diff options
| author | Franck Cuny <franck@fcuny.net> | 2022-05-25 19:39:32 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2022-05-25 19:39:32 -0700 |
| commit | a4c74ea0decb9c6e04b9abb5124b81438940d07f (patch) | |
| tree | 1fc0893b7685b42363168ebcdcce0ba04760222f /tools/dnsupdate | |
| parent | ref(notes): drop flake.nix (diff) | |
| download | world-a4c74ea0decb9c6e04b9abb5124b81438940d07f.tar.gz | |
ref(dnsupdate): move under tools
Integrate properly the tool `dnsupdate` with flake.nix, by adding a default.nix inside its directory. Having all the tools under a directory named `tools` is easier to reason about. I don't need a go.mod at the top level directory either, each tool will have its own.
Diffstat (limited to '')
| -rw-r--r-- | tools/dnsupdate/README.org (renamed from cmd/dnsupdate/README.org) | 5 | ||||
| -rw-r--r-- | tools/dnsupdate/default.nix | 19 | ||||
| -rw-r--r-- | tools/dnsupdate/go.mod (renamed from go.mod) | 2 | ||||
| -rw-r--r-- | tools/dnsupdate/go.sum (renamed from go.sum) | 0 | ||||
| -rw-r--r-- | tools/dnsupdate/main.go (renamed from cmd/dnsupdate/main.go) | 0 | ||||
| -rw-r--r-- | tools/dnsupdate/ts.go (renamed from cmd/dnsupdate/ts.go) | 0 |
6 files changed, 24 insertions, 2 deletions
diff --git a/cmd/dnsupdate/README.org b/tools/dnsupdate/README.org index a80e407..2e7ca01 100644 --- a/cmd/dnsupdate/README.org +++ b/tools/dnsupdate/README.org @@ -1,7 +1,10 @@ #+TITLE: dnsupdate -Utility to update the managed zone for =fcuny.xyz= in Google Cloud. +Utility to update the managed zone for =fcuny.xyz= in Google Cloud DNS. I use the domain =fcuny.xyz= to run a number of services on an IP provided by Tailscale. I don't want these domains to be visible on the web, but I also want to have a valid HTTPS certificate for them. By having a proper DNS I can use ACME to get the certificates, without making them available. Instead of updating the subdomains through the [[https://console.cloud.google.com/net-services/dns/zones/fcuny-xyz/details?project=fcuny-homelab][console]], I can now run this program. + +* Run +To update the records, run =nix run .#tools.dnsupdate.push=. diff --git a/tools/dnsupdate/default.nix b/tools/dnsupdate/default.nix new file mode 100644 index 0000000..b8201c0 --- /dev/null +++ b/tools/dnsupdate/default.nix @@ -0,0 +1,19 @@ +{ pkgs, ... }: + +pkgs.buildGoModule rec { + name = "dnsupdate"; + src = ./.; + vendorSha256 = "sha256-DQ/kYC/EZpcOKk0Y+DvwJtAPZpamxvEl7gKk8uEB2Ls="; + nativeBuildInputs = with pkgs; [ go ]; + + push = pkgs.writers.writeBashBin "dns-push" '' + set -ueo pipefail + + cd $(git rev-parse --show-toplevel)/tools/dnsupdate + + export TS_API_KEY=$(pass api/api.tailscale.com) + export GOOGLE_APPLICATION_CREDENTIALS=/run/agenix/gcloud/world-nix + + go run . + ''; +} diff --git a/go.mod b/tools/dnsupdate/go.mod index 567819c..99fcce4 100644 --- a/go.mod +++ b/tools/dnsupdate/go.mod @@ -1,4 +1,4 @@ -module golang.fcuny.net/world +module golang.fcuny.net/world/tools/dnsupdate go 1.16 diff --git a/go.sum b/tools/dnsupdate/go.sum index d2af195..d2af195 100644 --- a/go.sum +++ b/tools/dnsupdate/go.sum diff --git a/cmd/dnsupdate/main.go b/tools/dnsupdate/main.go index 6748ee9..6748ee9 100644 --- a/cmd/dnsupdate/main.go +++ b/tools/dnsupdate/main.go diff --git a/cmd/dnsupdate/ts.go b/tools/dnsupdate/ts.go index 4d3ebb3..4d3ebb3 100644 --- a/cmd/dnsupdate/ts.go +++ b/tools/dnsupdate/ts.go |