nixos-systems/modules/system/timecardbot.nix

{ config, inputs, lib, pkgs, ... }:
with lib;
let
	timecard-bot-pkg = inputs.timecard-bot.packages.x86_64-linux.default;
in
{
	options.myModules.timecardbot.enable = mkEnableOption "custom timecardbot configuration";

	config = mkIf config.myModules.timecardbot.enable {
		environment.systemPackages = with pkgs; [
			timecard-bot-pkg
		];
		sops.secrets.timecarder-env = {
			format = "dotenv";
			group = "timecarder";
			mode = "0440";
			owner = "timecarder";
			restartUnits = ["timecarder.service"];
			sopsFile = ../../secrets/timecarder.env;
		};
		systemd.services.timecarder = {
			after=["network.target" "network-online.target"];
			description="Timecarder Matrix bot";
			requires=["network-online.target"];
			serviceConfig = {
				EnvironmentFile="/var/run/secrets/timecarder-env";
				Type = "simple";
				User = "timecarder";
				Group = "timecarder";
				ExecStart = "${timecard-bot-pkg}/bin/timecardbot";
				TimeoutStopSec = "5s";
				PrivateTmp = true;
				WorkingDirectory = "/tmp";
			};
			wantedBy = ["multi-user.target"];
		};
		users.groups.timecarder = {};
		users.users.timecarder = {
			group = "timecarder";
			isSystemUser = true;
		};
	};
}
Make timecardbot read from inputs So we don't have to plumb it through all the system args 2026-05-08 20:53:52 +00:00			`{ config, inputs, lib, pkgs, ... }:`
Migrate corp configuration to this repository and use flakes 2025-07-16 09:32:19 -07:00			`with lib;`
			`let`
Make timecardbot read from inputs So we don't have to plumb it through all the system args 2026-05-08 20:53:52 +00:00			`timecard-bot-pkg = inputs.timecard-bot.packages.x86_64-linux.default;`
Migrate corp configuration to this repository and use flakes 2025-07-16 09:32:19 -07:00			`in`
			`{`
			`options.myModules.timecardbot.enable = mkEnableOption "custom timecardbot configuration";`

			`config = mkIf config.myModules.timecardbot.enable {`
Add timecard-bot deployment to corp This currently has the architecture hard-coded. That's bad, but nix is hard, and there's probably a much better way to integrate this into the system when I can be bothered to do it. 2025-09-26 19:08:26 +00:00			`environment.systemPackages = with pkgs; [`
			`timecard-bot-pkg`
			`];`
			`sops.secrets.timecarder-env = {`
			`format = "dotenv";`
			`group = "timecarder";`
			`mode = "0440";`
			`owner = "timecarder";`
			`restartUnits = ["timecarder.service"];`
			`sopsFile = ../../secrets/timecarder.env;`
			`};`
			`systemd.services.timecarder = {`
			`after=["network.target" "network-online.target"];`
			`description="Timecarder Matrix bot";`
			`requires=["network-online.target"];`
			`serviceConfig = {`
			`EnvironmentFile="/var/run/secrets/timecarder-env";`
			`Type = "simple";`
			`User = "timecarder";`
			`Group = "timecarder";`
			`ExecStart = "${timecard-bot-pkg}/bin/timecardbot";`
			`TimeoutStopSec = "5s";`
			`PrivateTmp = true;`
			`WorkingDirectory = "/tmp";`
			`};`
			`wantedBy = ["multi-user.target"];`
			`};`
			`users.groups.timecarder = {};`
			`users.users.timecarder = {`
			`group = "timecarder";`
			`isSystemUser = true;`
			`};`
Migrate corp configuration to this repository and use flakes 2025-07-16 09:32:19 -07:00			`};`
			`}`