From fc99b36839b315a35ea6812998364c6d3e8f320b Mon Sep 17 00:00:00 2001
From: Dmitriy Kholkin <ataraxiadev@ataraxiadev.com>
Date: Sat, 28 Dec 2024 11:53:07 +0300
Subject: [PATCH] wip: headscale script to wait until authentik is alive

---
 profiles/servers/headscale.nix | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/profiles/servers/headscale.nix b/profiles/servers/headscale.nix
index 0da24b3..ce1c577 100644
--- a/profiles/servers/headscale.nix
+++ b/profiles/servers/headscale.nix
@@ -1,4 +1,4 @@
-{ headscale-list ? [] }: { config, lib, inputs, ... }:
+{ headscale-list ? [] }: { config, lib, inputs, pkgs, ... }:
 let
   domain = "wg.ataraxiadev.com";
 in {
@@ -42,6 +42,20 @@ in {
   };
   systemd.services.headscale = {
     serviceConfig.TimeoutStopSec = 10;
+    serviceConfig.ExecStartPre = let
+      waitAuthnetikReady = pkgs.writeShellScript "waitAuthnetikReady" ''
+        # Check until authentik is alive
+        retries=0
+        until [[ curl -fsSL http://auth.ataraxiadev.com/-/health/ready/ ]]; do
+          # Wait for 10 minutes
+          [ $retries -ge 200 ] && echo "Could not connect to authentik" && exit 1
+          echo "Waiting for the authentik..."
+          sleep 3
+          ((retries++))
+        done
+        echo "Authentik is alive."
+      '';
+    in waitAuthnetikReady;
   #   after = lib.mkIf config.services.authentik.enable [
   #     "authentik-server.service"
   #     "authentik-worker.service"