hosts/library: extract SSH tunnel config

2025-06-02 22:50:52 +01:00
parent 06a48940a9
commit 4f49a8da98
2 changed files with 33 additions and 26 deletions
--- a/hosts/library/default.nix
+++ b/hosts/library/default.nix
@ -5,6 +5,7 @@
    ./hardware-configuration.nix
    ./grafana.nix
    ./prometheus.nix
+    ./tunnel.nix
    ../server.nix
  ];

@ -48,32 +49,6 @@
    enable = true;
  };

-  systemd.services.vps1-tunnel = {
-    enable = true;
-    description = "vps1.mesh.vimium.net SSH tunnel";
-    after = [
-      "network-online.target"
-      "jellyfin.service"
-    ];
-    wants = [ "network-online.target" ];
-    serviceConfig = {
-      Type = "simple";
-      ExecStart = pkgs.lib.mkForce ''
-        ${pkgs.openssh}/bin/ssh \
-          -NT \
-          -o ExitOnForwardFailure=yes \
-          -o ServerAliveInterval=60 \
-          -o TCPKeepAlive=no \
-          -i %h/.ssh/id_jellyfin \
-          -R localhost:8000:localhost:8000 \
-          jellyfin@vps1.mesh.vimium.net
-      '';
-      Restart = "always";
-      RestartSec = 20;
-    };
-    wantedBy = [ "default.target" ];
-  };
-
  services.nginx =
    let
      proxyConfig = ''
--- a/hosts/library/tunnel.nix
+++ b/hosts/library/tunnel.nix
@ -0,0 +1,32 @@
+{
+  pkgs,
+  ...
+}:
+
+{
+  systemd.services.vps1-tunnel = {
+    enable = true;
+    description = "vps1.mesh.vimium.net SSH tunnel";
+    after = [
+      "network-online.target"
+      "jellyfin.service"
+    ];
+    wants = [ "network-online.target" ];
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = pkgs.lib.mkForce ''
+        ${pkgs.openssh}/bin/ssh \
+          -NT \
+          -o ExitOnForwardFailure=yes \
+          -o ServerAliveInterval=60 \
+          -o TCPKeepAlive=no \
+          -i %h/.ssh/id_jellyfin \
+          -R localhost:8000:localhost:8000 \
+          jellyfin@vps1.mesh.vimium.net
+      '';
+      Restart = "always";
+      RestartSec = 20;
+    };
+    wantedBy = [ "default.target" ];
+  };
+}