Skip to content

Commit

Permalink
feat: add ddclient
Browse files Browse the repository at this point in the history
  • Loading branch information
@ajgon
ajgon committed Nov 4, 2024
1 parent e7d266e commit 5448952
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 2 deletions.
2 changes: 2 additions & 0 deletions machines/deedee/configuration.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,8 @@ rec {
adminPasswordSopsSecret = "credentials/services/admin";
};

ddclient.enable = true;

docker = {
enable = true;
rootless = false;
Expand Down
6 changes: 4 additions & 2 deletions machines/deedee/secrets.sops.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,8 @@ system:
bazarr:
env:
BAZARR__API_KEY: ENC[AES256_GCM,data:VX8vZcRO9Lrp+aLMz0bxYsXdlvbxwlwWwj8nY89UZgU=,iv:sVokTihff9vZv3LmDx8vDrZNClud3TUYwH2jZmuuKQg=,tag:K7TbxLgUOGd2s8XvG91VaQ==,type:str]
ddclient:
cloudflare_token: ENC[AES256_GCM,data:edAKKffA/uyxHfVCE5pnk8KFcuzAbWZaqvHMgfykZPmrlezxJFFZBw==,iv:RgwmTIu3szeB58O4fzEmIR3BGY2CbaAGFTdVewTDJtU=,tag:SA1aqxUv5B1Jv7rmblqrEw==,type:str]
firefly-iii:
env:
APP_KEY: ENC[AES256_GCM,data:ks/31NYsRRo9SrEbRfeQhUxn9pRfvXYExhUY9y84TXA=,iv:vn8R/bJU2PFbQjOsKNRerj3uNAynjwInalWGCYjGVI0=,tag:ME3XtRW7EkpgiY/banycsQ==,type:str]
Expand Down Expand Up @@ -174,8 +176,8 @@ sops:
c3FoaFNzbjJubzlBckdDb2lNOUZtOGMKRbHxa1B3QAdredBMTd7W7g3kRz6l8uyV
bBclsA8Gm7p+6ndV39sN+Daqm5MyggY1Prwv/Ukdd5Q+1C+XsEW6OQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-04T13:30:18Z"
mac: ENC[AES256_GCM,data:MoZ3elL/tNYubWYOS4ea0OIeaYRupEAx+mrWqQvovaALgS8uK+wkvEWiMwfiry7o1kdp7bzIdezGkHgdwMTY6qODl5cprNTHdt0OxErud/PDbh71d+QuMl0yMIyb0ZezR4mGxKroBLLnWoS0dqcFRfu84gnJv9sUGd3B2JIpWB0=,iv:fslyVgfauGaBtNuABmyj9+Dgi69Q/ldrY8Oh2INXcAs=,tag:zRWs7yhmmg99YnekqoAPDA==,type:str]
lastmodified: "2024-11-04T17:42:00Z"
mac: ENC[AES256_GCM,data:plrn/rOgJCqRB+TGr7VkZ6uMtDJTF//ror1uCpQuy7/t6zEhYdqyN1UgIg4ck49EgWJy501QpZ70hPP/RBRWVb6VfqKcugnzz4QBUqpbakAVK1hCRT8Psh3WyZ+HHc2L/WatGgJwq59HrfAbtFS1G1U2ztq4jrgM7+9E9U7K9ho=,iv:TfEp0b8W19v5Uvq/0xLvWuReKD7K3P/VKiJZ/QeYxOU=,tag:H/McFxlGS6rlfvIi00jSow==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
2 changes: 2 additions & 0 deletions modules/system/apps/adguardhome/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,8 @@ in
useAuthelia = config.mySystemApps.authelia.enable;
};

networking.firewall.allowedUDPPorts = [ 53 ];

mySystemApps.homepage = {
services.Apps.AdGuardHome = svc.mkHomepage "adguard" // {
icon = "adguard-home.svg";
Expand Down
33 changes: 33 additions & 0 deletions modules/system/apps/ddclient/default.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
{ config, lib, ... }:
let
cfg = config.mySystemApps.ddclient;
in
{
options.mySystemApps.ddclient = {
enable = lib.mkEnableOption "ddclient app";
cloudflareTokenSopsSecret = lib.mkOption {
type = lib.types.str;
description = "Sops secret name containing cloudflare token.";
default = "system/apps/ddclient/cloudflare_token";
};
};

config = lib.mkIf cfg.enable {
sops.secrets."${cfg.cloudflareTokenSopsSecret}" = {
restartUnits = [ "ddclient.service" ];
};

services.ddclient = {
enable = true;
ssl = true;
usev4 = "webv4, webv4=https://cloudflare.com/cdn-cgi/trace, webv4-skip='ip='";
usev6 = "disabled";
protocol = "cloudflare";
zone = "${config.mySystem.rootDomain}";
extraConfig = "ttl=1";
domains = [ "homelab.${config.mySystem.rootDomain}" ];
username = "token";
passwordFile = config.sops.secrets."${cfg.cloudflareTokenSopsSecret}".path;
};
};
}
1 change: 1 addition & 0 deletions modules/system/apps/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ _: {
./core.nix

./adguardhome
./ddclient
./docker
./incus
./letsencrypt
Expand Down

0 comments on commit 5448952

Please sign in to comment.