noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2024-11-22 15:45:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

don't enable cloudflare-dyndns unless domain list is non-empty

Browse Source
This commit is contained in:
Noah Masur 2024-03-30 18:03:52 +00:00
parent c4a1c7564c
commit 5e1534451d
No known key found for this signature in database
1 changed files with 41 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
modules/nixos/services/cloudflare.nix
View File

@ -98,22 +98,25 @@ in {
services.transmission.settings.rpc-whitelist = services.transmission.settings.rpc-whitelist =
builtins.concatStringsSep "," ([ "127.0.0.1" ] ++ cloudflareIpRanges); builtins.concatStringsSep "," ([ "127.0.0.1" ] ++ cloudflareIpRanges);
services.cloudflare-dyndns = { services.cloudflare-dyndns = lib.mkIf
((builtins.length config.services.cloudflare-dyndns.domains) > 0) {
enable = true; enable = true;
proxied = true; proxied = true;
deleteMissing = true; deleteMissing = true;
apiTokenFile = config.secrets.cloudflare-api.dest; apiTokenFile = config.secrets.cloudflare-api.dest;
}; };
# Wait for secret to exist # Wait for secret to exist to start
systemd.services.cloudflare-dyndns = { systemd.services.cloudflare-dyndns =
lib.mkIf config.services.cloudflare-dyndns.enable {
after = [ "cloudflare-api-secret.service" ]; after = [ "cloudflare-api-secret.service" ];
requires = [ "cloudflare-api-secret.service" ]; requires = [ "cloudflare-api-secret.service" ];
}; };
# Run a second copy of dyn-dns for non-proxied domains # Run a second copy of dyn-dns for non-proxied domains
# Adapted from: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/networking/cloudflare-dyndns.nix # Adapted from: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/networking/cloudflare-dyndns.nix
systemd.services.cloudflare-dyndns-noproxy = { systemd.services.cloudflare-dyndns-noproxy =
lib.mkIf ((builtins.length config.cloudflare.noProxyDomains) > 0) {
description = "CloudFlare Dynamic DNS Client (no proxy)"; description = "CloudFlare Dynamic DNS Client (no proxy)";
after = [ "network.target" "cloudflare-api-secret.service" ]; after = [ "network.target" "cloudflare-api-secret.service" ];
requires = [ "cloudflare-api-secret.service" ]; requires = [ "cloudflare-api-secret.service" ];
@ -130,7 +133,8 @@ in {
StateDirectory = "cloudflare-dyndns-noproxy"; StateDirectory = "cloudflare-dyndns-noproxy";
EnvironmentFile = config.services.cloudflare-dyndns.apiTokenFile; EnvironmentFile = config.services.cloudflare-dyndns.apiTokenFile;
ExecStart = let ExecStart = let
args = [ "--cache-file /var/lib/cloudflare-dyndns-noproxy/ip.cache" ] args =
[ "--cache-file /var/lib/cloudflare-dyndns-noproxy/ip.cache" ]
++ (if config.services.cloudflare-dyndns.ipv4 then ++ (if config.services.cloudflare-dyndns.ipv4 then
[ "-4" ] [ "-4" ]
else else