Revert "{nixos/modules,pkgs}/ddns: remove ddns (#93)"

This reverts commit e3f4686.
inclyc · Oct 7, 2024 · f4b783c · f4b783c
1 parent 95cb4ce
commit f4b783c
Show file tree

Hide file tree

Showing 7 changed files with 160 additions and 3 deletions.
diff --git a/.github/workflows/cachix.yml b/.github/workflows/cachix.yml
@@ -21,6 +21,24 @@ jobs:
     - name: Build Packages
       run: nix build .#${{ matrix.package }}
 
+  build-packages:
+    strategy:
+      matrix:
+        package: [ ddns ]
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: cachix/install-nix-action@v20
+      with:
+        nix_path: nixpkgs=channel:nixos-unstable
+    - uses: cachix/cachix-action@v12
+      with:
+        name: inclyc
+        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+    # Cherry-picked from https://github.com/TGuimbert/dotfiles/blob/3b9d27ec6e22ab7c70819799876e4eb089678424/.github/workflows/cachix.yaml#L8
+    - name: Build Packages
+      run: nix build .#${{ matrix.package }}
+
   build-home-configurations:
     strategy:
       matrix:

diff --git a/nixos/configurations/adrastea/networking.nix b/nixos/configurations/adrastea/networking.nix
@@ -113,4 +113,21 @@ in
   '';
 
   inclyc.services.rathole.configFile = config.sops.templates."rathole-client.toml".path;
+
+  sops.secrets."ddns/cloudflare" = { };
+  services.ddns."cloudflare-adrastea" = {
+    ipv6 = "adrastea.lyc.dev";
+    index6 = "default";
+    dns = "cloudflare";
+    environmentFile = [ config.sops.secrets."ddns/cloudflare".path ];
+    onCalendar = "minutely";
+  };
+
+  services.ddns."cloudflare-adrastea-6" = {
+    ipv6 = "6.adrastea.lyc.dev";
+    index6 = "default";
+    dns = "cloudflare";
+    environmentFile = [ config.sops.secrets."ddns/cloudflare".path ];
+    onCalendar = "minutely";
+  };
 }
diff --git a/nixos/modules/ddns.nix b/nixos/modules/ddns.nix
@@ -0,0 +1,100 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  inherit (lib)
+    filterAttrs
+    mapAttrs'
+    mkIf
+    mkOption
+    nameValuePair
+    toUpper
+    types
+    ;
+  cfg = config.services.ddns;
+  ddnsOptions = {
+    options = {
+      ipv4 = mkOption {
+        type = with types; nullOr str;
+        default = null;
+      };
+      ipv6 = mkOption {
+        type = with types; nullOr str;
+        default = null;
+      };
+      index4 = mkOption {
+        type = with types; nullOr str;
+        default = null;
+      };
+      index6 = mkOption {
+        type = with types; nullOr str;
+        default = null;
+      };
+      ttl = mkOption {
+        type = with types; nullOr int;
+        default = null;
+      };
+      proxy = mkOption {
+        type = with types; nullOr str;
+        default = null;
+      };
+      dns = mkOption {
+        type = with types; nullOr str;
+        default = null;
+      };
+      package = mkOption {
+        type = with types; package;
+        default = pkgs.ddns;
+      };
+      extraPath = mkOption {
+        type = with types; listOf package;
+        default = [ ];
+      };
+      environmentFile = mkOption {
+        type = with types; listOf str;
+        default = [ ];
+      };
+      onCalendar = mkOption {
+        type = with types; nullOr str;
+        default = null;
+      };
+    };
+  };
+  mkService = name: ddns: {
+    path = [ ddns.package ] ++ ddns.extraPath;
+    environment = mapAttrs' (name: value: nameValuePair "DDNS_${toUpper name}" value) (
+      filterAttrs (n: v: (builtins.typeOf v) == "string" && n != "onCalendar") ddns
+    );
+    serviceConfig = {
+      ExecStart = "${ddns.package}/bin/ddns";
+      EnvironmentFile = ddns.environmentFile;
+      DynamicUser = true;
+    };
+  };
+  mkTimer =
+    name: ddns:
+    mkIf (ddns.onCalendar != null) {
+      wantedBy = [ "timers.target" ];
+      timerConfig = {
+        OnCalendar = ddns.onCalendar;
+        Persistent = true;
+      };
+    };
+in
+{
+  options.services.ddns = mkOption {
+    default = { };
+    type = types.attrsOf (types.submodule ddnsOptions);
+  };
+  config = lib.mkIf (cfg != { }) (
+    lib.mkMerge [
+      {
+        systemd.services = mapAttrs' (n: v: nameValuePair "ddns-${n}" (mkService n v)) cfg;
+        systemd.timers = mapAttrs' (n: v: nameValuePair "ddns-${n}" (mkTimer n v)) cfg;
+      }
+    ]
+  );
+}
diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix
@@ -11,6 +11,7 @@
     ./clash
     ./nix.nix
     ./rathole.nix
+    ./ddns.nix
     ./nix-ld.nix
     ./gui.nix
     ./user.nix

