feat: netcup-dns module option

hosts/yodaHedgehog/configuration.nix

@@ -23,6 +23,8 @@
 
       ../../modules/btrbk
       ./btrbk-config.nix
+
+      ../../modules/netcup-dns.nix
       ../../modules/de-p1st-monitor.nix
       ../../modules/spin-down/hdparm.nix
       ../../modules/spin-down/hd-idle.nix
@@ -44,6 +46,7 @@
     "ata-ST6000DM003-2CY186_ZR11WA9K"
   ];
   yoda.de-p1st-monitor = (builtins.readFile ../../assets/de-p1st-monitor/yodaHedgehog.ini);
+  yoda.netcup-dns = ../../secrets/netcup-dns-hedgehog.json;
 
   boot.kernelParams = [];
   boot.kernelPackages = pkgs.linuxPackages;

hosts/yodaNas/configuration.nix

@@ -51,6 +51,7 @@
   ];
   yoda.spin-down.hd-idle = [];
   yoda.de-p1st-monitor = (builtins.readFile ../../assets/de-p1st-monitor/yodaNas.ini);
+  yoda.netcup-dns = ../../secrets/netcup-dns-nas.json;
 
   boot.kernelParams = [
     # Microarchitectural Data Sampling (MDS), see https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html#mitigation-control-on-the-kernel-command-line

modules/netcup-dns.nix

@@ -1,17 +1,20 @@
-{ config, pkgs, ... }:
+{ lib, config, options, pkgs, modulesPath, ... }:
+with lib;
 let
+  cfg = config.yoda.netcup-dns;
+
   my-python-packages = ps: with ps; [
     # netcup-dns is not (yet) packaged, thus we build it from PyPI
     (
       buildPythonPackage rec {
         pname = "netcup-dns";
         # Important: When updating the version number, adjust the Git revision below accordingly!
-        version = "0.2.3";
+        version = "0.2.4";
         # https://nixos.wiki/wiki/Packaging/Python#Fix_Missing_setup.py
         format = "pyproject";
         src = builtins.fetchGit {
           url = "https://codeberg.org/privacy1st/netcup-dns";
-          rev = "f231334e1b7858061efc7b3e98d21a2d10346369";
+          rev = "7981656c5b65ac37ab2fd0e9bc65bd8cedd5ed79";
         };
         propagatedBuildInputs = [
           # Dependencies
@@ -27,59 +30,71 @@ let
   ];
 in
 {
-  # Install netcup-dns Python packages.
-  environment.systemPackages = [
-    (pkgs.python3.withPackages my-python-packages)
-  ];
-
-  # Configure netcup-dns.
-  # This creates file `/etc/netcup-dns/netcup-dns-95191.json`.
-  # Update A and AAA entry of domains p1st.de, privacy1st.de, biketripplanner.de
-  deployment.keys."netcup-dns-95191.json" = {
-    keyFile = ../secrets/netcup-dns.json;
-    destDir = "/etc/netcup-dns";
-    user = "netcup-dns";
-    group = "netcup-dns";
-  };
-  # Create netcup-dns daemon user.
-  users.users."netcup-dns" = {
-    isSystemUser = true;
-    group = "netcup-dns";
-    description = "netcup-dns daemon";
-  };
-  users.groups."netcup-dns" = {};
-  # Create netcup-dns timer.
-  systemd.timers."netcup-dns" = {
-    wantedBy = [ "timers.target" ];
-    partOf = [ "netcup-dns.service" ];
-    timerConfig = {
-      OnBootSec = "0m";
-      OnUnitInactiveSec = "3m";
-
-      AccuracySec = "15s";
-      RandomizedDelaySec = "15s";
+  options = {
+    yoda.netcup-dns = mkOption {
+      type = types.path;
+      example = ./secrets/netcup-dns.json;
+      description = ''
+        Path to JSON configuration file for netcup-dns.
+      '';
     };
   };
-  systemd.services."netcup-dns" = {
-    serviceConfig = {
-      Type = "oneshot";
-      PrivateTmp = true;
-      User = "netcup-dns";
-      Nice = 19;
-      IOSchedulingClass = "idle";
 
