{ config, pkgs, lib, user, host, ... }: # lib.mkIf false lib.mkIf (host == "NxACE") # ((import ./nx2site/proxy.nix { inherit config pkgs lib user; }) // ( { sops.secrets = { "nx2site/namecheap.pw" = { }; }; systemd = { timers."namecheap-dynamic-dns" = { wantedBy = [ "timers.target" ]; timerConfig = { OnBootSec = "2m"; OnUnitActiveSec = "10m"; Unit = "namecheap-dynamic-dns.service"; }; }; services."namecheap-dynamic-dns" = let u = let domain = "nx2.site"; passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; # passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; log-file-path = "/var/log/update_namecheap.log"; count-file-path = "/var/log/update_namecheap-count.txt"; in pkgs.writers.writePython3Bin "update_namecheap" { libraries = with pkgs.python311Packages; [ requests ]; flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" ]; } '' import requests import argparse import socket from datetime import datetime def get_public_ip(): return requests.get('https://ipinfo.io/ip').text.strip() def get_dns_ip(): return socket.gethostbyname_ex('${domain}')[2][0] def main(force_update): my_ip = get_public_ip() dns_ip = get_dns_ip() with open("${count-file-path}", "r") as f: content = f.read() if content == "": count = 0 else: count = int(content) count += 1 with open("${count-file-path}", "w") as f: f.write(str(count)) if not (force_update or my_ip != dns_ip): print(f"Host IP and DNS response are both {my_ip} --> No Action") exit(0) else: with open("${passord-file-path}", 'r') as pw_file: pw = pw_file.read().strip() # Perform DNS updates resp_base = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password={pw}&ip={my_ip}") resp_subd = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=*&domain=${domain}&password={pw}&ip={my_ip}") # Reset the count file with open("${count-file-path}", 'w') as f: f.write('0') now_str = datetime.now().strftime('%Y/%m/%d-%R') log_entry = f"At {now_str} - from {dns_ip} to {my_ip} - {count} times - Response {resp_base.status_code}{' - (forced)' if force_update else ' '}\n" print(log_entry, end="") with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry) if __name__ == "__main__": parser = argparse.ArgumentParser() parser.add_argument('-f', '--force', action='store_true', help='Force update') args = parser.parse_args() main(args.force) ''; in { script = '' set -eu ${u}/bin/update_namecheap ''; serviceConfig = { Type = "oneshot"; }; }; }; # I can't use this becasue API Access for Namecheap needs a static whitelisted IP, which I don't have # security.acme = { # acceptTerms = true; # certs."nx2site" = { }; # }; environment.systemPackages = with pkgs; [ certbot (writeShellApplication { name = "refresh_ssl_certificate"; runtimeInputs = [ certbot ]; # https://forum.endeavouros.com/t/tutorial-add-a-systemd-boot-loader-menu-entry-for-a-windows-installation-using-a-separate-esp-partition/37431 text = let webroot = /home/nx2/nx2site/staticweb/content; in /*bash*/ '' cartbot ls ${webroot} ''; }) ]; networking.hosts = { # docker network inspect nx2site_default | grep -E "Name|IPv4" | tr "\n" " " | sed -r 's- +- -g;s-\n?"Name": -\n-g' | sed -r '1d;2d;s-"(.+?)", "IPv4Address": "(.+)/16",- "\2" = [ "\1.docker" ];-g' "172.1.2.1" = [ "staticweb.docker" ]; "172.1.3.1" = [ "matrix.docker" ]; # "172.1.0.9" = [ "matrixdb.docker" ]; "172.1.4.1" = [ "matrix-ss.docker" ]; # "172.1.0.7" = [ "matrix-ssdb.docker" ]; "172.1.5.1" = [ "pw.docker" ]; "172.1.6.1" = [ "git.docker" ]; # "172.1.0.10" = [ "gitdb.docker" ]; "172.1.7.1" = [ "nn.docker" ]; "172.1.8.1" = [ "llm.docker" ]; # "172.1.9.1" = [ "proxy.docker" ]; "172.1.10.1" = [ "share.docker" ]; "172.1.11.1" = [ "odq.docker" ]; }; })