widetom in systemd

2026-01-14 16:55:00 +01:00 · 2025-08-03 17:03:25 +02:00 · 2025-08-03 17:03:25 +02:00 · 1c94ed5f5d
commit 1c94ed5f5d
parent 0d83cecc9f
2 changed files with 46 additions and 31 deletions
--- a/nix/apps/widetom/default.nix
+++ b/nix/apps/widetom/default.nix
@ -1,33 +1,47 @@
-{ config, ... }: {
-  age.secrets.widetom_bot_token.file = ../../secrets/widetom_bot_token.age;
-  age.secrets.widetom_config_toml.file = ../../secrets/widetom_config_toml.age;
-
-  virtualisation.oci-containers.containers = {
-    /*
-      container_name: widetom
-      image: "docker.noratrieb.dev/widetom:33d17387"
-      restart: always
-      volumes:
-        - "/apps/widetom:/app/config"
-      environment:
-        CONFIG_PATH: /app/config/config.toml
-        BOT_TOKEN_PATH: /app/config/bot_token
-    */
-    widetom = {
-      image = "docker.noratrieb.dev/widetom:33d17387";
-      volumes = [
-        "${config.age.secrets.widetom_config_toml.path}:/config.toml"
-        "${config.age.secrets.widetom_bot_token.path}:/token"
-      ];
-      environment = {
-        CONFIG_PATH = "/config.toml";
-        BOT_TOKEN_PATH = "/token";
-      };
-      login = {
-        registry = "docker.noratrieb.dev";
-        username = "nils";
-        passwordFile = config.age.secrets.docker_registry_password.path;
-      };
+{ config, pkgs, lib, my-projects-versions, ... }:
+let
+  widetom = pkgs.rustPlatform.buildRustPackage {
+    src = pkgs.fetchFromGitHub {
+      owner = "Noratrieb";
+      repo = "widetom";
+      rev = my-projects-versions.widetom;
+      hash = "sha256-lSjlDozwKRLF62jsDaWo+8+rcQdeEgurEnuw00hk3o8=";
+    };
+    pname = "widetom";
+    version = "0.1.0";
+    cargoHash = "sha256-AWbdPcDc+QOW7U/FYbqlIsg+3MwfggKCTCw1z/ZbSEE=";
+    meta = {
+      mainProgram = "widertom";
    };
  };
+in
+{
+  age.secrets.widetom_bot_token = {
+    file = ../../secrets/widetom_bot_token.age;
+    owner = config.users.users.widetom.name;
+  };
+  age.secrets.widetom_config_toml = {
+    file = ../../secrets/widetom_config_toml.age;
+    owner = config.users.users.widetom.name;
+  };
+
+  systemd.services.widetom = {
+    description = "widetom, the extremely funny discord bot";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    environment = {
+      BOT_TOKEN_PATH = config.age.secrets.widetom_bot_token.path;
+      CONFIG_PATH = config.age.secrets.widetom_config_toml.path;
+    };
+    serviceConfig = {
+      DynamicUser = true;
+      ExecStart = lib.getExe widetom;
+    };
+  };
+
+  users.users.widetom = {
+    group = "widetom";
+    isSystemUser = true;
+  };
+  users.groups.widetom = { };
 }