diff --git a/modules/homelab/ddns_docker.nix b/modules/homelab/ddns_docker.nix new file mode 100644 index 0000000..8f2f845 --- /dev/null +++ b/modules/homelab/ddns_docker.nix @@ -0,0 +1,91 @@ +{ pkgs, config, lib, ... }: + +{ + options = { + modules.homelab.ddns_docker.enable = lib.mkEnableOption "enable ddns docker"; + }; + + config = lib.mkIf config.modules.homelab.ddns_docker.enable { + let + api_token = builtins.readFile /home/blake/.keyring/ddns/api_token; + zone_id_blakedheld = builtins.readFile /home/blake/.keyring/ddns/zone_id_blakedheld; + zone_id_recoil = builtins.readFile /home/blake/.keyring/ddns/zone_id_recoil; + + # define the config file + ddns_cfg = pkgs.writeText "config.json" '' + { + "cloudflare": [ + { + "authentication": { + "api_token": "${api_token}" + }, + "zone_id": "${zone_id_blakedheld}", + "subdomains": [ + { + "name": "@", + "proxied": true + }, + { + "name": "*", + "proxied": true + }, + { + "name": "git", + "proxied": false + } + + ] + }, + { + "authentication": { + "api_token": "${api_token}" + }, + "zone_id": "${zone_id_recoil}", + "subdomains": [ + { + "name": "@", + "proxied": true + }, + { + "name": "*", + "proxied": true + }, + { + "name": "mc", + "proxied": true + }, + { + "name": "smp", + "proxied": true + }, + { + "name": "superflat", + "proxied": false + }, + { + "name": "skyblock", + "proxied": false + } + ] + } + ], + "a": true, + "aaaa": true, + "purgeUnknownRecords": false + } + ''; + in + { + virtualisation.docker.containers.ddns = { + image = "timothyjmiller/cloudflare-ddns:latest"; + containerName = "ddns"; + restartPolicy = "unless-stopped"; + hostNetwork = true; + environment = { PUID = "1000"; PGID = "1000"; }; + volumes = [ "${ddns_cfg}:/config.json" ]; + securityOpt = [ "no-new-privileges:true" ]; + }; + } + }; +} +