uninsane: add a hurricane electric ddns service
also adds some basic secrets management. i can make this more robust in time.
This commit is contained in:
parent
d9faeb6d6f
commit
f8cf676df4
|
@ -69,7 +69,7 @@
|
|||
|
||||
decl-machine = { name, system, extraModules ? [], basePkgs ? nixpkgs }: (basePkgs.lib.nixosSystem {
|
||||
inherit system;
|
||||
specialArgs = { inherit home-manager; inherit nurpkgs; };
|
||||
specialArgs = { inherit home-manager; inherit nurpkgs; secrets = import ./secrets.nix ;};
|
||||
modules = [
|
||||
./configuration.nix
|
||||
./modules
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
./hardware.nix
|
||||
./net.nix
|
||||
./users.nix
|
||||
./services/ddns-he.nix
|
||||
./services/duplicity.nix
|
||||
./services/gitea.nix
|
||||
./services/jackett.nix
|
||||
|
|
17
machines/uninsane/services/ddns-he.nix
Normal file
17
machines/uninsane/services/ddns-he.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
{ pkgs, secrets, ... }:
|
||||
|
||||
{
|
||||
systemd.services.ddns-he = {
|
||||
description = "update dynamic DNS entries for HurricaneElectric";
|
||||
# HE DDNS API is documented: https://dns.he.net/docs.html
|
||||
script = let
|
||||
pass = secrets.ddns-he.password;
|
||||
crl = "${pkgs.curl}/bin/curl -4";
|
||||
in ''
|
||||
${crl} "https://he.uninsane.org:${pass}@dyn.dns.he.net/nic/update?hostname=he.uninsane.org"
|
||||
${crl} "https://native.uninsane.org:${pass}@dyn.dns.he.net/nic/update?hostname=native.uninsane.org"
|
||||
${crl} "https://uninsane.org:${pass}@dyn.dns.he.net/nic/update?hostname=uninsane.org"
|
||||
'';
|
||||
startAt = "10min";
|
||||
};
|
||||
}
|
3
secrets.nix
Normal file
3
secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
{
|
||||
ddns-he.password = "<REPLACEME>";
|
||||
}
|
Loading…
Reference in New Issue
Block a user