Services: use 'requiresMountFor' with Syncthing
This commit is contained in:
parent
86f7864f8f
commit
38c0c493f2
14
flake.lock
14
flake.lock
|
@ -297,11 +297,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1725407940,
|
||||
"narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=",
|
||||
"lastModified": 1725693463,
|
||||
"narHash": "sha256-ZPzhebbWBOr0zRWW10FfqfbJlan3G96/h3uqhiFqmwg=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3",
|
||||
"rev": "68e7dce0a6532e876980764167ad158174402c6f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -378,11 +378,11 @@
|
|||
"secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1725641701,
|
||||
"narHash": "sha256-bTnYSs06iwnS6a1jYLpwjwVpFcP/iDs/6q5gnFcO+sQ=",
|
||||
"lastModified": 1725813930,
|
||||
"narHash": "sha256-UxqJm3MlHVrPofm/4Z1dR9Xpo49Xc0HGQ/Mg/bQ5oqI=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "25576ffa753b96e2289380feb81d3ed82e00cbc7",
|
||||
"revCount": 68,
|
||||
"rev": "2e559fbe36dc49c3ea63cc9856b899eb9269950f",
|
||||
"revCount": 69,
|
||||
"type": "git",
|
||||
"url": "file:./secrets"
|
||||
},
|
||||
|
|
|
@ -170,7 +170,6 @@ in
|
|||
};
|
||||
nginx = {
|
||||
enable = true;
|
||||
autostart = false;
|
||||
virtualHosts = {
|
||||
"${config.secrets.networking.domains.primary}" = {
|
||||
default = true;
|
||||
|
@ -219,7 +218,7 @@ in
|
|||
services = {
|
||||
syncthing = {
|
||||
enable = true;
|
||||
autostart = false;
|
||||
home = "${services-root}/syncthing/aires";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -7,8 +7,6 @@ let
|
|||
|
||||
# Where to store service files
|
||||
services-root = "/storage/services";
|
||||
# Script to start services
|
||||
start-services = pkgs.writeShellScriptBin "start-services" (builtins.readFile ./start-services.sh);
|
||||
|
||||
# Credentials for interacting with the Namecheap API
|
||||
namecheapCredentials = {
|
||||
|
@ -83,9 +81,6 @@ in
|
|||
# Enable GPU support.
|
||||
gpu.amd.enable = true;
|
||||
|
||||
# Install script to get the system up and running after boot.
|
||||
packages = [ start-services ];
|
||||
|
||||
# Enable support for primary RAID array
|
||||
raid.storage.enable = true;
|
||||
|
||||
|
@ -168,7 +163,6 @@ in
|
|||
};
|
||||
nginx = {
|
||||
enable = true;
|
||||
autostart = false;
|
||||
virtualHosts = {
|
||||
"${config.secrets.networking.domains.primary}" = {
|
||||
default = true;
|
||||
|
@ -214,7 +208,7 @@ in
|
|||
services = {
|
||||
syncthing = {
|
||||
enable = true;
|
||||
autostart = false;
|
||||
home = "${services-root}/syncthing/aires";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh
|
||||
# Script to unlock the /storage partition and start up services that depend on it.
|
||||
|
||||
# check if the current user is root
|
||||
if [ "$(id -u)" != "0" ]; then
|
||||
echo "This script must be run as root" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Unlock and mount storage directory if we haven't already
|
||||
if [ -e "/dev/mapper/storage" ]; then
|
||||
echo "Storage partition already mounted."
|
||||
else
|
||||
echo "Unlocking storage partition..."
|
||||
cryptsetup luksOpen /dev/md/Sapana storage
|
||||
mount /dev/mapper/storage /storage
|
||||
echo "Storage partition mounted."
|
||||
fi
|
||||
|
||||
echo "Starting services..."
|
||||
systemctl restart deluged.service delugeweb.service duplicacy-web.service forgejo.service jellyfin.service
|
||||
systemctl --machine aires@.host --user start syncthing.service
|
||||
systemctl restart nginx.service
|
||||
echo "Services started. $(hostname) is ready to go!"
