krebs.systemd.services: restart by LoadCredential
This commit is contained in:
parent
9d65a3cdd8
commit
d6ebd497f0
@ -50,6 +50,7 @@ let
|
|||||||
./shadow.nix
|
./shadow.nix
|
||||||
./ssl.nix
|
./ssl.nix
|
||||||
./sync-containers.nix
|
./sync-containers.nix
|
||||||
|
./systemd.nix
|
||||||
./tinc.nix
|
./tinc.nix
|
||||||
./tinc_graphs.nix
|
./tinc_graphs.nix
|
||||||
./upstream
|
./upstream
|
||||||
|
51
krebs/3modules/systemd.nix
Normal file
51
krebs/3modules/systemd.nix
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
{ config, options, pkgs, ... }: let {
|
||||||
|
lib = import ../../lib;
|
||||||
|
|
||||||
|
body.options.krebs.systemd.services = lib.mkOption {
|
||||||
|
default = {};
|
||||||
|
type = lib.types.attrs;
|
||||||
|
description = ''
|
||||||
|
Definition of systemd service units with bonus features.
|
||||||
|
|
||||||
|
Services defined using this option will be restarted whenever any file
|
||||||
|
(described by an absolute path) used in LoadCredential changes.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
body.config.systemd =
|
||||||
|
lib.mkMerge
|
||||||
|
(lib.flatten
|
||||||
|
(lib.mapAttrsToList (serviceName: cfg: let
|
||||||
|
prefix = [ "krebs" "systemd" "services" serviceName ];
|
||||||
|
opts = options.systemd.services.type.getSubOptions prefix;
|
||||||
|
|
||||||
|
paths =
|
||||||
|
lib.filter
|
||||||
|
lib.types.absolute-pathname.check
|
||||||
|
(map
|
||||||
|
(lib.compose [ lib.maybeHead (lib.match "[^:]*:(.*)") ])
|
||||||
|
(cfg.serviceConfig.LoadCredential or []));
|
||||||
|
in
|
||||||
|
lib.singleton {
|
||||||
|
services.${serviceName} = cfg;
|
||||||
|
}
|
||||||
|
++
|
||||||
|
lib.optionals (cfg.enable or opts.enable.default) (map (path: let
|
||||||
|
triggerName = "trigger-${lib.systemd.encodeName path}";
|
||||||
|
in {
|
||||||
|
paths.${triggerName} = {
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
pathConfig.PathChanged = path;
|
||||||
|
};
|
||||||
|
services.${triggerName} = {
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
ExecStart = lib.singleton (toString [
|
||||||
|
"${pkgs.systemd}/bin/systemctl restart"
|
||||||
|
(lib.shell.escape serviceName)
|
||||||
|
]);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}) paths)
|
||||||
|
) config.krebs.systemd.services));
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user