about summary refs log tree commit diff
path: root/nix/machines/vm-synology
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--nix/machines/vm-synology/ddns.nix21
-rw-r--r--nix/machines/vm-synology/default.nix2
2 files changed, 22 insertions, 1 deletions
diff --git a/nix/machines/vm-synology/ddns.nix b/nix/machines/vm-synology/ddns.nix
new file mode 100644
index 0000000..df59793
--- /dev/null
+++ b/nix/machines/vm-synology/ddns.nix
@@ -0,0 +1,21 @@
+{ ... }: {
+  age.secrets.ddns-updater = {
+    file = ../../../secrets/ddns-updater.age;
+    owner = "root";
+    group = "root";
+    mode = "600";
+  };
+
+  # https://github.com/NixOS/nixpkgs/blob/e028379cfb9d92e49120e46045042998dfed87d0/nixos/modules/services/networking/ddns-updater.nix#
+  services.ddns-updater = {
+    enable = true;
+    environment = {
+      RESOLVER_ADDRESS = "8.8.8.8:53";
+      CONFIG_FILEPATH = "%d/config.json";
+    };
+  };
+
+  # https://systemd.io/CREDENTIALS/
+  systemd.services.ddns-updater.serviceConfig.LoadCredential =
+    "config.json:/run/agenix/ddns-updater";
+}
diff --git a/nix/machines/vm-synology/default.nix b/nix/machines/vm-synology/default.nix
index 8af114b..690e474 100644
--- a/nix/machines/vm-synology/default.nix
+++ b/nix/machines/vm-synology/default.nix
@@ -1,5 +1,5 @@
 { ... }: {
-  imports = [ ./hardware.nix ../vm-shared.nix ];
+  imports = [ ./hardware.nix ../vm-shared.nix ./ddns.nix ];
 
   # Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;