From d92ffcc751a586f9fe86005294e327547c1eb5df Mon Sep 17 00:00:00 2001 From: Griffin Smith Date: Mon, 17 Jan 2022 18:05:16 -0500 Subject: fix(grfn/mugwump): Update for new ddclient config format There's a passwordFile option now! Change-Id: I7aa21891c3502ceddcb0bb08a83a5a3a8a6bcdc9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5025 Reviewed-by: grfn Autosubmit: grfn Tested-by: BuildkiteCI --- users/grfn/system/system/machines/mugwump.nix | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) (limited to 'users/grfn/system/system/machines/mugwump.nix') diff --git a/users/grfn/system/system/machines/mugwump.nix b/users/grfn/system/system/machines/mugwump.nix index 8d673420f9..a9f8769725 100644 --- a/users/grfn/system/system/machines/mugwump.nix +++ b/users/grfn/system/system/machines/mugwump.nix @@ -71,6 +71,7 @@ with lib; in { bbbg.file = secret "bbbg"; cloudflare.file = secret "cloudflare"; + ddclient-password.file = secret "ddclient-password"; }; services.depot.auto-deploy = { @@ -137,25 +138,10 @@ with lib; zone = "gws.fyi"; protocol = "cloudflare"; username = "root@gws.fyi"; + passwordFile = "/run/agenix/ddclient-password"; quiet = true; }; - systemd.services.ddclient.serviceConfig = { - EnvironmentFile = "/run/agenix/cloudflare"; - DynamicUser = lib.mkForce false; - ExecStart = lib.mkForce ( - let runtimeDir = - config.systemd.services.ddclient.serviceConfig.RuntimeDirectory; - in pkgs.writeShellScript "ddclient" '' - set -eo pipefail - - ${pkgs.gnused}/bin/sed -i -s s/password=/password=$CLOUDFLARE_API_KEY/ /run/${runtimeDir}/ddclient.conf - exec ${pkgs.ddclient}/bin/ddclient \ - -file /run/${runtimeDir}/ddclient.conf \ - -login=$CLOUDFLARE_EMAIL \ - ''); - }; - security.acme.certs."metrics.gws.fyi" = { dnsProvider = "cloudflare"; credentialsFile = "/run/agenix/cloudflare"; -- cgit 1.4.1