config/hosts/TITAN/extras/attic-upload-daemon.nix

39 lines
1.1 KiB
Nix

{ config, pkgs, inputs, ... }:
let
toml = pkgs.formats.toml {};
atticConfig = toml.generate "attic-upload-config.toml" {
default-server = "cache";
servers.cache.endpoint = "https://cache-api.privatevoid.net";
};
inherit (inputs.attic.packages.${pkgs.system}) attic;
in
{
age.secrets.attic-upload-key = {
file = ../../../secrets/attic-upload-key.age;
mode = "0400";
};
systemd.services.attic-upload = {
description = "Attic Uploader";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
path = [ config.nix.package ];
environment.XDG_CONFIG_HOME = "/tmp/attic-upload";
preStart = ''
install -dm700 "$XDG_CONFIG_HOME/attic"
cp --no-preserve=mode ${atticConfig} "$XDG_CONFIG_HOME/attic/config.toml"
echo "token = \"$ATTIC_TOKEN\"" >> "$XDG_CONFIG_HOME/attic/config.toml"
'';
serviceConfig = {
ExecStart = "${attic}/bin/attic watch-store nix-store";
Restart = "always";
RestartSec = "10s";
DynamicUser = true;
EnvironmentFile = config.age.secrets.attic-upload-key.path;
};
};
}