From ce698ab382574326999843373c89c1a07b100e0a Mon Sep 17 00:00:00 2001
From: Luke Granger-Brown <hg@lukegb.com>
Date: Fri, 18 Mar 2022 01:03:55 +0000
Subject: [PATCH] nixos/secretsmgr: add the timer unit

---
 ops/nixos/lib/secretsmgr.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/ops/nixos/lib/secretsmgr.nix b/ops/nixos/lib/secretsmgr.nix
index 9a8decc3a1..5ebed8c8aa 100644
--- a/ops/nixos/lib/secretsmgr.nix
+++ b/ops/nixos/lib/secretsmgr.nix
@@ -120,6 +120,16 @@ in
       };
     };
 
+    systemd.timers.secretsmgr = {
+      requires = ["vault-agent.service"];
+      after = ["vault-agent.service" "network-online.target"];
+
+      timerConfig = {
+        OnActiveSec = "30";
+        OnUnitInactiveSec = "30min";
+      };
+    };
+
     systemd.tmpfiles.rules = [
       "d /var/lib/acme 0711 secretsmgr secretsmgr - -"
       "d /var/lib/secretsmgr 0711 secretsmgr secretsmgr - -"