mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tvl-depot/third_party/ddclient/module.nix
sterni ffc1fb8f5c chore(3p/sources): Bump channels & overlays 
* //users/grfn: vendor ddclient module and package into depot

  //3p/ddclient now contains the removed package expression and
  NixOS module with the following changes:

  - Include former uid/gid settings from ids.nix which have been removed
    by upstream with the ddclient module.

  - Rename to deprecate-ddclient, since it is impossible at the moment
    to prevent the corresponding mkRemovedOptionModule from being
    imported (https://github.com/NixOS/nixpkgs/issues/245265).
    I wrote a patch for nixpkgs that would at least allow individual
    mkRemovedOptionModule to be disable, but it is stuck for now:
    https://github.com/NixOS/nixpkgs/pull/245274.

* //tools/magrathea:

  We need to pass -host to csc due to
  https://github.com/NixOS/nixpkgs/pull/246923 now. I don't fully grasp
  what this means, but it works and we are hardly cross-compiling, so it
  should be fine until I can get some answers from the change author.

* //3p/nixpkgs:nixos-option: provide latest Nix as input

  https://github.com/NixOS/nixpkgs/pull/237442 adapted nixos-option to
  API changes in Nix's libraries which means it needs to be built
  against Nix 2.15, not 2.3. Let's hope it stays up to date with the
  latest Nix version in the future, so we can keep this override as is.

  Sadly this means that machines in depot will depend on two
  versions of Nix going forward.

* //3p/nixpkgs:tdlib: update to match emacs-overlay

Change-Id: Iac4dba58a076ecf25e8647fd9a06cbabf2f7809e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9004
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-08-08 20:33:01 +00:00

