2020-11-16 12:39:37 -08:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
let
|
|
|
|
|
cfg = config.fudo.client.dns;
|
|
|
|
|
|
|
|
|
|
in {
|
|
|
|
|
options.fudo.client.dns = {
|
|
|
|
|
enable = mkEnableOption "Enable Fudo DynDNS Client.";
|
|
|
|
|
|
|
|
|
|
ipv4 = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = true;
|
|
|
|
|
description = "Report host external IPv4 address to Fudo DynDNS server.";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
ipv6 = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = true;
|
|
|
|
|
description = "Report host external IPv6 address to Fudo DynDNS server.";
|
|
|
|
|
};
|
|
|
|
|
|
2020-11-17 15:23:07 -08:00
|
|
|
sshfp = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = true;
|
|
|
|
|
description = "Report host SSH fingerprints to the Fudo DynDNS server.";
|
|
|
|
|
};
|
|
|
|
|
|
2020-11-16 12:39:37 -08:00
|
|
|
domain = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = "Domain under which this host is registered.";
|
|
|
|
|
default = "fudo.link";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
server = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = "Backplane DNS server to which changes will be reported.";
|
|
|
|
|
default = "backplane.fudo.org";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
password-file = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = "File containing host password for backplane.";
|
|
|
|
|
example = "/path/to/secret.passwd";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
frequency = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = "Frequency at which to report the local IP(s) to backplane.";
|
|
|
|
|
default = "*:0/15";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
user = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = "User as which to run the client script (must have access to password file).";
|
|
|
|
|
default = "backplane-dns-client";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
external-interface = mkOption {
|
|
|
|
|
type = with types; nullOr str;
|
|
|
|
|
description = "Interface with which this host communicates with the larger internet.";
|
|
|
|
|
default = null;
|
|
|
|
|
};
|
2020-11-17 15:23:07 -08:00
|
|
|
|
|
|
|
|
# FIXME: take the relevant SSH package
|
2020-11-16 12:39:37 -08:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
|
users.users = {
|
|
|
|
|
"${cfg.user}" = {
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
createHome = true;
|
|
|
|
|
home = "/var/home/${cfg.user}";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd = {
|
|
|
|
|
timers.backplane-dns-client = {
|
|
|
|
|
enable = true;
|
|
|
|
|
description = "Report local IP addresses to Fudo backplane.";
|
|
|
|
|
partOf = [ "backplane-dns-client.service" ];
|
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
|
requires = [ "network-online.target" ];
|
|
|
|
|
timerConfig = {
|
|
|
|
|
OnCalendar = cfg.frequency;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.backplane-dns-client = {
|
|
|
|
|
enable = true;
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
StandardOutput = "journal";
|
|
|
|
|
User = cfg.user;
|
|
|
|
|
};
|
2020-11-17 15:23:07 -08:00
|
|
|
path = [ pkgs.openssh ];
|
2020-11-16 12:39:37 -08:00
|
|
|
script = ''
|
2020-11-17 15:23:07 -08:00
|
|
|
${pkgs.backplane-dns-client}/bin/backplane-dns-client ${optionalString cfg.ipv4 "-4"} ${optionalString cfg.ipv6 "-6"} ${optionalString cfg.sshfp "-f"} ${optionalString (cfg.external-interface != null) "--interface=${cfg.external-interface}"} --domain=${cfg.domain} --server=${cfg.server} --password-file=${cfg.password-file}
|
2020-11-16 12:39:37 -08:00
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
