mirror of
https://codeberg.org/privacy1st/nix-git
synced 2025-01-10 05:01:20 +01:00
55 lines
1.4 KiB
Nix
55 lines
1.4 KiB
Nix
{ config, pkgs, ... }:
|
|
{
|
|
imports = [
|
|
./syncthing.nix
|
|
];
|
|
|
|
# Operating a Snowflake proxy helps others circumvent censorship.
|
|
# Safe to run.
|
|
# https://wiki.nixos.org/w/index.php?title=Tor
|
|
#
|
|
# TODO: Check if working.
|
|
# systemctl status snowflake-proxy.service
|
|
#
|
|
# Enable snowflake-proxy, a system to defeat internet censorship.
|
|
services.snowflake-proxy.enable = true;
|
|
# Maximum concurrent clients allowed.
|
|
services.snowflake-proxy.capacity = 10;
|
|
|
|
# Update and start Jinja-Compose project
|
|
# during boot and after every 30 minutes.
|
|
# To view the log, run
|
|
# journalctl -b -u Jinja-Compose -f
|
|
#
|
|
systemd.timers."Jinja-Compose" = {
|
|
wantedBy = [ "timers.target" ];
|
|
partOf = [ "Jinja-Compose.service" ];
|
|
timerConfig = {
|
|
OnBootSec = "0m";
|
|
OnUnitInactiveSec = "30m";
|
|
|
|
AccuracySec = "1m";
|
|
RandomizedDelaySec = "1m";
|
|
};
|
|
};
|
|
# TODO: Add shutdown script (./docker-compose down).
|
|
systemd.services."Jinja-Compose" = {
|
|
description = "Update and start Jinja-Compose project";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
PrivateTmp = true;
|
|
User = "root";
|
|
};
|
|
path = with pkgs; [
|
|
# The `docker-compose` helper script is written in `bash` (!)
|
|
bash
|
|
docker
|
|
];
|
|
script = ''
|
|
set -eu -o pipefail
|
|
/jc-config/docker-compose pull
|
|
/jc-config/docker-compose up -d --wait
|
|
'';
|
|
};
|
|
}
|