niksos/hosts/chmura/discord-autodelete.nix

{
    config,
    pkgs,
    ...
}: let
    service-name = "discord-autodelete";
    uid = 989;
    gid = 5638;
in {
    age.secrets.discord-autodelete-config.file = ../../secrets/discord-autodelete-config.age;

    users = {
        users.${service-name} = {
            isSystemUser = true;
            group = service-name;
            home = "/var/lib/${service-name}";
            inherit uid;
            subUidRanges = [{
                startUid = 200000;
                count = 65536;
            }];
            subGidRanges = [{
                startGid = 200000;
                count = 65536;
            }];
        };
        groups = {
            ${service-name}.gid = gid;
        };
    };

    services.dbus.enable = true;

    environment.systemPackages = with pkgs; [ dbus ];

    systemd.tmpfiles.rules = [
      "d /var/lib/${service-name} 0700 ${service-name} ${builtins.toString gid}"
      "d /var/lib/${service-name}/data 0700 ${service-name} ${builtins.toString gid}"
    ];

    systemd.services."${config.virtualisation.oci-containers.backend}-${service-name}".serviceConfig = {
        User = service-name;
    };

    virtualisation.oci-containers.containers.${service-name} = {
        image = "ksurl/autodelete-discord";
        autoStart = true;
        ports = [ "5638:5638" ];
        volumes = [
            "/var/lib/${service-name}/data:/${service-name}/data"
            "${config.age.secrets.discord-autodelete-config.path}:/${service-name}/config.yml"
        ];
        user = "${service-name}:${service-name}";
    };
}
feat: huge 2023-10-03 19:22:24 +02:00			`{`
			`config,`
			`pkgs,`
			`...`
			`}: let`
			`service-name = "discord-autodelete";`
			`uid = 989;`
			`gid = 5638;`
			`in {`
			`age.secrets.discord-autodelete-config.file = ../../secrets/discord-autodelete-config.age;`

			`users = {`
			`users.${service-name} = {`
			`isSystemUser = true;`
			`group = service-name;`
			`home = "/var/lib/${service-name}";`
			`inherit uid;`
			`subUidRanges = [{`
			`startUid = 200000;`
			`count = 65536;`
			`}];`
			`subGidRanges = [{`
			`startGid = 200000;`
			`count = 65536;`
			`}];`
			`};`
			`groups = {`
			`${service-name}.gid = gid;`
			`};`
			`};`

			`services.dbus.enable = true;`

			`environment.systemPackages = with pkgs; [ dbus ];`

			`systemd.tmpfiles.rules = [`
			`"d /var/lib/${service-name} 0700 ${service-name} ${builtins.toString gid}"`
			`"d /var/lib/${service-name}/data 0700 ${service-name} ${builtins.toString gid}"`
			`];`

			`systemd.services."${config.virtualisation.oci-containers.backend}-${service-name}".serviceConfig = {`
			`User = service-name;`
			`};`

			`virtualisation.oci-containers.containers.${service-name} = {`
			`image = "ksurl/autodelete-discord";`
			`autoStart = true;`
			`ports = [ "5638:5638" ];`
			`volumes = [`
			`"/var/lib/${service-name}/data:/${service-name}/data"`
			`"${config.age.secrets.discord-autodelete-config.path}:/${service-name}/config.yml"`
			`];`
			`user = "${service-name}:${service-name}";`
			`};`
			`}`