blob: e79d15d73fce3b4bd3ef9fa72bef653e37cc5adb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
{ config, lib, pkgs, ... }:
let
pkg = pkgs.callPackage (
pkgs.fetchFromGitHub {
owner = "shackspace";
repo = "s3-power";
rev = "0687ab64";
sha256 = "1m8h4bwykv24bbgr5v51mam4wsbp5424xcrawhs4izv563jjf130";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/s3-power";
cfg = "${config.krebs.secret.directory}/shack/s3-power.json";
in {
users.users.s3_power = {
inherit home;
createHome = true;
isSystemUser = true;
group = "s3_power";
};
users.groups.shackDNS = {};
systemd.services.s3-power = {
startAt = "daily";
description = "s3-power";
environment.CONFIG = "${home}/s3-power.json";
serviceConfig = {
Type = "oneshot";
User = "s3_power";
ExecStartPre = pkgs.writeDash "s3-power-pre" ''
install -D -os3_power -m700 ${cfg} ${home}/s3-power.json
'';
WorkingDirectory = home;
PermissionsStartOnly = true;
ExecStart = "${pkg}/bin/s3-power";
PrivateTmp = true;
};
};
}
|