diff options
| -rw-r--r-- | flake.nix | 8 | ||||
| -rw-r--r-- | tools/dnsupdate/README.org (renamed from cmd/dnsupdate/README.org) | 5 | ||||
| -rw-r--r-- | tools/dnsupdate/default.nix | 19 | ||||
| -rw-r--r-- | tools/dnsupdate/go.mod (renamed from go.mod) | 2 | ||||
| -rw-r--r-- | tools/dnsupdate/go.sum (renamed from go.sum) | 0 | ||||
| -rw-r--r-- | tools/dnsupdate/main.go (renamed from cmd/dnsupdate/main.go) | 0 | ||||
| -rw-r--r-- | tools/dnsupdate/ts.go (renamed from cmd/dnsupdate/ts.go) | 0 |
7 files changed, 25 insertions, 9 deletions
diff --git a/flake.nix b/flake.nix index 4aa409b..685e66d 100644 --- a/flake.nix +++ b/flake.nix @@ -55,13 +55,7 @@ packages = pkgs // { inherit home-manager; - # nix run .#dnsupdate - dnsupdate = pkgs.writers.writeBashBin "dnsupdate" '' - #!/usr/bin/env bash - export TS_API_KEY=$(pass api/api.tailscale.com) - export GOOGLE_APPLICATION_CREDENTIALS=/run/agenix/gcloud/world-nix - go run ./cmd/dnsupdate/ - ''; + tools = { dnsupdate = import ./tools/dnsupdate { inherit pkgs; }; }; users.fcuny = { blog = import ./users/fcuny/blog { inherit pkgs; }; diff --git a/cmd/dnsupdate/README.org b/tools/dnsupdate/README.org index a80e407..2e7ca01 100644 --- a/cmd/dnsupdate/README.org +++ b/tools/dnsupdate/README.org @@ -1,7 +1,10 @@ #+TITLE: dnsupdate -Utility to update the managed zone for =fcuny.xyz= in Google Cloud. +Utility to update the managed zone for =fcuny.xyz= in Google Cloud DNS. I use the domain =fcuny.xyz= to run a number of services on an IP provided by Tailscale. I don't want these domains to be visible on the web, but I also want to have a valid HTTPS certificate for them. By having a proper DNS I can use ACME to get the certificates, without making them available. Instead of updating the subdomains through the [[https://console.cloud.google.com/net-services/dns/zones/fcuny-xyz/details?project=fcuny-homelab][console]], I can now run this program. + +* Run +To update the records, run =nix run .#tools.dnsupdate.push=. diff --git a/tools/dnsupdate/default.nix b/tools/dnsupdate/default.nix new file mode 100644 index 0000000..b8201c0 --- /dev/null +++ b/tools/dnsupdate/default.nix @@ -0,0 +1,19 @@ +{ pkgs, ... }: + +pkgs.buildGoModule rec { + name = "dnsupdate"; + src = ./.; + vendorSha256 = "sha256-DQ/kYC/EZpcOKk0Y+DvwJtAPZpamxvEl7gKk8uEB2Ls="; + nativeBuildInputs = with pkgs; [ go ]; + + push = pkgs.writers.writeBashBin "dns-push" '' + set -ueo pipefail + + cd $(git rev-parse --show-toplevel)/tools/dnsupdate + + export TS_API_KEY=$(pass api/api.tailscale.com) + export GOOGLE_APPLICATION_CREDENTIALS=/run/agenix/gcloud/world-nix + + go run . + ''; +} diff --git a/go.mod b/tools/dnsupdate/go.mod index 567819c..99fcce4 100644 --- a/go.mod +++ b/tools/dnsupdate/go.mod @@ -1,4 +1,4 @@ -module golang.fcuny.net/world +module golang.fcuny.net/world/tools/dnsupdate go 1.16 diff --git a/go.sum b/tools/dnsupdate/go.sum index d2af195..d2af195 100644 --- a/go.sum +++ b/tools/dnsupdate/go.sum diff --git a/cmd/dnsupdate/main.go b/tools/dnsupdate/main.go index 6748ee9..6748ee9 100644 --- a/cmd/dnsupdate/main.go +++ b/tools/dnsupdate/main.go diff --git a/cmd/dnsupdate/ts.go b/tools/dnsupdate/ts.go index 4d3ebb3..4d3ebb3 100644 --- a/cmd/dnsupdate/ts.go +++ b/tools/dnsupdate/ts.go |