24 lines
728 B
Nix
24 lines
728 B
Nix
{pkgs, config, ...}: {
|
|
users.users.cloudflared = {
|
|
group = "cloudflared";
|
|
isSystemUser = true;
|
|
};
|
|
users.groups.cloudflared = { };
|
|
|
|
systemd.services.cloudflared = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ];
|
|
serviceConfig = {
|
|
Description = "Cloudflared Tunnel Service";
|
|
ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --cred-file /run/agenix/cloudflared-creds";
|
|
Restart = "on-failure";
|
|
RestartSec = "5s";
|
|
User = "cloudflared";
|
|
Group = "cloudflared";
|
|
Type = "notify";
|
|
TimeoutStartSec = 0;
|
|
ReadWriteDirectories = "/run/agenix";
|
|
EnvironmentFile = "/run/agenix/cloudflared-vars";
|
|
};
|
|
};
|
|
}
|