try multiple ternary option for arrow workflow

and see if remainafterexit fixes one of the issues

.github/workflows/arrow.yml

@@ -1,5 +1,7 @@
 name: Arrow
 
+run-name: Arrow - ${{ inputs.rebuild && 'Rebuild and ' || '' }}${{ inputs.action == 'create' && 'Create' || ( ${{ inputs.action == 'destroy' && 'Destroy' || 'No Action' ) }}
+
 env:
   TERRAFORM_DIRECTORY: hosts/arrow
   DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
@@ -24,6 +26,7 @@ on:
         options:
           - create
           - destroy
+          - nothing
 
 jobs:
   build-deploy:

modules/nixos/gaming/default.nix

@@ -3,7 +3,6 @@
   imports = [
     ./chiaki.nix
     ./dwarf-fortress.nix
-    ./leagueoflegends.nix
     ./legendary.nix
     ./lutris.nix
     ./minecraft-server.nix

modules/nixos/gaming/leagueoflegends.nix

@@ -1,32 +0,0 @@
-{ config, pkgs, lib, ... }: {
-
-  options.gaming.leagueoflegends.enable =
-    lib.mkEnableOption "League of Legends";
-
-  config =
-    lib.mkIf (config.gaming.leagueoflegends.enable && pkgs.stdenv.isLinux) {
-
-      # League of Legends anti-cheat requirement
-      boot.kernel.sysctl = { "abi.vsyscall32" = 0; };
-
-      environment.systemPackages = with pkgs; [
-
-        # Lutris requirement to install the game
-        lutris
-        amdvlk
-        wineWowPackages.stable
-        # vulkan-tools
-
-        # Required according to https://lutris.net/games/league-of-legends/
-        openssl
-        gnome.zenity
-
-        # Don't remember if this is required
-        dconf
-
-      ];
-
-      environment.sessionVariables = { QT_X11_NO_MITSHM = "1"; };
-
-    };
-}

modules/nixos/services/cloudflare.nix

@@ -98,22 +98,25 @@ in {
     services.transmission.settings.rpc-whitelist =
       builtins.concatStringsSep "," ([ "127.0.0.1" ] ++ cloudflareIpRanges);
 
-    services.cloudflare-dyndns = {
+    services.cloudflare-dyndns = lib.mkIf
+      ((builtins.length config.services.cloudflare-dyndns.domains) > 0) {
         enable = true;
         proxied = true;
         deleteMissing = true;
         apiTokenFile = config.secrets.cloudflare-api.dest;
       };
 
-    # Wait for secret to exist
+    # Wait for secret to exist to start
-    systemd.services.cloudflare-dyndns = {
+    systemd.services.cloudflare-dyndns =
+      lib.mkIf config.services.cloudflare-dyndns.enable {
         after = [ "cloudflare-api-secret.service" ];
         requires = [ "cloudflare-api-secret.service" ];
       };
 
     # Run a second copy of dyn-dns for non-proxied domains
     # Adapted from: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/networking/cloudflare-dyndns.nix
-    systemd.services.cloudflare-dyndns-noproxy = {
+    systemd.services.cloudflare-dyndns-noproxy =
+      lib.mkIf ((builtins.length config.cloudflare.noProxyDomains) > 0) {
         description = "CloudFlare Dynamic DNS Client (no proxy)";
         after = [ "network.target" "cloudflare-api-secret.service" ];
         requires = [ "cloudflare-api-secret.service" ];
@@ -130,7 +133,8 @@ in {
           StateDirectory = "cloudflare-dyndns-noproxy";
           EnvironmentFile = config.services.cloudflare-dyndns.apiTokenFile;
           ExecStart = let
-          args = [ "--cache-file /var/lib/cloudflare-dyndns-noproxy/ip.cache" ]
+            args =
+              [ "--cache-file /var/lib/cloudflare-dyndns-noproxy/ip.cache" ]
               ++ (if config.services.cloudflare-dyndns.ipv4 then
                 [ "-4" ]
               else

modules/nixos/services/identity.nix

@@ -4,7 +4,10 @@
   systemd.services.wait-for-identity = {
     description = "Wait until identity file exists on the machine";
     wantedBy = [ "multi-user.target" ];
-    serviceConfig = { Type = "oneshot"; };
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+    };
     script = ''
       for i in $(seq 1 10); do
           if [ -f ${config.identityFile} ]; then

modules/nixos/services/secrets.nix

@@ -68,7 +68,8 @@
 
         description = "Decrypt secret for ${name}";
         wantedBy = [ "multi-user.target" ];
-        requires = [ "wait-for-identity.service" ];
+        bindsTo = [ "wait-for-identity.service" ];
+        after = [ "wait-for-identity.service" ];
         serviceConfig.Type = "oneshot";
         script = ''
           echo "${attrs.prefix}$(

modules/nixos/services/transmission.nix

@@ -40,15 +40,15 @@
     };
 
     # Create reverse proxy for web UI
-    caddy.routes = lib.mkAfter [{
+    caddy.routes = let
-      group =
+      # Set if the download domain is the same as the Transmission domain
-        if (config.hostnames.download == config.hostnames.transmission) then
+      useDownloadDomain = config.hostnames.download
-          "download"
+        == config.hostnames.transmission;
-        else
+    in lib.mkAfter [{
-          "transmission";
+      group = if useDownloadDomain then "download" else "transmission";
       match = [{
         host = [ config.hostnames.transmission ];
-        path = [ "/transmission*" ];
+        path = if useDownloadDomain then [ "/transmission*" ] else null;
       }];
       handle = [{
         handler = "reverse_proxy";