54 lines
1.4 KiB
Nix
54 lines
1.4 KiB
Nix
{ pkgs, ... }:
|
|
let
|
|
crowdsec-service = "crowdsec-prefix";
|
|
tailscale-cloudflare-dns-sync-service = "tailscale-cloudflare-dns-sync";
|
|
certbot-generic-cert-service = "certbot-renew";
|
|
in
|
|
{
|
|
systemd.services = {
|
|
|
|
${crowdsec-service} = {
|
|
enable = true;
|
|
description = "Get IPv6 Prefix to add to Crowdsec Whitelist";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "/mnt/lilly-ssd/appdata/crowdsec/crowdsec-prefix-change-script/checkprefix.sh";
|
|
WorkingDirectory = "/mnt/lilly-ssd/appdata/crowdsec/crowdsec-prefix-change-script";
|
|
};
|
|
};
|
|
|
|
${tailscale-cloudflare-dns-sync-service} = {
|
|
enable = true;
|
|
description = "Start the tailscale-cloudflare-dns-sync Docker container";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "${pkgs.docker}/bin/docker start tailscale-cloudflare-dns-sync";
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.timers = {
|
|
|
|
${crowdsec-service} = {
|
|
enable = true;
|
|
description = "Run Crowdsec-Prefix check regularly.";
|
|
timerConfig = {
|
|
OnCalendar = "*:0/5";
|
|
Persistent = true;
|
|
};
|
|
wantedBy = [ "timers.target" ];
|
|
};
|
|
|
|
${tailscale-cloudflare-dns-sync-service} = {
|
|
enable = true;
|
|
description = "Run tailscale-cloudflare-dns-sync every 10 minutes";
|
|
timerConfig = {
|
|
OnBootSec = "10min";
|
|
OnUnitActiveSec = "10min";
|
|
Persistent = true;
|
|
};
|
|
wantedBy = [ "timers.target" ];
|
|
};
|
|
};
|
|
}
|