{ config, pkgs, lib, ... }: # apikeyFile implementation inspired by grafana config with lib; let cfg = config.services.custom.cfdyndns; in { options = { services.custom.cfdyndns = { enable = mkEnableOption "Cloudflare Dynamic DNS Client"; email = mkOption { type = types.str; description = '' The email address to use to authenticate to CloudFlare. ''; }; apikey = mkOption { default = null; type = types.nullOr types.str; description = '' The API Key to use to authenticate to CloudFlare. ''; }; apikeyFile = mkOption { default = null; type = types.nullOr types.path; description = '' The API Key to use to authenticate to CloudFlare. ''; }; records = mkOption { default = []; example = [ "host.tld" ]; type = types.listOf types.str; description = '' The records to update in CloudFlare. ''; }; }; }; config = mkIf cfg.enable { assertions = [ { assertion = cfg.apikey != null -> cfg.apikeyFile == null; message = "Cannot set both apikey and apikeyFile"; } ]; systemd.services.cfdyndns = { description = "CloudFlare Dynamic DNS Client"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; startAt = "5 minutes"; script = '' ${optionalString (cfg.apikey != null) '' export CLOUDFLARE_APIKEY="${cfg.apikey}" ''} ${optionalString (cfg.apikeyFile != null) '' export CLOUDFLARE_APIKEY="$(cat ${escapeShellArg cfg.apikeyFile})" ''} ${pkgs.cfdyndns}/bin/cfdyndns ''; serviceConfig = { Type = "simple"; User = config.ids.uids.cfdyndns; Group = config.ids.gids.cfdyndns; }; environment = { CLOUDFLARE_EMAIL = "${cfg.email}"; CLOUDFLARE_RECORDS = "${concatStringsSep "," cfg.records}"; }; }; users.users = { cfdyndns = { group = "cfdyndns"; uid = config.ids.uids.cfdyndns; }; }; users.groups = { cfdyndns = { gid = config.ids.gids.cfdyndns; }; }; }; }