From 8598ddc1bfa2c7d1b6f7a6bfe6fbc43009386bad Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Sun, 17 Nov 2024 22:15:39 -0500
Subject: [PATCH] replace watchtower with custom script

---
 systems/palatine-hill/docker/archiveteam.nix | 31 ++++++++++++--------
 systems/palatine-hill/docker/watchtower.bash | 24 +++++++++++++++
 2 files changed, 43 insertions(+), 12 deletions(-)
 create mode 100644 systems/palatine-hill/docker/watchtower.bash

diff --git a/systems/palatine-hill/docker/archiveteam.nix b/systems/palatine-hill/docker/archiveteam.nix
index 1c327fc..a1423ea 100644
--- a/systems/palatine-hill/docker/archiveteam.nix
+++ b/systems/palatine-hill/docker/archiveteam.nix
@@ -128,18 +128,25 @@ let
   at_path = vars.primary_archiveteam;
 in
 {
-  virtualisation.oci-containers.containers =
-    (createTemplatedContainers containers container-spec)
-    // {
-      archiveteam-watchtower = {
-        image = "containrrr/watchtower:latest";
-        labels = {
-          "com.centurylinklabs.watchtower.enable" = "true";
-          "com.centurylinklabs.watchtower.scope" = "archiveteam";
-        };
-        volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ];
-        log-driver = "local";
-        cmd = lib.splitString " " "--label-enable --cleanup --interval 600";
+  virtualisation.oci-containers.containers = createTemplatedContainers containers container-spec;
+  systemd = {
+    timers."custom-watchtower@archiveteam" = {
+      wantedBy = [ "timers.target" ];
+      timerConfig = {
+        OnBootSec = "20m";
+        OnUnitActiveSec = "5m";
+        Unit = "custom-watchtower@archiveteam.service";
       };
     };
+    services."custom-watchtower@archiveteam" = {
+      bindsTo = [ "docker.service" ];
+      after = [ "docker.service" ];
+      description = "runs a watchtower-esque script for systemd-based oci-containers";
+      serviceConfig = {
+        Type = "oneshot";
+        User = "root";
+        ExecStart = "${config.nix.package}/bin/nix ${./watchtower.bash} 'com.centurylinklabs.watchtower.scope' 'archiveteam'";
+      };
+    };
+  };
 }
diff --git a/systems/palatine-hill/docker/watchtower.bash b/systems/palatine-hill/docker/watchtower.bash
new file mode 100644
index 0000000..819140a
--- /dev/null
+++ b/systems/palatine-hill/docker/watchtower.bash
@@ -0,0 +1,24 @@
+#! /usr/bin/env nix
+#! nix shell nixpkgs#docker nixpkgs#bash --command bash
+
+outdated_msg="Project code is out of date and needs to be upgraded. To remedy this problem immediately, you may reboot your warrior."
+
+label="$1"
+label_val="$2"
+
+if (( $# != 2 )); then
+    echo "usage: $0 label label_value"
+fi
+
+containers=$(docker ps --format '{{.Names}}' -f "label=${label}=${label_val}")
+
+for container in ${containers[@]}; do
+  echo "checking ${container}"
+
+  last_msg=$(docker logs -n 1 "${container}")
+
+  if [[ $last_msg =~ $outdated_msg ]]; then
+    echo "${container} is outdated, restarting"
+    systemctl restart "docker-${container}"
+  fi
+done