pyrox.dev
1{ config, pkgs, lib, ... }:
2
3with lib;
4
5let
6 cfg = config.services.cfdyndns;
7in
8{
9 imports = [
10 (mkRemovedOptionModule
11 [ "services" "cfdyndns" "apikey" ]
12 "Use services.cfdyndns.apikeyFile instead.")
13 ];
14
15 options = {
16 services.cfdyndns = {
17 enable = mkEnableOption "Cloudflare Dynamic DNS Client";
18
19 email = mkOption {
20 type = types.str;
21 description = ''
22 The email address to use to authenticate to CloudFlare.
23 '';
24 };
25
26 apiTokenFile = mkOption {
27 default = null;
28 type = types.nullOr types.str;
29 description = ''
30 The path to a file containing the API Token
31 used to authenticate with CloudFlare.
32 '';
33 };
34
35 apikeyFile = mkOption {
36 default = null;
37 type = types.nullOr types.str;
38 description = ''
39 The path to a file containing the API Key
40 used to authenticate with CloudFlare.
41 '';
42 };
43
44 records = mkOption {
45 default = [];
46 example = [ "host.tld" ];
47 type = types.listOf types.str;
48 description = ''
49 The records to update in CloudFlare.
50 '';
51 };
52 };
53 };
54
55 config = mkIf cfg.enable {
56 systemd.services.cfdyndns = {
57 description = "CloudFlare Dynamic DNS Client";
58 after = [ "network.target" ];
59 wantedBy = [ "multi-user.target" ];
60 startAt = "*:0/5";
61 serviceConfig = {
62 Type = "simple";
63 LoadCredential = lib.optional (cfg.apiTokenFile != null) "CLOUDFLARE_APITOKEN_FILE:${cfg.apiTokenFile}";
64 DynamicUser = true;
65 };
66 environment = {
67 CLOUDFLARE_RECORDS="${concatStringsSep "," cfg.records}";
68 };
69 script = ''
70 ${optionalString (cfg.apikeyFile != null) ''
71 export CLOUDFLARE_APIKEY="$(cat ${escapeShellArg cfg.apikeyFile})"
72 export CLOUDFLARE_EMAIL="${cfg.email}"
73 ''}
74 ${optionalString (cfg.apiTokenFile != null) ''
75 export CLOUDFLARE_APITOKEN=$(${pkgs.systemd}/bin/systemd-creds cat CLOUDFLARE_APITOKEN_FILE)
76 ''}
77 ${pkgs.cfdyndns}/bin/cfdyndns
78 '';
79 };
80 };
81}