about summary refs log tree commit diff
path: root/users/grfn/system/system/machines/mugwump.nix
diff options
context:
space:
mode:
Diffstat (limited to 'users/grfn/system/system/machines/mugwump.nix')
-rw-r--r--users/grfn/system/system/machines/mugwump.nix18
1 files changed, 2 insertions, 16 deletions
diff --git a/users/grfn/system/system/machines/mugwump.nix b/users/grfn/system/system/machines/mugwump.nix
index 8d673420f9..a9f8769725 100644
--- a/users/grfn/system/system/machines/mugwump.nix
+++ b/users/grfn/system/system/machines/mugwump.nix
@@ -71,6 +71,7 @@ with lib;
   in {
     bbbg.file = secret "bbbg";
     cloudflare.file = secret "cloudflare";
+    ddclient-password.file = secret "ddclient-password";
   };
 
   services.depot.auto-deploy = {
@@ -137,25 +138,10 @@ with lib;
     zone = "gws.fyi";
     protocol = "cloudflare";
     username = "root@gws.fyi";
+    passwordFile = "/run/agenix/ddclient-password";
     quiet = true;
   };
 
-  systemd.services.ddclient.serviceConfig = {
-    EnvironmentFile = "/run/agenix/cloudflare";
-    DynamicUser = lib.mkForce false;
-    ExecStart = lib.mkForce (
-      let runtimeDir =
-            config.systemd.services.ddclient.serviceConfig.RuntimeDirectory;
-      in pkgs.writeShellScript "ddclient" ''
-        set -eo pipefail
-
-        ${pkgs.gnused}/bin/sed -i -s s/password=/password=$CLOUDFLARE_API_KEY/ /run/${runtimeDir}/ddclient.conf
-        exec ${pkgs.ddclient}/bin/ddclient \
-          -file /run/${runtimeDir}/ddclient.conf \
-          -login=$CLOUDFLARE_EMAIL \
-      '');
-  };
-
   security.acme.certs."metrics.gws.fyi" = {
     dnsProvider = "cloudflare";
     credentialsFile = "/run/agenix/cloudflare";
generated by cgit-pink 1.4.1 (git 2.44.0) at 2024-05-25T21ยท48+0000