From 9690a9de0f44e90ee2e362e9e341e833d72b463a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= <dev@felschr.com>
Date: Tue, 23 Sep 2025 22:15:57 +0200
Subject: [PATCH] feat(systemdNotify): limit to one invocation every 15 minutes
 per service

Also adds an `ExecCondition` for ignoring service auto-resarts.
---
 modules/systemdNotify.nix | 70 ++++++++++++++++++++++++---------------
 1 file changed, 43 insertions(+), 27 deletions(-)

diff --git a/modules/systemdNotify.nix b/modules/systemdNotify.nix
index a4c3273..c49c5fb 100644
--- a/modules/systemdNotify.nix
+++ b/modules/systemdNotify.nix
@@ -26,6 +26,16 @@ let
     $(systemctl status --full "$1")
     ERRMAIL
   '';
+
+  checkConditions = pkgs.writeScript "check-conditions" ''
+    #!/bin/sh
+    STATUS=$(systemctl status --full "$1")
+
+    case "$STATUS" in
+      *"activating (auto-restart) (Result: timeout)"*) exit 1 ;;
+      *) exit 0 ;;
+    esac
+  '';
 in
 {
   options = {
@@ -85,32 +95,38 @@ in
       }
     ];
 
-    systemd.services."notify@" = {
-      onFailure = lib.mkForce [ ];
-    }
-    // optionalAttrs (cfg.method == "libnotify") {
-      description = "Desktop notifications for %i service failure";
-      environment = {
-        DISPLAY = ":0";
-        INSTANCE = "%i";
-      };
-      script = ''
-        export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u '${cfg.libnotify.user}')/bus"
-        ${pkgs.libnotify}/bin/notify-send --app-name="$INSTANCE" --urgency=critical \
-          "Service '$INSTANCE' failed" \
-          "$(journalctl -n 6 -o cat -u $INSTANCE)"
-      '';
-      serviceConfig = {
-        Type = "oneshot";
-        User = cfg.libnotify.user;
-      };
-    }
-    // optionalAttrs (cfg.method == "email") {
-      description = "E-Mail notifications for %i service failure";
-      serviceConfig = {
-        ExecStart = "${sendmail} %i";
-        Type = "oneshot";
-      };
-    };
+    systemd.services."notify@" =
+      lib.recursiveUpdate
+        {
+          onFailure = lib.mkForce [ ];
+          unitConfig = {
+            StartLimitIntervalSec = "15m";
+            StartLimitBurst = 1;
+          };
+          serviceConfig = {
+            Type = "oneshot";
+            ExecCondition = "${checkConditions} %i";
+          };
+        }
+        (
+          optionalAttrs (cfg.method == "libnotify") {
+            description = "Desktop notifications for %i service failure";
+            environment = {
+              DISPLAY = ":0";
+              INSTANCE = "%i";
+            };
+            script = ''
+              export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u '${cfg.libnotify.user}')/bus"
+              ${pkgs.libnotify}/bin/notify-send --app-name="$INSTANCE" --urgency=critical \
+                "Service '$INSTANCE' failed" \
+                "$(journalctl -n 6 -o cat -u $INSTANCE)"
+            '';
+            serviceConfig.User = cfg.libnotify.user;
+          }
+          // optionalAttrs (cfg.method == "email") {
+            description = "E-Mail notifications for %i service failure";
+            serviceConfig.ExecStart = "${sendmail} %i";
+          }
+        );
   };
 }