39 lines
1.1 KiB
Nix
39 lines
1.1 KiB
Nix
{ config, pkgs, inputs, ... }:
|
|
|
|
let
|
|
toml = pkgs.formats.toml {};
|
|
atticConfig = toml.generate "attic-upload-config.toml" {
|
|
default-server = "cache";
|
|
servers.cache.endpoint = "https://cache-api.privatevoid.net";
|
|
};
|
|
|
|
inherit (inputs.attic.packages.${pkgs.system}) attic;
|
|
in
|
|
|
|
{
|
|
age.secrets.attic-upload-key = {
|
|
file = ../../../secrets/attic-upload-key.age;
|
|
mode = "0400";
|
|
};
|
|
|
|
systemd.services.attic-upload = {
|
|
description = "Attic Uploader";
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network-online.target" ];
|
|
wants = [ "network-online.target" ];
|
|
path = [ config.nix.package ];
|
|
environment.XDG_CONFIG_HOME = "/tmp/attic-upload";
|
|
preStart = ''
|
|
install -dm700 "$XDG_CONFIG_HOME/attic"
|
|
cp --no-preserve=mode ${atticConfig} "$XDG_CONFIG_HOME/attic/config.toml"
|
|
echo "token = \"$ATTIC_TOKEN\"" >> "$XDG_CONFIG_HOME/attic/config.toml"
|
|
'';
|
|
serviceConfig = {
|
|
ExecStart = "${attic}/bin/attic watch-store nix-store";
|
|
Restart = "always";
|
|
RestartSec = "10s";
|
|
DynamicUser = true;
|
|
EnvironmentFile = config.age.secrets.attic-upload-key.path;
|
|
};
|
|
};
|
|
}
|