From 60c3e3db208bf602f09529e2a1e0e6be0fdea81a Mon Sep 17 00:00:00 2001
From: Richie Cahill <Richie@tmmworkshop.com>
Date: Mon, 3 Feb 2025 12:31:38 -0500
Subject: [PATCH] moved cloud_flare_tunnel to a service

---
 .vscode/settings.json                          |  1 +
 systems/jeeves/docker/cloud_flare_tunnel.nix   | 18 ------------------
 systems/jeeves/services/cloud_flare_tunnel.nix | 18 ++++++++++++++++++
 systems/jeeves/services/validate_system.toml   |  2 +-
 4 files changed, 20 insertions(+), 19 deletions(-)
 delete mode 100644 systems/jeeves/docker/cloud_flare_tunnel.nix
 create mode 100644 systems/jeeves/services/cloud_flare_tunnel.nix

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 57ef40c..9878aa3 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -22,6 +22,7 @@
     "automations",
     "autopull",
     "autotrim",
+    "autoupdate",
     "azuretools",
     "bantime",
     "bazarr",
diff --git a/systems/jeeves/docker/cloud_flare_tunnel.nix b/systems/jeeves/docker/cloud_flare_tunnel.nix
deleted file mode 100644
index 33b8fea..0000000
--- a/systems/jeeves/docker/cloud_flare_tunnel.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-let
-  vars = import ../vars.nix;
-in
-{
-  virtualisation.oci-containers.containers = {
-    cloud_flare_tunnel = {
-      image = "cloudflare/cloudflared:2025.1.1";
-      user = "600:600";
-      cmd = [
-        "tunnel"
-        "run"
-      ];
-      environmentFiles = ["${vars.storage_secrets}/docker/cloud_flare_tunnel"];
-      extraOptions = [ "--network=web" ];
-      autoStart = true;
-    };
-  };
-}
diff --git a/systems/jeeves/services/cloud_flare_tunnel.nix b/systems/jeeves/services/cloud_flare_tunnel.nix
new file mode 100644
index 0000000..199e713
--- /dev/null
+++ b/systems/jeeves/services/cloud_flare_tunnel.nix
@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+let
+  vars = import ../vars.nix;
+in
+{
+  systemd.services.cloud_flare_tunnel = {
+    description = "cloud_flare_tunnel proxy's traffic through cloudflare";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "simple";
+      EnvironmentFile = "${vars.storage_secrets}/docker/cloud_flare_tunnel";
+      ExecStart = "${pkgs.cloudflared}/bin/cloudflared --no-autoupdate tunnel run";
+      Restart = "on-failure";
+    };
+  };
+}
+
diff --git a/systems/jeeves/services/validate_system.toml b/systems/jeeves/services/validate_system.toml
index f4ae06f..bd108af 100644
--- a/systems/jeeves/services/validate_system.toml
+++ b/systems/jeeves/services/validate_system.toml
@@ -1,7 +1,7 @@
 zpool = ["root_pool", "storage", "torrenting", "media"]
 services = [
     "audiobookshelf",
-    "docker-cloud_flare_tunnel",
+    "cloud_flare_tunnel",
     "haproxy",
     "docker-qbit",
     "docker-qbitvpn",