diff options
author | Franck Cuny <franck@fcuny.net> | 2024-12-15 11:21:54 -0800 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2024-12-15 11:21:54 -0800 |
commit | e48ba8e6598a7db8b2720f4fb62c683a7d13840e (patch) | |
tree | 1ce5b925249bebf38a3d3ce98b2f88e2b32556e4 | |
parent | add recipe to edit secret (diff) | |
download | world-e48ba8e6598a7db8b2720f4fb62c683a7d13840e.tar.gz |
run `ddns-updater' on `vm-synology'
It has a small UI and the configuration with the secrets is managed with `agenix'.
Diffstat (limited to '')
-rw-r--r-- | README.md | 6 | ||||
-rw-r--r-- | README.org | 7 | ||||
-rw-r--r-- | nix/machines/vm-synology/ddns.nix | 21 | ||||
-rw-r--r-- | nix/machines/vm-synology/default.nix | 2 | ||||
-rw-r--r-- | secrets/ddns-updater.age | bin | 0 -> 839 bytes | |||
-rw-r--r-- | secrets/secrets.nix | 5 |
6 files changed, 33 insertions, 8 deletions
diff --git a/README.md b/README.md deleted file mode 100644 index ece55f0..0000000 --- a/README.md +++ /dev/null @@ -1,6 +0,0 @@ -Tools, scripts, and configurations for my machines. - -## Linux VM - -- using UTM -- deploy by running `nixos-rebuild switch --flake ".#vm"` on the VM diff --git a/README.org b/README.org new file mode 100644 index 0000000..377e658 --- /dev/null +++ b/README.org @@ -0,0 +1,7 @@ +Tools, scripts, and configurations for my machines. + +* Services +** ddns-updater +This service runs on =vm-synology=. + +There's a web UI accessible at http://vm-synology:8000 diff --git a/nix/machines/vm-synology/ddns.nix b/nix/machines/vm-synology/ddns.nix new file mode 100644 index 0000000..df59793 --- /dev/null +++ b/nix/machines/vm-synology/ddns.nix @@ -0,0 +1,21 @@ +{ ... }: { + age.secrets.ddns-updater = { + file = ../../../secrets/ddns-updater.age; + owner = "root"; + group = "root"; + mode = "600"; + }; + + # https://github.com/NixOS/nixpkgs/blob/e028379cfb9d92e49120e46045042998dfed87d0/nixos/modules/services/networking/ddns-updater.nix# + services.ddns-updater = { + enable = true; + environment = { + RESOLVER_ADDRESS = "8.8.8.8:53"; + CONFIG_FILEPATH = "%d/config.json"; + }; + }; + + # https://systemd.io/CREDENTIALS/ + systemd.services.ddns-updater.serviceConfig.LoadCredential = + "config.json:/run/agenix/ddns-updater"; +} diff --git a/nix/machines/vm-synology/default.nix b/nix/machines/vm-synology/default.nix index 8af114b..690e474 100644 --- a/nix/machines/vm-synology/default.nix +++ b/nix/machines/vm-synology/default.nix @@ -1,5 +1,5 @@ { ... }: { - imports = [ ./hardware.nix ../vm-shared.nix ]; + imports = [ ./hardware.nix ../vm-shared.nix ./ddns.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; diff --git a/secrets/ddns-updater.age b/secrets/ddns-updater.age new file mode 100644 index 0000000..d457178 --- /dev/null +++ b/secrets/ddns-updater.age Binary files differdiff --git a/secrets/secrets.nix b/secrets/secrets.nix index 69c15f3..a2ea4c7 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -9,4 +9,7 @@ let "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHf5gXGbOjaoqdpCDnHjBMhikuM0smLKhUo7J83+by+K"; systems = [ vm-aarch64 vm-synology ]; in -{ "restic-backups.age".publicKeys = [ fcuny vm-synology ]; } +{ + "restic-backups.age".publicKeys = [ fcuny vm-synology ]; + "ddns-updater.age".publicKeys = users ++ [ vm-synology ]; +} |