restic-alarm/flake.nix

{
  description = "restic-alarm";
  inputs = {
    cargo2nix = {
      url = "github:cargo2nix/cargo2nix/release-0.11.0";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    flake-utils.follows = "cargo2nix/flake-utils";
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
  };

  outputs = { self, nixpkgs, cargo2nix, flake-utils }:
    flake-utils.lib.eachDefaultSystem (system:
      let
        pkgs = import nixpkgs {
          inherit system;
          overlays = [cargo2nix.overlays.default];
        };

        rustPkgs = pkgs.rustBuilder.makePackageSet {
          rustVersion = "1.75.0";
          packageFun = import ./Cargo.nix;
        };

      in rec {
        packages = {
          restic-alarm = (rustPkgs.workspace.restic-alarm {});
          default = packages.restic-alarm;
        };
      }
    ) // rec {
      nixosModules.restic-alarm = { config, lib, pkgs, ... }:
        with lib;
        let
          cfg = config.custom.restic-alarm;
        in
        {
          options.custom.restic-alarm = {
            enable = mkEnableOption (lib.mdDoc "restic-alarm: send alarms for inactive backups");

            env_file = mkOption {
              type = types.path;
              description = lib.mdDoc
                "The file containing the environment variables to pass to restic-alarm, for e.g. S3 access keys";
            };
          };

          config = mkIf cfg.enable {
            systemd.services.restic-alarm =
              let
                pkg = self.packages.${pkgs.system}.default;
              in {
                description = "restic-alarm: send alarms for inactive backups";
                after = [ "network.target" "network-online.target" ];
                wants = [ "network.target" "network-online.target" ];
                wantedBy = [ "multi-user.target" ];
                restartTriggers = [ cfg.env_file ];
                serviceConfig = {
                  ExecStart = "${pkg}/bin/restic-alarm";
                  DynamicUser = true;
                  EnvironmentFile = "${cfg.env_file}";
                };
              };

            systemd.timers.restic-alarm = {
              partOf = [ "restic-alarm.service" ];
              wantedBy = [ "timers.target" ];
              after = [ "network-online.target" ];
              timerConfig = {
                Unit = "restic-alarm.service";
                Persistent = true;
                # every 6 hours
                OnCalendar = "*-*-* 00/6:00:00";
                RandomizedDelaySec = "1h";
                FixedRandomDelay = true;
              };
            };
          };
        };

      nixosModules.default = nixosModules.restic-alarm;
    };
}