kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-10 04:49:19 -08:00
Code Issues Projects Releases Packages Wiki Activity

project-wide: Cleanup and services + private overhaul

Browse source
This commit is contained in:
kat witch 2021-04-28 04:01:11 +01:00
parent 5f2309c773
commit f4b4ab2b28
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
36 changed files with 70 additions and 408 deletions
Download patch file Download diff file Expand all files Collapse all files

26
services/syncplay.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, witch, ... }:
{ config, lib, pkgs, tf, ... }:
with lib;
@ -21,16 +21,32 @@ with lib;
cname.target = "athame.kittywit.ch.";
};
deploy.tf.variables.syncplay_pass = {
type = "string";
value.shellCommand = "bitw get infra/syncplay-server -f password";
};
deploy.tf.variables.syncplay_salt = {
type = "string";
value.shellCommand = "bitw get infra/syncplay-salt -f password";
};
secrets.files.syncplay-env = {
text = ''
SYNCPLAY_PASSWORD=${tf.variables.syncplay_pass.ref}
SYNCPLAY_SALT=${tf.variables.syncplay_salt.ref}
'';
owner = "syncplay";
group = "sync-cert";
};
systemd.services.syncplay = {
environment = {
SYNCPLAY_PASSWORD = witch.secrets.hosts.athame.syncplay.password;
SYNCPLAY_SALT = witch.secrets.hosts.athame.syncplay.salt;
};
description = "Syncplay Service";
wantedBy = singleton "multi-user.target";
after = singleton "network-online.target";
serviceConfig = {
EnvironmentFile = config.secrets.files.syncplay-env.path;
ExecStart =
"${pkgs.syncplay}/bin/syncplay-server --port 8999 --tls /var/lib/acme/sync.kittywit.ch/ --disable-ready";
User = "syncplay";