Don't ntfy for logrotate failures and add container names to ntfy alerts

common/network/pia-vpn/service-container.nix

@@ -11,6 +11,7 @@ with lib;
 
 let
   cfg = config.pia-vpn;
+  hostName = config.networking.hostName;
 
   mkContainer = name: ctr: {
     autoStart = true;
@@ -28,6 +29,9 @@ let
     config = { config, pkgs, lib, ... }: {
       imports = allModules ++ [ ctr.config ];
 
+      ntfy-alerts.ignoredUnits = [ "logrotate" ];
+      ntfy-alerts.hostLabel = "${hostName}/${name}";
+
       # Static IP with gateway pointing to VPN container
       networking.useNetworkd = true;
       systemd.network.enable = true;

common/network/pia-vpn/vpn-container.nix

@@ -6,6 +6,7 @@ with lib;
 
 let
   cfg = config.pia-vpn;
+  hostName = config.networking.hostName;
   scripts = import ./scripts.nix;
 
   # Port forwarding derived state
@@ -98,6 +99,8 @@ in
 
           # Route ntfy alerts through the host proxy (VPN container has no gateway on eth0)
           ntfy-alerts.curlExtraArgs = "--proxy http://${cfg.hostAddress}:${toString cfg.proxyPort}";
+          ntfy-alerts.ignoredUnits = [ "logrotate" ];
+          ntfy-alerts.hostLabel = "${hostName}/pia-vpn";
 
           # Enable forwarding so bridge traffic can go through WG
           boot.kernel.sysctl."net.ipv4.ip_forward" = 1;

common/ntfy/default.nix

@@ -26,6 +26,12 @@
       default = [ ];
       description = "Unit names to skip failure notifications for.";
     };
+
+    hostLabel = lib.mkOption {
+      type = lib.types.str;
+      default = config.networking.hostName;
+      description = "Label used in ntfy alert titles to identify this host/container.";
+    };
   };
 
   config = lib.mkIf config.thisMachine.hasRole."ntfy" {

common/ntfy/service-failure.nix

@@ -32,7 +32,7 @@ in
             --max-time 30 --retry 3 \
             ${cfg.curlExtraArgs} \
             -H "Authorization: Bearer $NTFY_TOKEN" \
-            -H "Title: Service failure on ${config.networking.hostName}" \
+            -H "Title: Service failure on ${cfg.hostLabel}" \
             -H "Priority: high" \
             -H "Tags: rotating_light" \
             -H "Message: Unit $unit failed at $(date +%c)" \

common/server/gitea-actions-runner.nix

@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, allModules, ... }:
 
 # Gitea Actions Runner inside a NixOS container.
 # The container shares the host's /nix/store (read-only) and nix-daemon socket,
@@ -9,6 +9,7 @@
 let
   thisMachineIsARunner = config.thisMachine.hasRole."gitea-actions-runner";
   hostOverlays = config.nixpkgs.overlays;
+  hostName = config.networking.hostName;
   containerName = "gitea-runner";
   giteaRunnerUid = 991;
   giteaRunnerGid = 989;
@@ -32,9 +33,12 @@ in
       };
 
       config = { config, lib, pkgs, ... }: {
-        system.stateVersion = "25.11";
+        imports = allModules;
         nixpkgs.overlays = hostOverlays;
 
+        ntfy-alerts.ignoredUnits = [ "logrotate" ];
+        ntfy-alerts.hostLabel = "${hostName}/${containerName}";
+
         services.gitea-actions-runner.instances.inst = {
           enable = true;
           name = containerName;