pyrox.dev / nixpkgs
lol
fork atom

nixos/cfdyndns: dynamic user and loadcredentials

happysalada 1e335c51 d989b040

options
unified split
Changed files
+3 -16
nixos
modules
services
misc
cfdyndns.nix
+3 -16
nixos/modules/services/misc/cfdyndns.nix 
···

       
60

       
60

       
 

       
      startAt = "*:0/5";


     

       
61

       
61

       
 

       
      serviceConfig = {


     

       
62

       
62

       
 

       
        Type = "simple";


     

       
63

       

       
-

       
        User = config.ids.uids.cfdyndns;


     

       
64

       

       
-

       
        Group = config.ids.gids.cfdyndns;


     

       

       
63

       
+

       
        LoadCredential = lib.optional (cfg.apiTokenFile != null) "CLOUDFLARE_APITOKEN_FILE:${cfg.apiTokenFile}";


     

       

       
64

       
+

       
        DynamicUser = true;


     

       
65

       
65

       
 

       
      };


     

       
66

       
66

       
 

       
      environment = {


     

       
67

       
67

       
 

       
        CLOUDFLARE_RECORDS="${concatStringsSep "," cfg.records}";


     
···

       
72

       
72

       
 

       
          export CLOUDFLARE_EMAIL="${cfg.email}"


     

       
73

       
73

       
 

       
        ''}


     

       
74

       
74

       
 

       
        ${optionalString (cfg.apiTokenFile != null) ''


     

       
75

       

       
-

       
          export CLOUDFLARE_APITOKEN="$(cat ${escapeShellArg cfg.apiTokenFile})"


     

       

       
75

       
+

       
          export CLOUDFLARE_APITOKEN=$(${pkgs.systemd}/bin/systemd-creds cat CLOUDFLARE_APITOKEN_FILE)


     

       
76

       
76

       
 

       
        ''}


     

       
77

       
77

       
 

       
        ${pkgs.cfdyndns}/bin/cfdyndns


     

       
78

       
78

       
 

       
      '';


     

       
79

       

       
-

       
    };


     

       
80

       

       
-

       



     

       
81

       

       
-

       
    users.users = {


     

       
82

       

       
-

       
      cfdyndns = {


     

       
83

       

       
-

       
        group = "cfdyndns";


     

       
84

       

       
-

       
        uid = config.ids.uids.cfdyndns;


     

       
85

       

       
-

       
      };


     

       
86

       

       
-

       
    };


     

       
87

       

       
-

       



     

       
88

       

       
-

       
    users.groups = {


     

       
89

       

       
-

       
      cfdyndns = {


     

       
90

       

       
-

       
        gid = config.ids.gids.cfdyndns;


     

       
91

       

       
-

       
      };


     

       
92

       
79

       
 

       
    };


     

       
93

       
80

       
 

       
  };


     

       
94

       
81

       
 

       
}