optimize modules

Author: Plopmenz

nix/container-module.nix

@@ -78,7 +78,6 @@ in
       };
     };
 
-    networking.useHostResolvConf = false;
     services.resolved.enable = true;
   };
 }

nix/dns-module.nix

@@ -98,13 +98,15 @@ in
         home = "/var/lib/xnode-dns";
         createHome = true;
       };
+
       services.resolved = {
         enable = true;
         extraConfig = ''
           DNSStubListener=no
           DNSStubListenerExtra=127.0.0.1:5353
         '';
       };
+
       services.coredns = {
         enable = true;
         config = ''
@@ -134,20 +136,9 @@ in
         DynamicUser = lib.mkForce false;
       };
 
-      systemd.services.dns-acme-folder = {
-        wantedBy = [ "multi-user.target" ];
-        description = "Create folder for ACME to populate with DNS zones.";
-        serviceConfig = {
-          Restart = "on-failure";
-        };
-        path = [
-          pkgs.acl
-        ];
-        script = ''
-          mkdir -p ${acme-dir}
-          setfacl -R -m g:xnode-reverse-proxy:rw ${acme-dir}
-        '';
-      };
+      systemd.tmpfiles.rules = [
+        "A ${acme-dir} - - - - g:xnode-reverse-proxy:rw"
+      ];
 
       networking = {
         nameservers = [ "127.0.0.1" ];

nix/reverse-proxy-module.nix

@@ -370,7 +370,7 @@ in
                         }
                       ''
                     ]
-                  ) '''' upstreams
+                  ) "" upstreams
                 )
               ])
             )
@@ -383,7 +383,8 @@ in
       systemd.services.cloudflared-login = lib.mkIf (cfg.program.type == "cloudflared") {
         wantedBy = [ "multi-user.target" ];
         description = "Authenticate cloudflared with your account.";
-        after = [ "network.target" ];
+        wants = [ "network-online.target" ];
+        after = [ "network-online.target" ];
         serviceConfig = {
           User = "xnode-reverse-proxy";
           Group = "xnode-reverse-proxy";
@@ -396,6 +397,8 @@ in
 
       systemd.paths.cloudflared-tunnel-xnode-create = lib.mkIf (cfg.program.type == "cloudflared") {
         wantedBy = [ "multi-user.target" ];
+        wants = [ "network-online.target" ];
+        after = [ "network-online.target" ];
         pathConfig = {
           PathChanged = "${data}/.cloudflared/cert.pem";
           Unit = "cloudflared-tunnel-xnode-create.service";
@@ -416,6 +419,8 @@ in
 
       systemd.paths.cloudflared-tunnel-xnode = lib.mkIf (cfg.program.type == "cloudflared") {
         wantedBy = [ "multi-user.target" ];
+        wants = [ "network-online.target" ];
+        after = [ "network-online.target" ];
         pathConfig = {
           PathExists = "${data}/.cloudflared/tunnel.json";
           Unit = "cloudflared-tunnel-xnode.service";