dotfiles/common/users/docker/obsidian/default.nix

{ config, ... }:
{
  imports = [
    ../../homeModules/sops.nix
  ];
  home = {
    file = {
      couchdb_compose = {
        source = ./docker-compose.yaml;
        target = "./src/obsidian/docker-compose.yaml";
      };
      # Docker is stupid and wont read a symlinked Dockerfile
      # couchdb_dockerfile = {
      #   source = ./Dockerfile;
      #   target = "./src/obsidian/Dockerfile";
      # };
      # not only will it not load a symlinked dockerfile, it refuses to copy any symlinked file
      # couchdb_vm-args = {
      #   source = ./vm.args;
      #   target = "./src/obsidian/vm.args";
      # };
      # couchdb_docker-default = {
      #   source = ./10-docker-default.ini;
      #   target = "./src/obsidian/10-docker-default.ini";
      # };
      # couchdb_docker-entrypoint-sh = {
      #   source = ./docker-entrypoint.sh;
      #   target = "./src/obsidian/docker-entrypoint.sh";
      # };
    };
  };
  systemd = {
    user = {
      tmpfiles = {
        rules = [
          "C /home/${config.home.username}/src/obsidian/Dockerfile 0444 - - - ${./Dockerfile}"
          "C /home/${config.home.username}/src/obsidian/docker-entrypoint.sh 0555 - - - ${./docker-entrypoint.sh}"
          "C /home/${config.home.username}/src/obsidian/10-docker-default.ini 0444 - - - ${./10-docker-default.ini}"
          "C /home/${config.home.username}/src/obsidian/vm.args 0444 - - - ${./vm.args}"
          # root is needed to +i
          # "h /home/${config.home.username}/src/obsidian/Dockerfile - - - - i"
          # "h /home/${config.home.username}/src/obsidian/docker-entrypoint.sh - - - - i"
          # "h /home/${config.home.username}/src/obsidian/10-docker-default.ini - - - - i"
          # "h /home/${config.home.username}/src/obsidian/vm.args - - - - i"
        ];
      };
    };
  };
  sops = {
    secrets = {
      couchdb_env = {
        format = "dotenv";
        sopsFile = ./couchdb.env;
        path = "/home/${config.home.username}/src/obsidian/couchdb.env";
      };
      # encrypted because it has a hashed password
      couchdb_docker-ini = {
        format = "ini";
        sopsFile = ./docker.ini;
        path = "/home/${config.home.username}/src/obsidian/docker.ini";
      };
    };
  };
}
add obsidian livesync use relative path rename dockerfile and change build arg try systemd tmpfiles add docker entrypoint use more systemd tmpfiles whoops i was missing a file remove home.files and move to systemd.tmpfiles dont use root make immutable make immutable v2 whoops remove +i needs to be executable 2025-02-24 23:11:31 -05:00			`{ config, ... }:`
			`{`
			`imports = [`
			`../../homeModules/sops.nix`
			`];`
			`home = {`
			`file = {`
			`couchdb_compose = {`
			`source = ./docker-compose.yaml;`
			`target = "./src/obsidian/docker-compose.yaml";`
			`};`
			`# Docker is stupid and wont read a symlinked Dockerfile`
			`# couchdb_dockerfile = {`
			`# source = ./Dockerfile;`
			`# target = "./src/obsidian/Dockerfile";`
			`# };`
			`# not only will it not load a symlinked dockerfile, it refuses to copy any symlinked file`
			`# couchdb_vm-args = {`
			`# source = ./vm.args;`
			`# target = "./src/obsidian/vm.args";`
			`# };`
			`# couchdb_docker-default = {`
			`# source = ./10-docker-default.ini;`
			`# target = "./src/obsidian/10-docker-default.ini";`
			`# };`
			`# couchdb_docker-entrypoint-sh = {`
			`# source = ./docker-entrypoint.sh;`
			`# target = "./src/obsidian/docker-entrypoint.sh";`
			`# };`
			`};`
			`};`
			`systemd = {`
			`user = {`
			`tmpfiles = {`
			`rules = [`
			`"C /home/${config.home.username}/src/obsidian/Dockerfile 0444 - - - ${./Dockerfile}"`
			`"C /home/${config.home.username}/src/obsidian/docker-entrypoint.sh 0555 - - - ${./docker-entrypoint.sh}"`
			`"C /home/${config.home.username}/src/obsidian/10-docker-default.ini 0444 - - - ${./10-docker-default.ini}"`
			`"C /home/${config.home.username}/src/obsidian/vm.args 0444 - - - ${./vm.args}"`
			`# root is needed to +i`
			`# "h /home/${config.home.username}/src/obsidian/Dockerfile - - - - i"`
			`# "h /home/${config.home.username}/src/obsidian/docker-entrypoint.sh - - - - i"`
			`# "h /home/${config.home.username}/src/obsidian/10-docker-default.ini - - - - i"`
			`# "h /home/${config.home.username}/src/obsidian/vm.args - - - - i"`
			`];`
			`};`
			`};`
			`};`
			`sops = {`
			`secrets = {`
			`couchdb_env = {`
			`format = "dotenv";`
			`sopsFile = ./couchdb.env;`
			`path = "/home/${config.home.username}/src/obsidian/couchdb.env";`
			`};`
			`# encrypted because it has a hashed password`
			`couchdb_docker-ini = {`
			`format = "ini";`
			`sopsFile = ./docker.ini;`
			`path = "/home/${config.home.username}/src/obsidian/docker.ini";`
			`};`
			`};`
			`};`
			`}`