nix/hosts/marvin/services/ory-hydra.nix

{pkgs, config, ...}: {
  users.users.ory-hydra = {
    group = "ory-hydra";
    isSystemUser = true;
  };
  users.groups.ory-hydra = { };

  systemd.services.ory-hydra = {
    wantedBy = [ "multi-user.target" ];
    after = [ "network.target" ];
    serviceConfig = {
      Description = "Ory Hydra OIDC Server";
      ExecStart = "${pkgs.my-pkgs.ory-hydra}/bin/hydra -c /run/agenix/hydra.yml serve";
      Restart = "on-failure";
      RestartSec = "5s";
      User = "ory-hydra";
      Group = "ory-hydra";
      Type = "notify";
      TimeoutStartSec = 0;
      StartLimitIntervalSec = 0;
      ReadWriteDirectories = "/run/agenix";
      EnvironmentFile = "/run/agenix/ory-hydra-vars";
    };
  };
}