21 lines
529 B
Nix
21 lines
529 B
Nix
{ pkgs, secret, ... }:
|
|
|
|
{
|
|
users.users.cloudflared = {
|
|
group = "cloudflared";
|
|
isSystemUser = true;
|
|
};
|
|
|
|
users.groups.cloudflared = { };
|
|
|
|
systemd.services.my_tunnel = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network-online.target" "systemd-resolved.service" ];
|
|
serviceConfig = {
|
|
ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --token=${secret.cloudflared.token}";
|
|
Restart = "always";
|
|
User = "cloudflared";
|
|
Group = "cloudflared";
|
|
};
|
|
};
|
|
}
|