updated dns script + migrated secrets to sops

2024-06-29 21:10:49 -06:00
parent b45edd9b9d
commit 9848494ca6
2 changed files with 27 additions and 12 deletions
--- a/modules/scripts/update-dns.nix
+++ b/modules/scripts/update-dns.nix
@@ -1,13 +1,27 @@
-{ pkgs, lib, ... }: {
+{ config, pkgs, lib, ... }: {
  imports = [ ./base.nix ];
-  config.my.scripts.update-dns = {
-    enable = lib.mkDefault false;
-    install = true;
-    service = true;
-    name = "update-dns";
-    timer = "*:0/30";
-    description = "Updates the IP of all my domains";
-    package = pkgs.writeScriptBin "update-dns"
-      (builtins.readFile ../../scripts/update-dns.sh);
+  config = {
+    sops.secrets.dns = {
+      sopsFile = ../../secrets/env.yaml;
+      owner = config.users.users.jawz.name;
+      inherit (config.users.users.jawz) group;
+    };
+    my.scripts.update-dns = {
+      enable = lib.mkDefault false;
+      install = true;
+      service = true;
+      name = "update-dns";
+      timer = "*:0/30";
+      description = "Updates the IP of all my domains";
+      package = let
+        update-dns = pkgs.writeScriptBin "update-dns"
+          (builtins.readFile ../../scripts/update-dns.sh);
+      in pkgs.writeScriptBin "update-dns" ''
+        set -a &&
+        source ${config.sops.secrets.dns.path} &&
+        set -a &&
+        ${update-dns}/bin/update-dns;
+      '';
+    };
  };
 }