nix-git/modules/netcup-dns.nix

86 lines
3.0 KiB
Nix
Raw Permalink Normal View History

2023-11-14 19:04:58 +01:00
{ config, pkgs, ... }:
let
my-python-packages = ps: with ps; [
# netcup-dns is not (yet) packaged, thus we build it from PyPI
(
buildPythonPackage rec {
pname = "netcup-dns";
2024-08-15 21:06:18 +02:00
# Important: When updating the version number, adjust the Git revision below accordingly!
2024-03-21 14:24:00 +01:00
version = "0.2.3";
2023-11-14 19:04:58 +01:00
# https://nixos.wiki/wiki/Packaging/Python#Fix_Missing_setup.py
format = "pyproject";
2024-08-15 21:06:18 +02:00
src = builtins.fetchGit {
url = "https://codeberg.org/privacy1st/netcup-dns";
rev = "f231334e1b7858061efc7b3e98d21a2d10346369";
2023-11-14 19:04:58 +01:00
};
propagatedBuildInputs = [
# Dependencies
pkgs.python3Packages.requests
pkgs.python3Packages.nc-dnsapi
# Build dependencies
2024-08-15 21:06:18 +02:00
setuptools
2023-11-14 19:04:58 +01:00
build
twine
];
}
)
];
in
{
# Install netcup-dns Python packages.
environment.systemPackages = [
(pkgs.python3.withPackages my-python-packages)
];
# Configure netcup-dns.
2024-01-02 11:18:25 +01:00
# This creates file `/etc/netcup-dns/netcup-dns-95191.json`.
# Update A and AAA entry of domains p1st.de, privacy1st.de, biketripplanner.de
2023-11-14 19:04:58 +01:00
deployment.keys."netcup-dns-95191.json" = {
2023-11-14 19:21:10 +01:00
keyFile = ../secrets/netcup-dns.json;
2023-11-14 19:04:58 +01:00
destDir = "/etc/netcup-dns";
user = "netcup-dns";
group = "netcup-dns";
};
# Create netcup-dns daemon user.
users.users."netcup-dns" = {
isSystemUser = true;
group = "netcup-dns";
description = "netcup-dns daemon";
};
users.groups."netcup-dns" = {};
# Create netcup-dns timer.
systemd.timers."netcup-dns" = {
wantedBy = [ "timers.target" ];
partOf = [ "netcup-dns.service" ];
timerConfig = {
OnBootSec = "0m";
OnUnitInactiveSec = "3m";
AccuracySec = "15s";
RandomizedDelaySec = "15s";
};
};
systemd.services."netcup-dns" = {
serviceConfig = {
Type = "oneshot";
PrivateTmp = true;
User = "netcup-dns";
Nice = 19;
IOSchedulingClass = "idle";
2023-12-12 16:32:36 +01:00
# Create directory `/run/netcup-dns`.
# `netcup-dns` uses it for caching.
# For systemd to create this directory automatically, `PermissionsStartOnly` is required: https://unix.stackexchange.com/questions/354583/how-to-automatically-create-a-runtime-folder-with-a-systemd-service-or-tmpfiles#comment628290_354583
RuntimeDirectoryMode = "0755";
RuntimeDirectory = "netcup-dns";
PermissionsStartOnly = true;
# Since we use `/run/netcup-dns` for caching between subsequent runs of `netcup-dns`, it should be kept and not deleted.
# Man page section `RuntimeDirectoryPreserve`:
# If set to yes, then the directories are not removed when the service is stopped. Note that since the runtime directory /run/ is a mount point of "tmpfs", then for system services the directories specified in RuntimeDirectory= are removed when the system is rebooted.
RuntimeDirectoryPreserve = true;
ExecStart = "${pkgs.python3.withPackages my-python-packages}/bin/netcup-dns --cache-directory /run/netcup-dns";
2023-11-14 19:04:58 +01:00
};
};
}