about summary refs log tree commit diff
path: root/third_party/ddclient/module.nix
diff options
context:
space:
mode:
authorsterni <sternenseemann@systemli.org>2023-08-03T21·25+0200
committerclbot <clbot@tvl.fyi>2023-08-08T20·33+0000
commitffc1fb8f5cff94c9518c1a369d908626d1e4cdab (patch)
tree2f478b4abbb6369c0b2447b574276ac197887037 /third_party/ddclient/module.nix
parentfcda0682357f1ec531c494dac5aa49ba8ae8851a (diff)
chore(3p/sources): Bump channels & overlays r/6473
* //users/grfn: vendor ddclient module and package into depot

  //3p/ddclient now contains the removed package expression and
  NixOS module with the following changes:

  - Include former uid/gid settings from ids.nix which have been removed
    by upstream with the ddclient module.

  - Rename to deprecate-ddclient, since it is impossible at the moment
    to prevent the corresponding mkRemovedOptionModule from being
    imported (https://github.com/NixOS/nixpkgs/issues/245265).
    I wrote a patch for nixpkgs that would at least allow individual
    mkRemovedOptionModule to be disable, but it is stuck for now:
    https://github.com/NixOS/nixpkgs/pull/245274.

* //tools/magrathea:

  We need to pass -host to csc due to
  https://github.com/NixOS/nixpkgs/pull/246923 now. I don't fully grasp
  what this means, but it works and we are hardly cross-compiling, so it
  should be fine until I can get some answers from the change author.

* //3p/nixpkgs:nixos-option: provide latest Nix as input

  https://github.com/NixOS/nixpkgs/pull/237442 adapted nixos-option to
  API changes in Nix's libraries which means it needs to be built
  against Nix 2.15, not 2.3. Let's hope it stays up to date with the
  latest Nix version in the future, so we can keep this override as is.

  Sadly this means that machines in depot will depend on two
  versions of Nix going forward.

