From 7beebf6a6a185fb574ee957121c566aab26a249c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= <dev@felschr.com>
Date: Thu, 10 Aug 2023 12:46:51 +0200
Subject: [PATCH] feat: replace watchtower with podman auto-update

---
 home-server.nix           |  1 -
 services/watchtower.nix   | 20 --------------------
 virtualisation/podman.nix | 26 +++++++++++++++++++++++---
 3 files changed, 23 insertions(+), 24 deletions(-)
 delete mode 100644 services/watchtower.nix

diff --git a/home-server.nix b/home-server.nix
index c955769..37adc8f 100644
--- a/home-server.nix
+++ b/home-server.nix
@@ -25,7 +25,6 @@ in with builtins; {
     ./services/wkd.nix
     ./services/home-assistant
     ./services/matrix
-    ./services/watchtower.nix
     ./services/immich.nix
     ./services/miniflux.nix
     ./services/paperless.nix
diff --git a/services/watchtower.nix b/services/watchtower.nix
deleted file mode 100644
index 61f6797..0000000
--- a/services/watchtower.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-# watchtower keeps images & containers up-to-date
-{
-  virtualisation.oci-containers.containers = {
-    watchtower = {
-      image = "containrrr/watchtower";
-      volumes = [
-        "/var/run/podman/podman.sock:/var/run/docker.sock"
-        "/etc/localtime:/etc/localtime:ro"
-      ];
-      environment = {
-        # some containers take really long to shut down
-        WATCHTOWER_TIMEOUT = "120s";
-        WATCHTOWER_CLEANUP = "true";
-        WATCHTOWER_INCLUDE_STOPPED = "true";
-      };
-    };
-  };
-}
diff --git a/virtualisation/podman.nix b/virtualisation/podman.nix
index 699e071..276f5d3 100644
--- a/virtualisation/podman.nix
+++ b/virtualisation/podman.nix
@@ -1,11 +1,31 @@
-{ config, pkgs, ... }:
+{ pkgs, ... }:
 
 {
   environment.systemPackages = with pkgs; [ podman-compose ];
 
   virtualisation.podman.enable = true;
   virtualisation.podman.dockerCompat = true;
-  virtualisation.podman.dockerSocket.enable = true;
-  virtualisation.podman.extraPackages = with pkgs; [ ];
   virtualisation.podman.defaultNetwork.settings.dns_enabled = true;
+
+  virtualisation.podman.autoPrune.enable = true;
+  virtualisation.podman.autoPrune.dates = "weekly";
+  virtualisation.podman.autoPrune.flags = [ "--all" ];
+
+  systemd.services.podman-auto-update = {
+    wants = [ "network-online.target" ];
+    after = [ "network-online.target" ];
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.podman}/bin/podman auto-update";
+      ExecStartPost = "${pkgs.podman}/bin/podman image prune -f";
+    };
+  };
+
+  systemd.timers.podman-auto-update = {
+    wantedBy = [ "timers.target" ];
+    timerConfig = {
+      OnCalendar = "03:30";
+      Persistent = true;
+    };
+  };
 }