51 lines
1.2 KiB
Nix
51 lines
1.2 KiB
Nix
{
|
|
inputs,
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
config = lib.mkIf config.my.secureHost {
|
|
sops.secrets = {
|
|
cloudflare-api.sopsFile = ../../secrets/env.yaml;
|
|
dns = {
|
|
sopsFile = ../../secrets/env.yaml;
|
|
owner = config.users.users.jawz.name;
|
|
inherit (config.users.users.jawz) group;
|
|
};
|
|
};
|
|
services.cloudflare-dyndns = {
|
|
# inherit (config.my.scripts.update-dns) enable;
|
|
enable = false;
|
|
ipv4 = true;
|
|
ipv6 = false;
|
|
proxied = false;
|
|
domains = [
|
|
config.my.domain
|
|
];
|
|
apiTokenFile = config.sops.secrets.cloudflare-api.path;
|
|
};
|
|
my.scripts.update-dns = {
|
|
enable = lib.mkDefault false;
|
|
install = true;
|
|
service = true;
|
|
name = "update-dns";
|
|
timer = "*:0/30";
|
|
description = "Updates the IP of all my domains";
|
|
package =
|
|
let
|
|
inherit (inputs.jawz-scripts.packages.x86_64-linux) update-dns;
|
|
in
|
|
pkgs.writeScriptBin "update-dns" ''
|
|
#!/usr/bin/env nix-shell
|
|
#! nix-shell -i bash -p bash curl
|
|
set -a
|
|
source ${config.sops.secrets.dns.path}
|
|
set -a
|
|
${update-dns}/bin/update-dns
|
|
'';
|
|
};
|
|
};
|
|
}
|