diff options
author | happysalada <raphael@megzari.com> | 2023-09-11 09:07:25 -0400 |
---|---|---|
committer | Yt <happysalada@tuta.io> | 2023-09-14 07:53:36 +0000 |
commit | 1e335c516b7a2a9bc777bf3739da7557c726124e (patch) | |
tree | d702f26ec0444f351cd7a94ed9d2118c20cb2196 /nixos/modules/services/misc | |
parent | d989b040da3e42f6f4a769547887974719939c42 (diff) | |
download | nixpkgs-1e335c516b7a2a9bc777bf3739da7557c726124e.tar nixpkgs-1e335c516b7a2a9bc777bf3739da7557c726124e.tar.gz nixpkgs-1e335c516b7a2a9bc777bf3739da7557c726124e.tar.bz2 nixpkgs-1e335c516b7a2a9bc777bf3739da7557c726124e.tar.lz nixpkgs-1e335c516b7a2a9bc777bf3739da7557c726124e.tar.xz nixpkgs-1e335c516b7a2a9bc777bf3739da7557c726124e.tar.zst nixpkgs-1e335c516b7a2a9bc777bf3739da7557c726124e.zip |
nixos/cfdyndns: dynamic user and loadcredentials
Diffstat (limited to 'nixos/modules/services/misc')
-rw-r--r-- | nixos/modules/services/misc/cfdyndns.nix | 19 |
1 files changed, 3 insertions, 16 deletions
diff --git a/nixos/modules/services/misc/cfdyndns.nix b/nixos/modules/services/misc/cfdyndns.nix index 5a02de2aad2..dba8ac20015 100644 --- a/nixos/modules/services/misc/cfdyndns.nix +++ b/nixos/modules/services/misc/cfdyndns.nix @@ -60,8 +60,8 @@ in startAt = "*:0/5"; serviceConfig = { Type = "simple"; - User = config.ids.uids.cfdyndns; - Group = config.ids.gids.cfdyndns; + LoadCredential = lib.optional (cfg.apiTokenFile != null) "CLOUDFLARE_APITOKEN_FILE:${cfg.apiTokenFile}"; + DynamicUser = true; }; environment = { CLOUDFLARE_RECORDS="${concatStringsSep "," cfg.records}"; @@ -72,23 +72,10 @@ in export CLOUDFLARE_EMAIL="${cfg.email}" ''} ${optionalString (cfg.apiTokenFile != null) '' - export CLOUDFLARE_APITOKEN="$(cat ${escapeShellArg cfg.apiTokenFile})" + export CLOUDFLARE_APITOKEN=$(${pkgs.systemd}/bin/systemd-creds cat CLOUDFLARE_APITOKEN_FILE) ''} ${pkgs.cfdyndns}/bin/cfdyndns ''; }; - - users.users = { - cfdyndns = { - group = "cfdyndns"; - uid = config.ids.uids.cfdyndns; - }; - }; - - users.groups = { - cfdyndns = { - gid = config.ids.gids.cfdyndns; - }; - }; }; } |