshot";
+      };
+    };
+  };
+}

rpi4.nix

@@ -16,6 +16,8 @@ in with builtins; {
     ./system/nix.nix
     ./system/i18n.nix
     ./system/networking.nix
+    ./modules/emailNotify.nix
+    ./services/mail.nix
     ./services/restic/rpi4.nix
     ./services/samba/rpi4.nix
     ./services/syncthing/rpi4.nix
@@ -109,6 +111,11 @@ in with builtins; {
 
   virtualisation.oci-containers.backend = "podman";
 
+  systemd.emailNotify.enable = true;
+  systemd.emailNotify.mailTo = "admin@felschr.com";
+  systemd.emailNotify.mailFrom =
+    "${config.networking.hostName} <felschr@web.de>";
+
   # only change this when specified in release notes
   system.stateVersion = "21.11";
 }

services/mail.nix

@@ -0,0 +1,22 @@
+{ config, pkgs, ... }:
+
+{
+  programs.msmtp = {
+    enable = true;
+    defaults = {
+      tls = true;
+      tls_starttls = true;
+      auth = true;
+    };
+    accounts.default = rec {
+      tls = true;
+      tls_starttls = true;
+      host = "smtp.web.de";
+      port = 587;
+      user = "felschr@web.de";
+      passwordeval = "cat /etc/nixos/secrets/smtp";
+      # from = "%U@server.felschr.com";
+      from = user;
+    };
+  };
+}