diff options
| author | Franck Cuny <franck@fcuny.net> | 2024-12-15 11:21:54 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2024-12-15 11:21:54 -0800 |
| commit | e48ba8e6598a7db8b2720f4fb62c683a7d13840e (patch) | |
| tree | 1ce5b925249bebf38a3d3ce98b2f88e2b32556e4 /nix/machines | |
| parent | add recipe to edit secret (diff) | |
| download | world-e48ba8e6598a7db8b2720f4fb62c683a7d13840e.tar.gz | |
run `ddns-updater' on `vm-synology'
It has a small UI and the configuration with the secrets is managed with `agenix'.
Diffstat (limited to '')
| -rw-r--r-- | nix/machines/vm-synology/ddns.nix | 21 | ||||
| -rw-r--r-- | nix/machines/vm-synology/default.nix | 2 |
2 files changed, 22 insertions, 1 deletions
diff --git a/nix/machines/vm-synology/ddns.nix b/nix/machines/vm-synology/ddns.nix new file mode 100644 index 0000000..df59793 --- /dev/null +++ b/nix/machines/vm-synology/ddns.nix @@ -0,0 +1,21 @@ +{ ... }: { + age.secrets.ddns-updater = { + file = ../../../secrets/ddns-updater.age; + owner = "root"; + group = "root"; + mode = "600"; + }; + + # https://github.com/NixOS/nixpkgs/blob/e028379cfb9d92e49120e46045042998dfed87d0/nixos/modules/services/networking/ddns-updater.nix# + services.ddns-updater = { + enable = true; + environment = { + RESOLVER_ADDRESS = "8.8.8.8:53"; + CONFIG_FILEPATH = "%d/config.json"; + }; + }; + + # https://systemd.io/CREDENTIALS/ + systemd.services.ddns-updater.serviceConfig.LoadCredential = + "config.json:/run/agenix/ddns-updater"; +} diff --git a/nix/machines/vm-synology/default.nix b/nix/machines/vm-synology/default.nix index 8af114b..690e474 100644 --- a/nix/machines/vm-synology/default.nix +++ b/nix/machines/vm-synology/default.nix @@ -1,5 +1,5 @@ { ... }: { - imports = [ ./hardware.nix ../vm-shared.nix ]; + imports = [ ./hardware.nix ../vm-shared.nix ./ddns.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; |