totoro: add raritan-sslrenew service

This commit is contained in:
Luke Granger-Brown 2021-07-17 01:45:31 +00:00
parent 74fe28add8
commit 4c5f3f2d38

View file

@ -396,6 +396,7 @@ in {
systemd.services.alertmanager-discord = {
enable = true;
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${depot.pkgs.alertmanager-discord}/bin/alertmanager-discord -listen.address 127.0.0.1:9997";
EnvironmentFile = pkgs.writeText "discord-secret" ''
@ -411,5 +412,33 @@ in {
};
};
systemd.services.sslrenew-raritan = {
enable = true;
after = [ "network-online.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = "${depot.ops.raritan.ssl-renew}/lego.sh";
EnvironmentFile = pkgs.writeText "sslrenew-secret" ''
CERTIFICATE_DOMAIN=kvm.lukegb.xyz
LETSENCRYPT_EMAIL=letsencrypt@lukegb.com
CF_DNS_API_TOKEN=${secrets.cloudflareCredentials.token}
RARITAN_IP=192.168.1.50
RARITAN_USERNAME=${secrets.raritan.sslrenew.username}
RARITAN_PASSWORD=${secrets.raritan.sslrenew.password}
'';
DynamicUser = true;
StateDirectory = "sslrenew-raritan";
StateDirectoryMode = "0700";
WorkingDirectory = "/var/lib/sslrenew-raritan";
};
};
systemd.timers.sslrenew-raritan = {
enable = true;
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
};
};
system.stateVersion = "20.03";
}