|
||||
|
||||
exit 0
|
|
@ -76,12 +76,7 @@ in
|
|||
|
||||
users.aires = {
|
||||
enable = true;
|
||||
services = {
|
||||
syncthing = {
|
||||
enable = true;
|
||||
autostart = true;
|
||||
};
|
||||
};
|
||||
services.syncthing.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ in
|
|||
enable = true;
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
autostart = true;
|
||||
home = "/home/aires/.config/syncthing";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -6,7 +6,6 @@ in
|
|||
{
|
||||
options = {
|
||||
aux.system.services.nginx = {
|
||||
autostart = lib.mkEnableOption "Whether to autostart Nginx at boot.";
|
||||
enable = lib.mkEnableOption "Enable the Nginx web server.";
|
||||
|
||||
virtualHosts = lib.mkOption {
|
||||
|
@ -37,8 +36,5 @@ in
|
|||
443
|
||||
];
|
||||
};
|
||||
|
||||
# Disable autostart if configured
|
||||
systemd.services.nginx = lib.mkIf (!cfg.autostart) { wantedBy = lib.mkForce [ ]; };
|
||||
};
|
||||
}
|
||||
|
|
|
@ -20,6 +20,19 @@ in
|
|||
MAILADDR ${config.secrets.users.aires.email}
|
||||
'';
|
||||
|
||||
# Auto-unlock RAID array with a key file
|
||||
environment.etc."crypttab".text = ''
|
||||
storage /dev/md/Sapana ${config.secrets.devices.storage.keyFile.path} nofail,keyfile-timeout=5s
|
||||
'';
|
||||
fileSystems."/storage" = {
|
||||
device = "/dev/mapper/storage";
|
||||
# Keep booting even if the array fails to unlock
|
||||
options = [
|
||||
"nofail"
|
||||
"x-systemd.device-timeout=5s"
|
||||
];
|
||||
};
|
||||
|
||||
# Automatically scrub the array monthly
|
||||
systemd = {
|
||||
services."raid-scrub" = {
|
||||
|
|
|
@ -18,10 +18,10 @@ in
|
|||
services.syncthing = {
|
||||
enable = lib.mkEnableOption "Enables Syncthing";
|
||||
enableTray = lib.mkEnableOption "Enables the Syncthing Tray application";
|
||||
autostart = lib.mkOption {
|
||||
default = true;
|
||||
type = lib.types.bool;
|
||||
description = "Whether to auto-start Syncthing on boot";
|
||||
home = lib.mkOption {
|
||||
default = "${config.users.users.aires.home}/.config/syncthing";
|
||||
type = lib.types.str;
|
||||
description = "Where to store Syncthing's configuration files";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -135,15 +135,12 @@ in
|
|||
enable = true;
|
||||
extraOptions = [
|
||||
"--gui-address=0.0.0.0:8080"
|
||||
"--home=${config.users.users.aires.home}/.config/syncthing"
|
||||
"--home=${cfg.services.syncthing.home}"
|
||||
"--no-default-folder"
|
||||
];
|
||||
};
|
||||
|
||||
# Override the default Syncthing settings so it doesn't start on boot
|
||||
systemd.user.services."syncthing" = lib.mkIf (!cfg.services.syncthing.autostart) {
|
||||
wantedBy = lib.mkForce { };
|
||||
};
|
||||
systemd.user.services."syncthing".unitConfig.requiresMountsFor = cfg.services.syncthing.home;
|
||||
};
|
||||
})
|
||||
]
|
||||
|
|
|
@ -17,10 +17,10 @@ in
|
|||
services.syncthing = {
|
||||
enable = lib.mkEnableOption "Enables Syncthing";
|
||||
enableTray = lib.mkEnableOption "Enables the Syncthing Tray application";
|
||||
autostart = lib.mkOption {
|
||||
default = true;
|
||||
type = lib.types.bool;
|
||||
description = "Whether to auto-start Syncthing on boot";
|
||||
home = lib.mkOption {
|
||||
default = "${config.users.users.gremlin.home}/.config/syncthing";
|
||||
type = lib.types.str;
|
||||
description = "Where to store Syncthing's configuration files";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -126,15 +126,12 @@ in
|
|||
enable = true;
|
||||
extraOptions = [
|
||||
"--gui-address=0.0.0.0:8081"
|
||||
"--home=${config.users.users.gremlin.home}/.config/syncthing"
|
||||
"--home=${cfg.services.syncthing.home}"
|
||||
"--no-default-folder"
|
||||
];
|
||||
};
|
||||
|
||||
# Override the default Syncthing settings so it doesn't start on boot
|
||||
systemd.user.services."syncthing" = lib.mkIf (!cfg.services.syncthing.autostart) {
|
||||
wantedBy = lib.mkForce { };
|
||||
};
|
||||
systemd.user.services."syncthing".unitConfig.requiresMountsFor = cfg.services.syncthing.home;
|
||||
};
|
||||
})
|
||||
];
|
||||
|
|
2
secrets
2
secrets
|
@ -1 +1 @@
|
|||
Subproject commit 25576ffa753b96e2289380feb81d3ed82e00cbc7
|
||||
Subproject commit 2e559fbe36dc49c3ea63cc9856b899eb9269950f
|
Loading…
Reference in a new issue