From ebccb4f47a11c79629bfddb7cafde0f0f68cf843 Mon Sep 17 00:00:00 2001
From: kurogeek <kurogeek@lmvhaus.com>
Date: Wed, 17 Jun 2026 18:04:56 +0700
Subject: [PATCH] mob next [ci-skip] [ci skip] [skip ci]

lastFile:machines/rigel/configuration.nix
---
 inventories/default.nix          |  1 -
 machines/rigel/configuration.nix | 13 ++++++++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/inventories/default.nix b/inventories/default.nix
index a2e3330..7005a96 100644
--- a/inventories/default.nix
+++ b/inventories/default.nix
@@ -327,7 +327,6 @@
                 enable = true;
                 homeserverUrl = "https://matrix.org";
                 matrixUser = "@kuroiris:matrix.org";
-                tokenFile = "";
                 matrixRooms = [
                   {
                     receivers = [
diff --git a/machines/rigel/configuration.nix b/machines/rigel/configuration.nix
index b963b13..5da61e2 100644
--- a/machines/rigel/configuration.nix
+++ b/machines/rigel/configuration.nix
@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, pkgs, ... }:
 {
   system.stateVersion = "25.11";
   clan.core.sops.defaultGroups = [ "admins" ];
@@ -8,12 +8,23 @@
   clan.core.vars.generators.prometheus = {
     files.envFile.secret = true;
     files.matrix-alertmanager-token.secret = true;
+    files.matrix-alertmanager-secret.secret = true;
     script = ''
       echo "" > $out/envFile
       echo "" > $out/matrix-alertmanager-token
+      openssl rand -hex 32 > "$out"/matrix-alertmanager-secret
     '';
+    runtimeInputs = [
+      pkgs.openssl
+    ];
   };
+
   services.prometheus.alertmanager.environmentFile =
     config.clan.core.vars.generators.prometheus.files.envFile.path;
 
+  services.matrix-alertmanager.tokenFile =
+    config.clan.core.vars.generators.prometheus.files.matrix-alertmanager-token.path;
+  services.matrix-alertmanager.secretFile =
+    config.clan.core.vars.generators.prometheus.files.matrix-alertmanager-secret.path;
+
 }