wip: headscale script to wait until authentik is alive

2024-12-28 11:53:07 +03:00 · 2024-12-28 11:53:07 +03:00 · fc99b36839
commit fc99b36839
parent 3e26629de7
1 changed files with 15 additions and 1 deletions
--- a/profiles/servers/headscale.nix
+++ b/profiles/servers/headscale.nix
@ -1,4 +1,4 @@
-{ headscale-list ? [] }: { config, lib, inputs, ... }:
+{ headscale-list ? [] }: { config, lib, inputs, pkgs, ... }:
 let
  domain = "wg.ataraxiadev.com";
 in {
@ -42,6 +42,20 @@ in {
  };
  systemd.services.headscale = {
    serviceConfig.TimeoutStopSec = 10;
+    serviceConfig.ExecStartPre = let
+      waitAuthnetikReady = pkgs.writeShellScript "waitAuthnetikReady" ''
+        # Check until authentik is alive
+        retries=0
+        until [[ curl -fsSL http://auth.ataraxiadev.com/-/health/ready/ ]]; do
+          # Wait for 10 minutes
+          [ $retries -ge 200 ] && echo "Could not connect to authentik" && exit 1
+          echo "Waiting for the authentik..."
+          sleep 3
+          ((retries++))
+        done
+        echo "Authentik is alive."
+      '';
+    in waitAuthnetikReady;
  #   after = lib.mkIf config.services.authentik.enable [
  #     "authentik-server.service"
  #     "authentik-worker.service"