2024-12-09 11:22:04 +01:00
{ lib , config , options , pkgs , modulesPath , . . . }:
with lib ;
2023-11-14 19:04:58 +01:00
let
2024-12-09 11:22:04 +01:00
cfg = config . yoda . netcup-dns ;
2023-11-14 19:04:58 +01:00
my-python-packages = ps : with ps ; [
# netcup-dns is not (yet) packaged, thus we build it from PyPI
(
buildPythonPackage rec {
pname = " n e t c u p - d n s " ;
2024-08-15 21:06:18 +02:00
# Important: When updating the version number, adjust the Git revision below accordingly!
2024-12-09 11:22:04 +01:00
version = " 0 . 2 . 4 " ;
2023-11-14 19:04:58 +01:00
# https://nixos.wiki/wiki/Packaging/Python#Fix_Missing_setup.py
format = " p y p r o j e c t " ;
2024-08-15 21:06:18 +02:00
src = builtins . fetchGit {
url = " h t t p s : / / c o d e b e r g . o r g / p r i v a c y 1 s t / n e t c u p - d n s " ;
2024-12-09 11:22:04 +01:00
rev = " 7 9 8 1 6 5 6 c 5 b 6 5 a c 3 7 a b 2 f d 0 e 9 b c 6 5 b d 8 c e d d 5 e d 7 9 " ;
2023-11-14 19:04:58 +01:00
} ;
propagatedBuildInputs = [
# Dependencies
pkgs . python3Packages . requests
pkgs . python3Packages . nc-dnsapi
# Build dependencies
2024-08-15 21:06:18 +02:00
setuptools
2023-11-14 19:04:58 +01:00
build
twine
] ;
}
)
] ;
in
{
2024-12-09 11:22:04 +01:00
options = {
yoda . netcup-dns = mkOption {
type = types . path ;
example = ./secrets/netcup-dns.json ;
description = ''
Path to JSON configuration file for netcup-dns .
'' ;
} ;
2023-11-14 19:04:58 +01:00
} ;
2024-12-09 11:22:04 +01:00
config = {
# Install netcup-dns Python packages.
environment . systemPackages = [
( pkgs . python3 . withPackages my-python-packages )
] ;
# Configure netcup-dns.
# This creates file `/etc/netcup-dns/netcup-dns-95191.json`.
# Update A and AAA entry of domains p1st.de, privacy1st.de, biketripplanner.de
deployment . keys . " n e t c u p - d n s - 9 5 1 9 1 . j s o n " = {
keyFile = cfg ;
destDir = " / e t c / n e t c u p - d n s " ;
user = " n e t c u p - d n s " ;
group = " n e t c u p - d n s " ;
2023-11-14 19:04:58 +01:00
} ;
2024-12-09 11:22:04 +01:00
# Create netcup-dns daemon user.
users . users . " n e t c u p - d n s " = {
isSystemUser = true ;
group = " n e t c u p - d n s " ;
description = " n e t c u p - d n s d a e m o n " ;
} ;
users . groups . " n e t c u p - d n s " = { } ;
# Create netcup-dns timer.
systemd . timers . " n e t c u p - d n s " = {
wantedBy = [ " t i m e r s . t a r g e t " ] ;
partOf = [ " n e t c u p - d n s . s e r v i c e " ] ;
timerConfig = {
OnBootSec = " 0 m " ;
OnUnitInactiveSec = " 3 m " ;
AccuracySec = " 1 5 s " ;
RandomizedDelaySec = " 1 5 s " ;
} ;
} ;
systemd . services . " n e t c u p - d n s " = {
serviceConfig = {
Type = " o n e s h o t " ;
PrivateTmp = true ;
User = " n e t c u p - d n s " ;
Nice = 19 ;
IOSchedulingClass = " i d l e " ;
2023-12-12 16:32:36 +01:00
2024-12-09 11:22:04 +01:00
# Create directory `/run/netcup-dns`.
# `netcup-dns` uses it for caching.
# For systemd to create this directory automatically, `PermissionsStartOnly` is required: https://unix.stackexchange.com/questions/354583/how-to-automatically-create-a-runtime-folder-with-a-systemd-service-or-tmpfiles#comment628290_354583
RuntimeDirectoryMode = " 0 7 5 5 " ;
RuntimeDirectory = " n e t c u p - d n s " ;
PermissionsStartOnly = true ;
# Since we use `/run/netcup-dns` for caching between subsequent runs of `netcup-dns`, it should be kept and not deleted.
# Man page section `RuntimeDirectoryPreserve`:
# If set to yes, then the directories are not removed when the service is stopped. Note that since the runtime directory /run/ is a mount point of "tmpfs", then for system services the directories specified in RuntimeDirectory= are removed when the system is rebooted.
RuntimeDirectoryPreserve = true ;
2023-12-12 16:32:36 +01:00
2024-12-09 11:22:04 +01:00
ExecStart = " ${ pkgs . python3 . withPackages my-python-packages } / b i n / n e t c u p - d n s - - c a c h e - d i r e c t o r y / r u n / n e t c u p - d n s " ;
} ;
2023-11-14 19:04:58 +01:00
} ;
} ;
}
