ALPHA: wire is a tool to deploy nixos systems
wire.althaea.zone/
althaea.zone
1# SPDX-License-Identifier: AGPL-3.0-or-later
2# Copyright 2024-2025 wire Contributors
3
4{
5 pkgs,
6 lib,
7 config,
8 ...
9}:
10{
11 config = {
12 systemd = {
13 paths = lib.mapAttrs' (
14 _name: value:
15 lib.nameValuePair "${value.name}-key" {
16 description = "Monitor changes to ${value.path}. You should Require ${value.service} instead of this.";
17 pathConfig = {
18 PathExists = value.path;
19 PathChanged = value.path;
20 Unit = "${value.name}-key.service";
21 };
22 }
23 ) config.deployment.keys;
24
25 services = lib.mapAttrs' (
26 _name: value:
27 lib.nameValuePair "${value.name}-key" {
28 description = "Service that requires ${value.path}";
29 path = [
30 pkgs.inotify-tools
31 pkgs.coreutils
32 ];
33 script = ''
34 MSG="Key ${value.path} exists."
35 systemd-notify --ready --status="$MSG"
36
37 echo "waiting to fail if the key is removed..."
38
39 while inotifywait -e delete_self "${value.path}"; do
40 MSG="Key ${value.path} no longer exists."
41
42 systemd-notify --status="$MSG"
43 echo $MSG
44
45 exit 1
46 done
47 '';
48 unitConfig = {
49 ConditionPathExists = value.path;
50 };
51 serviceConfig = {
52 Type = "simple";
53 Restart = "no";
54 NotifyAccess = "all";
55 RemainAfterExit = "yes";
56 };
57 }
58 ) config.deployment.keys;
59 };
60
61 deployment = {
62 _keys = lib.mapAttrsToList (
63 _: value:
64 value
65 // {
66 source = {
67 # Attach type to internally tag serde enum
68 t = builtins.replaceStrings [ "path" "string" "list" ] [ "Path" "String" "Command" ] (
69 builtins.typeOf value.source
70 );
71 c = value.source;
72 };
73 }
74 ) config.deployment.keys;
75
76 _hostPlatform = config.nixpkgs.hostPlatform.system;
77 };
78 };
79}