nix-infra/config/hosts/yate/service.nix

49 lines
1.4 KiB
Nix
Raw Normal View History

2024-06-08 22:18:23 +02:00
{ config, pkgs, ... }:
{
2024-08-06 22:06:26 +02:00
# systemd.managerEnvironment = {
# SYSTEMD_LOG_LEVEL = "debug";
# };
sops.secrets."git_clone_key" = {
mode = "0600";
2024-08-07 18:03:17 +02:00
owner = "yate";
2024-08-06 22:06:26 +02:00
group = "yate-config";
restartUnits = [ "yate.service" ];
};
2024-06-08 22:18:23 +02:00
systemd.services.yate = {
enable = true;
description = "Yate telehony engine";
unitConfig = {
2024-09-08 21:08:17 +02:00
After= "network-online.target";
2024-06-08 22:18:23 +02:00
};
serviceConfig = {
2024-08-07 18:53:15 +02:00
ExecStart = "${pkgs.yate}/bin/yate -c /etc/yate -e /etc/yate/share";
2024-06-08 22:18:23 +02:00
Type="simple";
Restart="always";
2024-08-07 18:03:17 +02:00
User="yate";
2024-08-05 20:58:09 +02:00
Group="yate-config";
StateDirectory = "yate";
StateDirectoryMode = "0775";
2024-06-08 22:18:23 +02:00
# ...
};
wantedBy = [ "default.target" ];
2024-09-08 21:08:17 +02:00
requires = [ "network-online.target" ];
2024-08-06 22:06:26 +02:00
preStart = "echo \"\n\" >> /run/secrets/git_clone_key
2024-09-08 21:08:17 +02:00
sleep 5
SSH_SUCCESS=1
2024-09-08 21:08:17 +02:00
${pkgs.openssh}/bin/ssh -q -i /run/secrets/git_clone_key forgejo@git.hamburg.ccc.de 2> /var/lib/yate/SSH_CHECK_LOG || SSH_SUCCESS=0
if [ $SSH_SUCCESS = 1 ]; then
2024-08-07 18:51:12 +02:00
rm -rf /var/lib/yate/*
rm -rf /var/lib/yate/.*
2024-09-08 21:08:17 +02:00
env GIT_SSH_COMMAND=\"${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key\" ${pkgs.git}/bin/git clone forgejo@git.hamburg.ccc.de:CCCHH/yate-config.git /var/lib/yate
2024-08-06 22:06:26 +02:00
${pkgs.git}/bin/git -C /var/lib/yate config --add safe.directory \"/var/lib/yate\"
fi";
2024-08-07 18:51:12 +02:00
2024-06-08 22:18:23 +02:00
# ...
};
}