diff options
| author | makefu <github@syntax-fehler.de> | 2017-08-16 08:46:48 +0200 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2017-08-16 08:46:48 +0200 |
| commit | 68ee2d5c674fe3930dd8e93fc2ad0c0d1f1a97db (patch) | |
| tree | 61f77ee735754f1eb3b9c0640cfa9d78488d7015 | |
| parent | f390dcb8b5169ca77131e9398cae50d46023a979 (diff) | |
ma nsupdate-data: init
| -rw-r--r-- | makefu/2configs/nsupdate-data.nix | 55 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/nsupdate-data.nix | 1 |
2 files changed, 56 insertions, 0 deletions
diff --git a/makefu/2configs/nsupdate-data.nix b/makefu/2configs/nsupdate-data.nix new file mode 100644 index 00000000..cfa6193c --- /dev/null +++ b/makefu/2configs/nsupdate-data.nix @@ -0,0 +1,55 @@ +{ config, lib, pkgs, ... }: + +# search also generates ddclient entries for all other logs + +with import <stockholm/lib>; +let + #primary-itf = "eth0"; + #primary-itf = "wlp2s0"; + primary-itf = config.makefu.server.primary-itf; + ddclientUser = "ddclient"; + sec = toString <secrets>; + nsupdate = import "${sec}/nsupdate-data.nix"; + stateDir = "/var/spool/ddclient"; + cfg = "${stateDir}/cfg"; + ddclientPIDFile = "${stateDir}/ddclient.pid"; + + # TODO: correct cert generation requires a `real` internet ip address + + gen-cfg = dict: '' + ssl=yes + cache=${stateDir}/ddclient.cache + pid=${ddclientPIDFile} + ${concatStringsSep "\n" (mapAttrsToList (user: pass: '' + + use=if, if=${primary-itf} protocol=dyndns2, server=ipv4.nsupdate.info, login=${user}, password='${pass}' ${user} + usev6=if, if=${primary-itf} protocol=dyndns2, server=ipv6.nsupdate.info, login=${user}, password='${pass}' ${user} + '') dict)} + ''; + +in { + users.extraUsers = singleton { + name = ddclientUser; + uid = genid "ddclient"; + description = "ddclient daemon user"; + home = stateDir; + createHome = true; + }; + + systemd.services = { + ddclient-nsupdate-elchos = { + wantedBy = [ "multi-user.target" ]; + after = [ "ip-up.target" ]; + serviceConfig = { + Type = "forking"; + User = ddclientUser; + PIDFile = ddclientPIDFile; + ExecStartPre = pkgs.writeDash "init-nsupdate" '' + cp -vf ${pkgs.writeText "ddclient-config" (gen-cfg nsupdate)} ${cfg} + chmod 700 ${cfg} + ''; + ExecStart = "${pkgs.ddclient}/bin/ddclient -verbose -daemon 1 -noquiet -file ${cfg}"; + }; + }; + }; +} diff --git a/makefu/6tests/data/secrets/nsupdate-data.nix b/makefu/6tests/data/secrets/nsupdate-data.nix new file mode 100644 index 00000000..e76c0e87 --- /dev/null +++ b/makefu/6tests/data/secrets/nsupdate-data.nix @@ -0,0 +1 @@ +{ "lol" = "wut"; } |