moved cloud_flare_tunnel to a service

.vscode/settings.json

@@ -22,6 +22,7 @@
     "automations",
     "autopull",
     "autotrim",
+    "autoupdate",
     "azuretools",
     "bantime",
     "bazarr",

systems/jeeves/docker/cloud_flare_tunnel.nix

@@ -1,18 +0,0 @@
-let
-  vars = import ../vars.nix;
-in
-{
-  virtualisation.oci-containers.containers = {
-    cloud_flare_tunnel = {
-      image = "cloudflare/cloudflared:2025.1.1";
-      user = "600:600";
-      cmd = [
-        "tunnel"
-        "run"
-      ];
-      environmentFiles = ["${vars.storage_secrets}/docker/cloud_flare_tunnel"];
-      extraOptions = [ "--network=web" ];
-      autoStart = true;
-    };
-  };
-}

systems/jeeves/services/cloud_flare_tunnel.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+let
+  vars = import ../vars.nix;
+in
+{
+  systemd.services.cloud_flare_tunnel = {
+    description = "cloud_flare_tunnel proxy's traffic through cloudflare";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "simple";
+      EnvironmentFile = "${vars.storage_secrets}/docker/cloud_flare_tunnel";
+      ExecStart = "${pkgs.cloudflared}/bin/cloudflared --no-autoupdate tunnel run";
+      Restart = "on-failure";
+    };
+  };
+}
+

systems/jeeves/services/validate_system.toml

@@ -1,7 +1,7 @@
 zpool = ["root_pool", "storage", "torrenting", "media"]
 services = [
     "audiobookshelf",
-    "docker-cloud_flare_tunnel",
+    "cloud_flare_tunnel",
     "haproxy",
     "docker-qbit",
     "docker-qbitvpn",