Files
.github
.vscode
docs
hydra
keys
lib
modules
systems
artemision
bob
jeeves
docker
scripts
arch_mirror.nix
configuration.nix
default.nix
hardware.nix
programs.nix
secrets.yaml
services.nix
snapshot_config.toml
vars.nix
jeeves-jr
palatine-hill
rhapsody-in-green
users
utils
.envrc
.gitconfig
.gitignore
.sops.yaml
CONTRIBUTING.md
README.md
checks.nix
flake.lock
flake.nix
shell.nix
sops-mergetool.sh
statix.toml
treefmt.toml
nix-dotfiles/systems/jeeves/services.nix
2024-07-27 00:26:14 +00:00

53 lines
1.3 KiB
Nix

{
config,
inputs,
pkgs,
...
}:
{
systemd = {
services = {
plex_permission = {
description = "maintains /zfs/storage/plex permissions";
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.bash}/bin/bash ${./scripts/plex_permission.sh}";
};
};
startup_validation = {
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "validates startup";
path = [ pkgs.zfs ];
serviceConfig = {
EnvironmentFile = config.sops.secrets."server-validation/webhook".path;
Type = "oneshot";
ExecStart = "${inputs.server_tools.packages.x86_64-linux.default}/bin/validate_jeeves";
};
};
};
timers = {
plex_permission = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "1h";
OnCalendar = "daily 03:00";
Unit = "plex_permission.service";
};
};
startup_validation = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "10min";
Unit = "startup_validation.service";
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets."server-validation/webhook".owner = "root";
};
}