diff --git a/pkgs/ddns/default.nix b/pkgs/ddns/default.nix
@@ -0,0 +1,17 @@
+{ buildPythonApplication
+, fetchPypi
+}:
+buildPythonApplication
+rec {
+  pname = "ddns";
+  version = "2.12.0";
+  name = "${pname}-${version}";
+  src = fetchPypi {
+    inherit pname version;
+    sha256 = "A41erAo7KOkgPpE+Izuof+MuUzOORPPraxFoj4/dtk0=";
+  };
+
+  # Ungly hack for https://github.com/NewFuture/DDNS/blob/a1a8f8565c80d9702a49fcb45f18b32dfb4dba26/setup.py#L47
+  # setup a fack "travis" environment, pass package version to skip the check
+  TRAVIS_TAG = version;
+}
diff --git a/pkgs/default.nix b/pkgs/default.nix
@@ -5,4 +5,5 @@
   topsap = pkgs.callPackage ./topsap { };
   code-oss = pkgs.callPackage ./code-oss/package.nix { };
   wemeet = pkgs.callPackage ./wemeet/package.nix { };
+  ddns = pkgs.python3.pkgs.callPackage ./ddns { };
 }
diff --git a/secrets/general.yaml b/secrets/general.yaml
@@ -2,6 +2,9 @@ email:
     zoho:
         password: ENC[AES256_GCM,data:AXI9RkSetE7EwoKBSsYyZg==,iv:bUxhvsGkztiNJmDA9XUgklFt4NUDbWjJwqIyJgJxgWU=,tag:DWmoR8UbqGscKpRCyIBmhA==,type:str]
 swyjs-credential: ENC[AES256_GCM,data:QPCz7LrmLasix3uHuftClwVow1aCvg0cHCllnzlVjOmb6PWOgX/+azNaWOos6/P4R9yA62T7T6o4bLF7QHqE1xvPqc7omF63sA0hk7plFfb9rPYmTUWe,iv:MzYgRxfgcr8zKJ9v6myQhUsyI/ZpA7/qbFhqwZabGn8=,tag:+69k5Y4gISPgUY5Byfr0vQ==,type:str]
+ddns:
+    cloudflare: ENC[AES256_GCM,data:UcthJzZqzK9wZe7Hx0p7T5QYDvAfPEJb8EntiATvIMjHKd/mqkr+6MoSALkyhSNZBUrvPA==,iv:kgiOY5Ki3szzYc8yremLUXGX7E8K12fBA/2BZMzEUH0=,tag:BXIYPRjd+sNq8/nr1X/5eA==,type:str]
+    dnspod: ENC[AES256_GCM,data:WdJouq3pD8Ld16H1nl6yQg+6DjJFCdqR4m45oIahDLYqFLKE/CLinx2fdizHjbRQtk1DOSEEFXPE8ek=,iv:wtOddFfzRG3o3R1HaECF+MpMnP2je6JoiPYUlol1Vr8=,tag:TN7RTWGrbNtuufqRBYys5g==,type:str]
 clash-provider:
     dler: ENC[AES256_GCM,data:5WapDgbdTNoqpcBS3uH0K/NBx+ZT0nffz8/1/7BypPCFL6da18BY9z2EFMvMukm+e4OjjnBFU0nmNwuOLbwE9kjapDPjqaKEyLtY4DjhUAk=,iv:VuGCzTFGbim9iZmgx4KCGO41T536SABdMrRDtkXYNOs=,tag:y+Wc7tSC39GkzqOa7LcGyg==,type:str]
     mielink: ENC[AES256_GCM,data:H/Ov6NzbWAGH1tRWLzbuvhf4/JNKvCw2Vvm0kblOim5CzeXHyOohHShtTsx7XDbwwz3W4wp7EBv3nnRbV0xeHq8=,iv:t8QzBVDxjy1GEAgiCkGMD2dcEI3RC0hI53yJ1gp2ew4=,tag:rksQaZOp7XhOWNnKhqzmeA==,type:str]
@@ -56,8 +59,8 @@ sops:
             ZDg0T2hqR2tROVI1T1BLeFNnaGVYY1EKOnOp5ZPo48XIB7d9PnG2sKvsoLX32XEm
             Pqf4UTOmT47SSKsvu5xgxPXJrhBySkspn97gtpl9bYG4n8HYCSw+hg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-06-11T14:04:05Z"
-    mac: ENC[AES256_GCM,data:5Q9W6On7XvyWxvHc1CAaX46EBaYiE3olgW9Gci4RrTYg2X1/sNxFpJxicDSJIjM3fwp99Z3xFmdXsupvj+sRBn9/BrHjQ5biPAH/HKkW0gCPSAFSQuLaHSCMvVra47udbL8iOpOUIXhjKsNeDO9IaOiukh7FvOkFAi3AKiCSnek=,iv:Y9/P4k1qZSVUX88wz3xZXA0juc+XE65i3Ltzl1c18Pg=,tag:qMLyzSL6hibcGlxnhzyRmQ==,type:str]
+    lastmodified: "2024-10-07T06:30:24Z"
+    mac: ENC[AES256_GCM,data:ZuUXYdBICd5z8DnBVjPNhET5hBVrFhL0ZehJ9RQMBbutl31VqY1DoO47+88cndc/2Loc4525DbNls/myz2Ss8A+NsTpFlSztrV/IQNyDjTtiPT7eqUJuebT+3TTD8fvG0fUv3ucIzaJSwKsgBDEmKIpO7Ubtdn4i6TU8uuC+yzk=,iv:rwYr3jqGYfJ7ms3DSzMwoTLr11MbCWiHWq6xnabBvUs=,tag:ozQPBOe12QI/8Y3/AMFcNQ==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.8.1
+    version: 3.9.0