mirror of
https://github.com/Gerg-L/nixos.git
synced 2025-12-09 16:33:57 -05:00
117 lines
2.6 KiB
Nix
117 lines
2.6 KiB
Nix
{
|
|
self',
|
|
lib,
|
|
config,
|
|
}:
|
|
{
|
|
sops = {
|
|
secrets =
|
|
{
|
|
lavalink = {
|
|
sopsFile = ./secrets.yaml;
|
|
restartUnits = [
|
|
"vocard.service"
|
|
"lavalink.service"
|
|
];
|
|
};
|
|
|
|
}
|
|
// builtins.listToAttrs (
|
|
map
|
|
(x: {
|
|
name = "vocard/${x}";
|
|
value.sopsFile = ./secrets.yaml;
|
|
})
|
|
[
|
|
"token"
|
|
"client_id"
|
|
"spotify_client_id"
|
|
"spotify_client_secret"
|
|
"password"
|
|
]
|
|
);
|
|
|
|
templates.vocard = {
|
|
restartUnits = [
|
|
"vocard.service"
|
|
"lavalink.service"
|
|
];
|
|
content =
|
|
builtins.replaceStrings
|
|
[
|
|
"@token@"
|
|
"@client_id@"
|
|
"@spotify_client_id@"
|
|
"@spotify_client_secret@"
|
|
"@password@"
|
|
]
|
|
(builtins.attrValues {
|
|
inherit (config.sops.placeholder)
|
|
"vocard/token"
|
|
"vocard/client_id"
|
|
"vocard/spotify_client_id"
|
|
"vocard/spotify_client_secret"
|
|
"vocard/password"
|
|
;
|
|
})
|
|
(builtins.readFile ./settings.json);
|
|
};
|
|
};
|
|
|
|
systemd.services = {
|
|
vocard = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
bindsTo = [ "lavalink.service" ];
|
|
|
|
requires = [
|
|
"network-online.target"
|
|
"ferretdb.service"
|
|
];
|
|
after = [
|
|
"syslog.target"
|
|
"network-online.target"
|
|
"lavalink.service"
|
|
"ferretdb.service"
|
|
];
|
|
serviceConfig = {
|
|
ExecStart = lib.getExe self'.packages.vocard;
|
|
DynamicUser = true;
|
|
LoadCredential = "settings.json:${config.sops.templates.vocard.path}";
|
|
Restart = "on-failure";
|
|
RestartSec = "30s";
|
|
};
|
|
};
|
|
|
|
lavalink = {
|
|
wants = [ "network-online.target" ];
|
|
after = [
|
|
"syslog.target"
|
|
"network-online.target"
|
|
];
|
|
|
|
environment.LAVALINK_PLUGINS_DIR = self'.packages.lavalinkPlugins;
|
|
|
|
serviceConfig = {
|
|
ExecStart = "${lib.getExe self'.packages.lavalink} --spring.config.location='file:${./application.yml}'";
|
|
DynamicUser = true;
|
|
EnvironmentFile = config.sops.secrets.lavalink.path;
|
|
Restart = "on-failure";
|
|
RestartSec = "30s";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.ferretdb.enable = true;
|
|
|
|
systemd.mounts = [
|
|
{
|
|
what = "/persist/services/ferretdb";
|
|
where = "/var/lib/private/ferretdb";
|
|
wantedBy = [ "ferretdb.service" ];
|
|
bindsTo = [ "ferretdb.service" ];
|
|
type = "none";
|
|
options = "bind";
|
|
}
|
|
];
|
|
}
|