feat(zerotier): make os snippet and add custom options

a way to disable autostart for zerotier is beneficial to not accidentally connect on each boot while still being able to connect on demand
2024-03-01 11:21:37 +01:00 · 2024-03-01 11:21:37 +01:00 · e01290317a
commit e01290317a
parent c13b460ee9
6 changed files with 90 additions and 95 deletions
--- a/nix/os/devices/steveej-t14/system.nix
+++ b/nix/os/devices/steveej-t14/system.nix
@ -116,43 +116,6 @@ in {

  hardware.ledger.enable = true;

-  # services.zerotierone = {
-  #   enable = false;
-  #   joinNetworks = [
-  #     # moved to the service below as it's now secret
-  #   ];
-  # };
-
-  # systemd.services.zerotieroneSecretNetworks = {
-  #   enable = false;
-  #   requiredBy = [ "zerotierone.service" ];
-  #   partOf = [ "zerotierone.service" ];
-
-  #   serviceConfig.Type = "oneshot";
-  #   serviceConfig.RemainAfterExit = true;
-
-  #   script =
-  #     let
-  #       secret = config.sops.secrets.zerotieroneNetworks;
-  #     in
-  #     ''
-  #       # include the secret's hash to trigger a restart on change
-  #       # ${builtins.hashString "sha256" (builtins.toJSON secret)}
-
-  #       ${config.systemd.services.zerotierone.preStart}
-
-  #       rm -rf /var/lib/zerotier-one/networks.d/*.conf
-  #       for network in `grep -v '#' ${secret.path}`; do
-  #         touch /var/lib/zerotier-one/networks.d/''${network}.conf
-  #       done
-  #     '';
-  # };
-
-  sops.secrets.zerotieroneNetworks = {
-    sopsFile = ../../../../secrets/zerotierone.txt;
-    format = "binary";
-  };
-
  boot.binfmt.emulatedSystems = [
    "aarch64-linux"
  ];