host/tatos: use systemd timers instead of cron to run geoip updates

hosts/istal/services/renovate.nix

@@ -4,11 +4,16 @@
   age.secrets.renovate-gitea-token.file = ./renovate-gitea-token.age;
   age.secrets.renovate-github-token.file = ./renovate-github-token.age;
 
-  services.cron = {
-    enable = true;
-    systemCronJobs = [
-      "0 3 * * *  root  rm -rf /var/cache/renovate /var/lib/renovate"
-    ];
+  systemd.services.renovate-clear-cache = {
+    script = ''
+      set -eu
+      ${pkgs.coreutils}/bin/rm -rf /var/cache/renovate /var/lib/renovate
+    '';
+    serviceConfig = {
+      Type = "oneshot";
+      User = "root";
+    };
+    startAt = "3:00";
   };
 
   services.renovate = {

hosts/tatos/services/wireguard/default.nix

@@ -6,6 +6,8 @@ let
   istalData = import (hostsPath + "/istal/data.secret.nix");
   tatosData = import (hostsPath + "/tatos/data.secret.nix");
   port = tatosData.wireguard.port;
+
+  update_ru_routes = pkgs.callPackage ./update_ru_routes.nix { };
 in
 {
   boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
@@ -20,16 +22,24 @@ in
 
   networking.firewall.allowedUDPPorts = [ port ];
 
-  services.cron =
-    let update_ru_routes = pkgs.callPackage ./update_ru_routes.nix { }; in
-    let cmd = "${update_ru_routes}/bin/update_ru_routes > /root/update_routes.log 2>&1"; in
-    {
-      enable = true;
-      systemCronJobs = [
-        "@reboot      root  sleep 30 && ${cmd}"
-        "0 3 * * mon  root  ${cmd}"
-      ];
+  systemd.services.geoip-update = {
+    script = ''
+      set -eu
+      ${update_ru_routes}/bin/update_ru_routes > /root/update_routes.log
+    '';
+    serviceConfig = {
+      Type = "oneshot";
+      User = "root";
     };
+    restartTriggers = [ update_ru_routes ];
+  };
+  systemd.timers.geoip-update = {
+    wantedBy = [ "timers.target" ];
+    timerConfig = {
+      OnBootSec = "1m";
+      OnCalendar = "mon 3:00";
+    };
+  };
 
   networking.wg-quick.interfaces = {
     # "wg0" is the network interface name. You can name the interface arbitrarily.

hosts/tatos/services/wireguard/update_ru_routes.nix

@@ -6,6 +6,7 @@
 , iptables
 , ipcalc
 , jq
+, iproute2
 , gawk
 , curl
 }:
@@ -19,7 +20,7 @@ in
 symlinkJoin {
   name = "update_ru_routes";
 
-  paths = [ update_ru_routes_unwrapped ] ++ [ bind.dnsutils iptables jq gawk curl ipcalc ];
+  paths = [ update_ru_routes_unwrapped ] ++ [ bind.dnsutils iptables jq gawk curl ipcalc iproute2 ];
   buildInputs = [ makeWrapper ];
 
   postBuild = ''

modules/home-manager/programs/dev-tools.nix

@@ -7,6 +7,7 @@ in
   options.local.programs.dev-tools = with lib; {
     base.enable = mkEnableOption "base tools";
     nix.enable = mkEnableOption "tools for nix developer";
+    erlang.enable = mkEnableOption "tools for erlang developer";
     web.enable = mkEnableOption "tools for web developer";
     k8s.enable = mkEnableOption "k8s tools";
     psql = {
@@ -72,6 +73,13 @@ in
       ];
     })
 
+    (lib.mkIf cfg.erlang.enable {
+      home.packages = with pkgs.unstable; [
+        erlang
+        erlfmt
+      ];
+    })
+
     (lib.mkIf cfg.nix.enable {
       home.packages = with pkgs.unstable; [
         nixpkgs-fmt # nix formatter

neovim/configs/language-server.nix

@@ -71,6 +71,10 @@ let inherit (lib.nix2lua) call; in
       language = "en-US";
       languageToolHttpServerUri = "http://localhost:8081";
     };
+    # erlang
+    erlangls = {
+      cmd = [ "${lib.getExe pkgs.erlang-ls}" ];
+    };
   };
 
   plugins.language-server.typescript-tools = {

users/jan/default.nix

@@ -105,6 +105,7 @@
     local.programs.dev-tools = {
       base.enable = lib.mkDefault true;
       nix.enable = lib.mkDefault true;
+      erlang.enable = lib.mkDefault true;
       web.enable = lib.mkDefault true;
       psql = {
         enable = lib.mkDefault true;