nixos: add cachix-agent service

This commit is contained in:
Domen Kožar 2022-01-14 14:54:42 +01:00
parent 35f8dc6ecc
commit 42994be64b
2 changed files with 58 additions and 0 deletions

View File

@ -967,6 +967,7 @@
./services/security/vault.nix
./services/security/vaultwarden/default.nix
./services/security/yubikey-agent.nix
./services/system/cachix-agent/default.nix
./services/system/cloud-init.nix
./services/system/dbus.nix
./services/system/earlyoom.nix

View File

@ -0,0 +1,57 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.cachix-agent;
in {
meta.maintainers = [ lib.maintainers.domenkozar ];
options.services.cachix-agent = {
enable = mkEnableOption "Cachix Deploy Agent: https://docs.cachix.org/deploy/";
name = mkOption {
type = types.str;
description = "Agent name, usually same as the hostname";
default = config.networking.hostName;
defaultText = "config.networking.hostName";
};
profile = mkOption {
type = types.nullOr types.str;
default = null;
description = "Profile name, defaults to 'system' (NixOS).";
};
package = mkOption {
type = types.package;
default = pkgs.cachix;
defaultText = literalExpression "pkgs.cachix";
description = "Cachix Client package to use.";
};
credentialsFile = mkOption {
type = types.path;
default = "/etc/cachix-agent.token";
description = ''
Required file that needs to contain CACHIX_AGENT_TOKEN=...
'';
};
};
config = mkIf cfg.enable {
systemd.services.cachix-agent = {
description = "Cachix Deploy Agent";
after = ["network.target"];
path = [ config.nix.package ];
wantedBy = [ "multi-user.target" ];
# don't restart while changing
reloadIfChanged = true;
serviceConfig = {
Restart = "on-failure";
EnvironmentFile = cfg.credentialsFile;
ExecStart = "${cfg.package}/bin/cachix deploy agent ${cfg.name} ${if cfg.profile != null then profile else ""}";
};
};
};
}