22 lines
529 B
Nix
22 lines
529 B
Nix
|
{ pkgs, secret, ... }:
|
||
|
|
||
|
{
|
||
|
users.users.cloudflared = {
|
||
|
group = "cloudflared";
|
||
|
isSystemUser = true;
|
||
|
};
|
||
|
|
||
|
users.groups.cloudflared = { };
|
||
|
|
||
|
systemd.services.my_tunnel = {
|
||
|
wantedBy = [ "multi-user.target" ];
|
||
|
after = [ "network-online.target" "systemd-resolved.service" ];
|
||
|
serviceConfig = {
|
||
|
ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --token=${secret.cloudflared.token}";
|
||
|
Restart = "always";
|
||
|
User = "cloudflared";
|
||
|
Group = "cloudflared";
|
||
|
};
|
||
|
};
|
||
|
}
|