* //3p/nixpkgs:tdlib: update to match emacs-overlay

Change-Id: Iac4dba58a076ecf25e8647fd9a06cbabf2f7809e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9004
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Diffstat (limited to 'third_party/ddclient/module.nix')
-rw-r--r--third_party/ddclient/module.nix230
1 files changed, 230 insertions, 0 deletions
diff --git a/third_party/ddclient/module.nix b/third_party/ddclient/module.nix
new file mode 100644
index 000000000000..c8d68f9be932
--- /dev/null
+++ b/third_party/ddclient/module.nix
@@ -0,0 +1,230 @@
+# SPDX-License-Identifier: MIT
+# SPDX-FileCopyrightText: Copyright (c) 2003-2023 The Nixpkgs/NixOS contributors
+{ config, pkgs, lib, ... }:
+
+let
+  cfg = config.services.deprecated-ddclient;
+  boolToStr = bool: if bool then "yes" else "no";
+  dataDir = "/var/lib/ddclient";
+  StateDirectory = builtins.baseNameOf dataDir;
+  RuntimeDirectory = StateDirectory;
+
+  configFile' = pkgs.writeText "ddclient.conf" ''
+    # This file can be used as a template for configFile or is automatically generated by Nix options.
+    cache=${dataDir}/ddclient.cache
+    foreground=YES
+    use=${cfg.use}
+    login=${cfg.username}
+    password=${if cfg.protocol == "nsupdate" then "/run/${RuntimeDirectory}/ddclient.key" else "@password_placeholder@"}
+    protocol=${cfg.protocol}
+    ${lib.optionalString (cfg.script != "") "script=${cfg.script}"}
+    ${lib.optionalString (cfg.server != "") "server=${cfg.server}"}
+    ${lib.optionalString (cfg.zone != "")   "zone=${cfg.zone}"}
+    ssl=${boolToStr cfg.ssl}
+    wildcard=YES
+    quiet=${boolToStr cfg.quiet}
+    verbose=${boolToStr cfg.verbose}
+    ${cfg.extraConfig}
+    ${lib.concatStringsSep "," cfg.domains}
+  '';
+  configFile = if (cfg.configFile != null) then cfg.configFile else configFile';
+
+  preStart = ''
+    install --mode=600 --owner=$USER ${configFile} /run/${RuntimeDirectory}/ddclient.conf
+    ${lib.optionalString (cfg.configFile == null) (if (cfg.protocol == "nsupdate") then ''
+      install --mode=600 --owner=$USER ${cfg.passwordFile} /run/${RuntimeDirectory}/ddclient.key
+    '' else if (cfg.passwordFile != null) then ''
+      "${pkgs.replace-secret}/bin/replace-secret" "@password_placeholder@" "${cfg.passwordFile}" "/run/${RuntimeDirectory}/ddclient.conf"
+    '' else ''
+      sed -i '/^password=@password_placeholder@$/d' /run/${RuntimeDirectory}/ddclient.conf
+    '')}
+  '';
+
+in
+
+with lib;
+
+{
+  ###### interface
+
+  options = {
+
+    services.deprecated-ddclient = with lib.types; {
+
+      enable = mkOption {
+        default = false;
+        type = bool;
+        description = lib.mdDoc ''
+          Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org).
+        '';
+      };
+
+      package = mkOption {
+        type = package;
+        default = pkgs.ddclient;
+        defaultText = lib.literalExpression "pkgs.ddclient";
+        description = lib.mdDoc ''
+          The ddclient executable package run by the service.
+        '';
+      };
+
+      domains = mkOption {
+        default = [ "" ];
+        type = listOf str;
+        description = lib.mdDoc ''
+          Domain name(s) to synchronize.
+        '';
+      };
+
+      username = mkOption {
+        # For `nsupdate` username contains the path to the nsupdate executable
+        default = lib.optionalString (cfg.protocol == "nsupdate") "${pkgs.bind.dnsutils}/bin/nsupdate";
+        defaultText = "";
+        type = str;
+        description = lib.mdDoc ''
+          User name.
+        '';
+      };
+
+      passwordFile = mkOption {
+        default = null;
+        type = nullOr str;
+        description = lib.mdDoc ''
+          A file containing the password or a TSIG key in named format when using the nsupdate protocol.
+        '';
+      };
+
+      interval = mkOption {
+        default = "10min";
+        type = str;
+        description = lib.mdDoc ''
+          The interval at which to run the check and update.
+          See {command}`man 7 systemd.time` for the format.
+        '';
+      };
+
+      configFile = mkOption {
+        default = null;
+        type = nullOr path;
+        description = lib.mdDoc ''
+          Path to configuration file.
+          When set this overrides the generated configuration from module options.
+        '';
+        example = "/root/nixos/secrets/ddclient.conf";
+      };
+
+      protocol = mkOption {
+        default = "dyndns2";
+        type = str;
+        description = lib.mdDoc ''
+          Protocol to use with dynamic DNS provider (see https://sourceforge.net/p/ddclient/wiki/protocols).
+        '';
+      };
+
+      server = mkOption {
+        default = "";
+        type = str;
+        description = lib.mdDoc ''
+          Server address.
+        '';
+      };
+
+      ssl = mkOption {
+        default = true;
+        type = bool;
+        description = lib.mdDoc ''
+          Whether to use SSL/TLS to connect to dynamic DNS provider.
+        '';
+      };
+
+      quiet = mkOption {
+        default = false;
+        type = bool;
+        description = lib.mdDoc ''
+          Print no messages for unnecessary updates.
+        '';
+      };
+
+      script = mkOption {
+        default = "";
+        type = str;
+        description = lib.mdDoc ''
+          script as required by some providers.
+        '';
+      };
+
+      use = mkOption {
+        default = "web, web=checkip.dyndns.com/, web-skip='Current IP Address: '";
+        type = str;
+        description = lib.mdDoc ''
+          Method to determine the IP address to send to the dynamic DNS provider.
+        '';
+      };
+
+      verbose = mkOption {
+        default = false;
+        type = bool;
+        description = lib.mdDoc ''
+          Print verbose information.
+        '';
+      };
+
+      zone = mkOption {
+        default = "";
+        type = str;
+        description = lib.mdDoc ''
+          zone as required by some providers.
+        '';
+      };
+
+      extraConfig = mkOption {
+        default = "";
+        type = lines;
+        description = lib.mdDoc ''
+          Extra configuration. Contents will be added verbatim to the configuration file.
+          ::: {.note}
+          `daemon` should not be added here because it does not work great with the systemd-timer approach the service uses.
+          :::
+        '';
+      };
+    };
+  };
+
+
+  ###### implementation
+
+  config = mkMerge [
+    (mkIf cfg.enable {
+      systemd.services.ddclient = {
+        description = "Dynamic DNS Client";
+        wantedBy = [ "multi-user.target" ];
+        after = [ "network.target" ];
+        restartTriggers = optional (cfg.configFile != null) cfg.configFile;
+        path = lib.optional (lib.hasPrefix "if," cfg.use) pkgs.iproute2;
+
+        serviceConfig = {
+          DynamicUser = true;
+          RuntimeDirectoryMode = "0700";
+          inherit RuntimeDirectory;
+          inherit StateDirectory;
+          Type = "oneshot";
+          ExecStartPre = "!${pkgs.writeShellScript "ddclient-prestart" preStart}";
+          ExecStart = "${lib.getBin cfg.package}/bin/ddclient -file /run/${RuntimeDirectory}/ddclient.conf";
+        };
+      };
+
+      systemd.timers.ddclient = {
+        description = "Run ddclient";
+        wantedBy = [ "timers.target" ];
+        timerConfig = {
+          OnBootSec = cfg.interval;
+          OnUnitInactiveSec = cfg.interval;
+        };
+      };
+    })
+    {
+      ids.uids.ddclient = 30;
+      ids.gids.ddclient = 30;
+    }
+  ];
+}