230 lines
6.7 KiB
Nix
Raw Blame History

# SPDX-License-Identifier: MIT
# SPDX-FileCopyrightText: Copyright (c) 2003-2023 The Nixpkgs/NixOS contributors
{ config, pkgs, lib, ... }:
let
cfg = config.services.deprecated-ddclient;
boolToStr = bool: if bool then "yes" else "no";
dataDir = "/var/lib/ddclient";
StateDirectory = builtins.baseNameOf dataDir;
RuntimeDirectory = StateDirectory;
configFile' = pkgs.writeText "ddclient.conf" ''
# This file can be used as a template for configFile or is automatically generated by Nix options.
cache=${dataDir}/ddclient.cache
foreground=YES
use=${cfg.use}
login=${cfg.username}
password=${if cfg.protocol == "nsupdate" then "/run/${RuntimeDirectory}/ddclient.key" else "@password_placeholder@"}
protocol=${cfg.protocol}
${lib.optionalString (cfg.script != "") "script=${cfg.script}"}
${lib.optionalString (cfg.server != "") "server=${cfg.server}"}
${lib.optionalString (cfg.zone != "") "zone=${cfg.zone}"}
ssl=${boolToStr cfg.ssl}
wildcard=YES
quiet=${boolToStr cfg.quiet}
verbose=${boolToStr cfg.verbose}
${cfg.extraConfig}
${lib.concatStringsSep "," cfg.domains}
'';
configFile = if (cfg.configFile != null) then cfg.configFile else configFile';
preStart = ''
install --mode=600 --owner=$USER ${configFile} /run/${RuntimeDirectory}/ddclient.conf
${lib.optionalString (cfg.configFile == null) (if (cfg.protocol == "nsupdate") then ''
install --mode=600 --owner=$USER ${cfg.passwordFile} /run/${RuntimeDirectory}/ddclient.key
'' else if (cfg.passwordFile != null) then ''
"${pkgs.replace-secret}/bin/replace-secret" "@password_placeholder@" "${cfg.passwordFile}" "/run/${RuntimeDirectory}/ddclient.conf"
'' else ''
sed -i '/^password=@password_placeholder@$/d' /run/${RuntimeDirectory}/ddclient.conf
'')}
'';
in
with lib;
{
###### interface
options = {
services.deprecated-ddclient = with lib.types; {
enable = mkOption {
default = false;
type = bool;
description = lib.mdDoc ''
Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org).
'';
};
package = mkOption {
type = package;
default = pkgs.ddclient;
defaultText = lib.literalExpression "pkgs.ddclient";
description = lib.mdDoc ''
The ddclient executable package run by the service.
'';
};
domains = mkOption {
default = [ "" ];
type = listOf str;
description = lib.mdDoc ''
Domain name(s) to synchronize.
'';
};
username = mkOption {
# For `nsupdate` username contains the path to the nsupdate executable
default = lib.optionalString (cfg.protocol == "nsupdate") "${pkgs.bind.dnsutils}/bin/nsupdate";
defaultText = "";
type = str;
description = lib.mdDoc ''
User name.
'';
};
passwordFile = mkOption {
default = null;
type = nullOr str;
description = lib.mdDoc ''
A file containing the password or a TSIG key in named format when using the nsupdate protocol.
'';
};
interval = mkOption {
default = "10min";
type = str;
description = lib.mdDoc ''
The interval at which to run the check and update.
See {command}`man 7 systemd.time` for the format.
'';
};
configFile = mkOption {
default = null;
type = nullOr path;
description = lib.mdDoc ''
Path to configuration file.
When set this overrides the generated configuration from module options.
'';
example = "/root/nixos/secrets/ddclient.conf";
};
protocol = mkOption {
default = "dyndns2";
type = str;
description = lib.mdDoc ''
Protocol to use with dynamic DNS provider (see https://sourceforge.net/p/ddclient/wiki/protocols).
'';
};
server = mkOption {
default = "";
type = str;
description = lib.mdDoc ''
Server address.
'';
};
ssl = mkOption {
default = true;
type = bool;
description = lib.mdDoc ''
Whether to use SSL/TLS to connect to dynamic DNS provider.
'';
};
quiet = mkOption {
default = false;
type = bool;
description = lib.mdDoc ''
Print no messages for unnecessary updates.
'';
};
script = mkOption {
default = "";
type = str;
description = lib.mdDoc ''
script as required by some providers.
'';
};
use = mkOption {
default = "web, web=checkip.dyndns.com/, web-skip='Current IP Address: '";
type = str;
description = lib.mdDoc ''
Method to determine the IP address to send to the dynamic DNS provider.
'';
};
verbose = mkOption {
default = false;
type = bool;
description = lib.mdDoc ''
Print verbose information.
'';
};
zone = mkOption {
default = "";
type = str;
description = lib.mdDoc ''
zone as required by some providers.
'';
};
extraConfig = mkOption {
default = "";
type = lines;
description = lib.mdDoc ''
Extra configuration. Contents will be added verbatim to the configuration file.
::: {.note}
`daemon` should not be added here because it does not work great with the systemd-timer approach the service uses.
:::
'';
};
};
};
###### implementation
config = mkMerge [
(mkIf cfg.enable {
systemd.services.ddclient = {
description = "Dynamic DNS Client";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
restartTriggers = optional (cfg.configFile != null) cfg.configFile;
path = lib.optional (lib.hasPrefix "if," cfg.use) pkgs.iproute2;
serviceConfig = {
DynamicUser = true;
RuntimeDirectoryMode = "0700";
inherit RuntimeDirectory;
inherit StateDirectory;
Type = "oneshot";
ExecStartPre = "!${pkgs.writeShellScript "ddclient-prestart" preStart}";
ExecStart = "${lib.getBin cfg.package}/bin/ddclient -file /run/${RuntimeDirectory}/ddclient.conf";
};
};
systemd.timers.ddclient = {
description = "Run ddclient";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = cfg.interval;
OnUnitInactiveSec = cfg.interval;
};
};
})
{
ids.uids.ddclient = 30;
ids.gids.ddclient = 30;
}
];
}
Reference in a new issue View git blame Copy permalink