summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinnnus <[email protected]>2023-09-18 17:23:37 +0200
committerLinnnus <[email protected]>2023-09-18 17:24:13 +0200
commit4851bbf9d96119f82c403722c137afde9e56f11c (patch)
tree2002564acff562c9c2c8d594db25b224bfb59485
parenta9200f4e8ad8f4938833a46cb955217648687f18 (diff)
Add DDNS to ahmed
Diffstat
-rw-r--r--.gitignore3
-rw-r--r--hosts/ahmed/cloudflare-ddns/default.nix23
-rw-r--r--hosts/ahmed/configuration.nix1
3 files changed, 27 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
index adbc2b5..8c60df4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,6 @@
# Generated symlink
result
*/result
+
+# Secret files
+*.env
diff --git a/hosts/ahmed/cloudflare-ddns/default.nix b/hosts/ahmed/cloudflare-ddns/default.nix
new file mode 100644
index 0000000..77c799c
--- /dev/null
+++ b/hosts/ahmed/cloudflare-ddns/default.nix
@@ -0,0 +1,23 @@
+# This module sets up cloudflare-dyndns for <linus.onl>.
+
+{ lib, ... }:
+
+let
+
+in
+{
+ my.secrets.cloudflare-ddns = {
+ source = ./secrets.env;
+ dest = "/run/keys/cloudflare-ddns.env";
+ };
+
+ services.cloudflare-dyndns = {
+ enable = true;
+ apiTokenFile = "/run/keys/cloudflare-ddns.env";
+ proxied = true;
+ domains = [ "linus.onl" ];
+ };
+
+ # Override the systemd service generated by `services.cloudflare-dyndns` to wait for key to be decrypted.
+ systemd.services.cloudflare-dyndns.after = [ "cloudflare-ddns-key.service" ];
+}
diff --git a/hosts/ahmed/configuration.nix b/hosts/ahmed/configuration.nix
index 2e6a9a7..f0ed279 100644
--- a/hosts/ahmed/configuration.nix
+++ b/hosts/ahmed/configuration.nix
@@ -9,6 +9,7 @@
./hardware-configuration.nix
./ssh.nix
./disable-screen.nix
+ ./cloudflare-ddns
];
# Create the main user.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-07 23:14:47 +0000