-      # Create directory `/run/netcup-dns`.
-      # `netcup-dns` uses it for caching.
-      # For systemd to create this directory automatically, `PermissionsStartOnly` is required: https://unix.stackexchange.com/questions/354583/how-to-automatically-create-a-runtime-folder-with-a-systemd-service-or-tmpfiles#comment628290_354583
-      RuntimeDirectoryMode = "0755";
-      RuntimeDirectory = "netcup-dns";
-      PermissionsStartOnly = true;
-      # Since we use `/run/netcup-dns` for caching between subsequent runs of `netcup-dns`, it should be kept and not deleted.
-      # Man page section `RuntimeDirectoryPreserve`:
-      #   If set to yes, then the directories are not removed when the service is stopped. Note that since the runtime directory /run/ is a mount point of "tmpfs", then for system services the directories specified in RuntimeDirectory= are removed when the system is rebooted.
-      RuntimeDirectoryPreserve = true;
+  config = {
+    # Install netcup-dns Python packages.
+    environment.systemPackages = [
+      (pkgs.python3.withPackages my-python-packages)
+    ];
 
-      ExecStart = "${pkgs.python3.withPackages my-python-packages}/bin/netcup-dns --cache-directory /run/netcup-dns";
+    # Configure netcup-dns.
+    # This creates file `/etc/netcup-dns/netcup-dns-95191.json`.
+    # Update A and AAA entry of domains p1st.de, privacy1st.de, biketripplanner.de
+    deployment.keys."netcup-dns-95191.json" = {
+      keyFile = cfg;
+      destDir = "/etc/netcup-dns";
+      user = "netcup-dns";
+      group = "netcup-dns";
+    };
+    # Create netcup-dns daemon user.
+    users.users."netcup-dns" = {
+      isSystemUser = true;
+      group = "netcup-dns";
+      description = "netcup-dns daemon";
+    };
+    users.groups."netcup-dns" = {};
+    # Create netcup-dns timer.
+    systemd.timers."netcup-dns" = {
+      wantedBy = [ "timers.target" ];
+      partOf = [ "netcup-dns.service" ];
+      timerConfig = {
+        OnBootSec = "0m";
+        OnUnitInactiveSec = "3m";
+
+        AccuracySec = "15s";
+        RandomizedDelaySec = "15s";
+      };
+    };
+    systemd.services."netcup-dns" = {
+      serviceConfig = {
+        Type = "oneshot";
+        PrivateTmp = true;
+        User = "netcup-dns";
+        Nice = 19;
+        IOSchedulingClass = "idle";
+
+        # Create directory `/run/netcup-dns`.
+        # `netcup-dns` uses it for caching.
+        # For systemd to create this directory automatically, `PermissionsStartOnly` is required: https://unix.stackexchange.com/questions/354583/how-to-automatically-create-a-runtime-folder-with-a-systemd-service-or-tmpfiles#comment628290_354583
+        RuntimeDirectoryMode = "0755";
+        RuntimeDirectory = "netcup-dns";
+        PermissionsStartOnly = true;
+        # Since we use `/run/netcup-dns` for caching between subsequent runs of `netcup-dns`, it should be kept and not deleted.
+        # Man page section `RuntimeDirectoryPreserve`:
+        #   If set to yes, then the directories are not removed when the service is stopped. Note that since the runtime directory /run/ is a mount point of "tmpfs", then for system services the directories specified in RuntimeDirectory= are removed when the system is rebooted.
+        RuntimeDirectoryPreserve = true;
+
+        ExecStart = "${pkgs.python3.withPackages my-python-packages}/bin/netcup-dns --cache-directory /run/netcup-dns";
+      };
     };
   };
 }