cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

nixos/cfdyndns: dynamic user and loadcredentials

Browse source
This commit is contained in:
happysalada 2023-09-11 09:07:25 -04:00 committed by Yt
parent d989b040da
commit 1e335c516b
1 changed files with 3 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
nixos/modules/services/misc/cfdyndns.nix
View file

@ -60,8 +60,8 @@ in
startAt = "*:0/5";
serviceConfig = {
Type = "simple";
User = config.ids.uids.cfdyndns;
Group = config.ids.gids.cfdyndns;
LoadCredential = lib.optional (cfg.apiTokenFile != null) "CLOUDFLARE_APITOKEN_FILE:${cfg.apiTokenFile}";
DynamicUser = true;
};
environment = {
CLOUDFLARE_RECORDS="${concatStringsSep "," cfg.records}";
@ -72,23 +72,10 @@ in
export CLOUDFLARE_EMAIL="${cfg.email}"
''}
${optionalString (cfg.apiTokenFile != null) ''
export CLOUDFLARE_APITOKEN="$(cat ${escapeShellArg cfg.apiTokenFile})"
export CLOUDFLARE_APITOKEN=$(${pkgs.systemd}/bin/systemd-creds cat CLOUDFLARE_APITOKEN_FILE)
''}
${pkgs.cfdyndns}/bin/cfdyndns
'';
};
users.users = {
cfdyndns = {
group = "cfdyndns";
uid = config.ids.uids.cfdyndns;
};
};
users.groups = {
cfdyndns = {
gid = config.ids.gids.cfdyndns;
};
};
};
}