diff --git a/hosts/aluminium/services/dyndns.nix b/hosts/aluminium/services/dyndns.nix index ae3362a..546cb07 100644 --- a/hosts/aluminium/services/dyndns.nix +++ b/hosts/aluminium/services/dyndns.nix @@ -1,21 +1,42 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: +let + mkService = config: + lib.mapAttrs' + (name: cfg: lib.nameValuePair "godns-${name}" ( + let + config = cfg.settings // { + login_token_file = "$CREDENTIALS_DIRECTORY/login_token"; + }; + configFile = (pkgs.formats.yaml { }).generate "config.yaml" config; + in + { + description = "GoDNS service"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + DynamicUser = true; + ExecStart = "${lib.getExe pkgs.godns} -c ${configFile}"; + LoadCredential = "login_token:${cfg.tokenPath}"; + Restart = "always"; + RestartSec = "2s"; + }; + } + )) + config; +in { - services.ddclient = { - enable = true; - interval = "1min"; - protocol = "duckdns"; - server = "www.duckdns.org"; - username = "nouser"; - passwordFile = config.sops.secrets.duckdns-secret.path; - domains = [ "jalr-k" ]; - usev4 = "ifv4, ifv4=ppp0"; - package = pkgs.ddclient.overrideAttrs (p: rec { - nativeBuildInputs = p.nativeBuildInputs ++ [ pkgs.makeWrapper ]; - wrapperPath = pkgs.lib.makeBinPath [ pkgs.iproute2 ]; - postFixup = '' - wrapProgram $out/bin/ddclient \ - --prefix PATH : "${wrapperPath}" - ''; - }); + systemd.services = mkService { + ip4 = { + tokenPath = config.sops.secrets.duckdns-secret.path; + settings = { + provider = "DuckDNS"; + domains = [{ domain_name = "www.duckdns.org"; sub_domains = [ "jalr-k" ]; }]; + resolver = "8.8.8.8"; + ip_interface = "ppp0"; + ip_urls = [ "" ]; + ip_type = "IPv4"; + interval = 60; + }; + }; }; } diff --git a/hosts/iron/services/dyndns.nix b/hosts/iron/services/dyndns.nix index e68e465..e53e235 100644 --- a/hosts/iron/services/dyndns.nix +++ b/hosts/iron/services/dyndns.nix @@ -1,25 +1,56 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: let interfaces = import ../interfaces.nix; + + mkService = config: + lib.mapAttrs' + (name: cfg: lib.nameValuePair "godns-${name}" ( + let + config = cfg.settings // { + login_token_file = "$CREDENTIALS_DIRECTORY/login_token"; + }; + configFile = (pkgs.formats.yaml { }).generate "config.yaml" config; + in + { + description = "GoDNS service"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + DynamicUser = true; + ExecStart = "${lib.getExe pkgs.godns} -c ${configFile}"; + LoadCredential = "login_token:${cfg.tokenPath}"; + Restart = "always"; + RestartSec = "2s"; + }; + } + )) + config; in { - services.ddclient = { - enable = true; - interval = "1min"; - protocol = "duckdns"; - server = "www.duckdns.org"; - username = "nouser"; - passwordFile = config.sops.secrets.duckdns-secret.path; - domains = [ "jalr-bw" ]; - usev4 = "ifv4, ifv4=${interfaces.wan}"; - usev6 = "ifv6, ifv6=${interfaces.wan}"; - package = pkgs.ddclient.overrideAttrs (p: rec { - nativeBuildInputs = p.nativeBuildInputs ++ [ pkgs.makeWrapper ]; - wrapperPath = pkgs.lib.makeBinPath [ pkgs.iproute2 ]; - postFixup = '' - wrapProgram $out/bin/ddclient \ - --prefix PATH : "${wrapperPath}" - ''; - }); + systemd.services = mkService { + ip4 = { + tokenPath = config.sops.secrets.duckdns-secret.path; + settings = { + provider = "DuckDNS"; + domains = [{ domain_name = "www.duckdns.org"; sub_domains = [ "jalr-bw" ]; }]; + resolver = "8.8.8.8"; + ip_interface = interfaces.wan; + ip_urls = [ "" ]; + ip_type = "IPv4"; + interval = 60; + }; + }; + ip6 = { + tokenPath = config.sops.secrets.duckdns-secret.path; + settings = { + provider = "DuckDNS"; + domains = [{ domain_name = "www.duckdns.org"; sub_domains = [ "jalr-bw" ]; }]; + resolver = "2001:4860:4860::8888"; + ip_interface = interfaces.lan; + ip_urls = [ "" ]; + ip_type = "IPv6"; + interval = 60; + }; + }; }; }