From 62b4eb193391c978b0098d3f1fe5379a36dbbebb Mon Sep 17 00:00:00 2001
From: Eli Ribble <eli@gleipnir.technology>
Date: Mon, 13 Oct 2025 22:03:15 +0000
Subject: [PATCH] Add frps systemd unit for running frps all the time

---
 modules/system/frps.nix | 39 ++++++++++++++++++++++++++++++++++++++-
 1 file changed, 38 insertions(+), 1 deletion(-)

diff --git a/modules/system/frps.nix b/modules/system/frps.nix
index 47586fc..d255a76 100644
--- a/modules/system/frps.nix
+++ b/modules/system/frps.nix
@@ -1,6 +1,9 @@
 { config, configFiles, inputs, lib, pkgs, ... }:
 with lib;
-{
+let
+	group = "frps";
+	user = "frps";
+in {
 	options.myModules.frps.enable = mkEnableOption "custom frps configuration";
 	config = mkIf config.myModules.frps.enable {
 		environment = {
@@ -8,6 +11,40 @@ with lib;
 			systemPackages = [
 				pkgs.frp
 			];
+
+		};
+		sops.secrets.frps-env = {
+			format = "dotenv";
+			group = "${group}";
+			mode = "0440";
+			owner = "${user}";
+			restartUnits = [];
+			sopsFile = ../../secrets/frps.env;
+		};
+		systemd.services.frps = {
+			after=["network.target" "network-online.target"];
+			description="FRP server process";
+			requires=["network-online.target"];
+			restartIfChanged = true;
+			stopIfChanged = true;
+			serviceConfig = {
+				EnvironmentFile="/var/run/secrets/frps-env";
+				Type = "simple";
+				User = "${user}";
+				Group = "${group}";
+				ExecStart = "${pkgs.frp}/bin/frps -c /etc/frps.toml";
+				TimeoutStopSec = "5s";
+				PrivateTmp = true;
+				WorkingDirectory = "/tmp";
+			};
+			startAt = "*:0/15";
+			wantedBy = ["multi-user.target"];
+		};
+		users.groups.${group} = {};
+		users.users.${user} = {
+			group = "${group}";
+			isNormalUser = false;
+			isSystemUser = true;
 		};
 	};
 }