From ed11bf1e657c202dd15d210e97da2c73becb7187 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Sat, 1 Feb 2025 13:34:19 -0500
Subject: [PATCH] Link docker credentials.

---
 nix/configuration/roles/docker/default.nix | 26 ++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/nix/configuration/roles/docker/default.nix b/nix/configuration/roles/docker/default.nix
index de49f5a..7eb287b 100644
--- a/nix/configuration/roles/docker/default.nix
+++ b/nix/configuration/roles/docker/default.nix
@@ -56,6 +56,32 @@
           # };
         };
 
+        systemd.services.link-docker-creds = {
+          # Contains credentials so it cannot be added to the nix store
+          enable = true;
+          description = "link-docker-creds";
+          wantedBy = [ "multi-user.target" ];
+          wants = [ "multi-user.target" ];
+          after = [ "multi-user.target" ];
+          # path = with pkgs; [
+          #   zfs
+          # ];
+          unitConfig.DefaultDependencies = "no";
+          serviceConfig = {
+            Type = "oneshot";
+            RemainAfterExit = "yes";
+          };
+          script = ''
+            if [ -e /persist/manual/docker/config.json ]; then
+              install --directory --owner talexander --group talexander --mode 0700 /home/talexander/.docker
+              ln -s /persist/manual/docker/config.json /home/talexander/.docker/config.json
+            fi
+          '';
+          preStop = ''
+            rm -f /home/talexander/.docker/config.json
+          '';
+        };
+
         # Needed for non-rootless docker
         users.users.talexander.extraGroups = [ "docker" ];
       }