dotfiles/system-modules/nx2site.nix

{ config, pkgs, lib, user, host, ... }:
lib.mkIf (host == "NxACE")
{
  sops.secrets = {
    "nx2site/namecheap.pw" = { };
  };

  systemd = {
    timers."namecheap-dynamic-dns" = {
      wantedBy = [ "timers.target" ];
      timerConfig = {
        OnBootSec = "2m";
        OnUnitActiveSec = "10m";
        Unit = "namecheap-dynamic-dns.service";
      };
    };
    services."namecheap-dynamic-dns" = 
    let 
      u = let
        domain = "nx2.site";
        passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path;
        log-file-path = "/var/log/update_namecheap.log";
        count-file-path = "/var/log/update_namecheap-count.txt";
      in
      pkgs.writers.writePython3Bin "update_namecheap" {
        libraries = with pkgs.python311Packages; [ 
          requests
        ];
        flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" ];
      } ''
        import requests
        import argparse
        import socket
        from datetime import datetime

        def get_public_ip(): return requests.get('https://ipinfo.io/ip').text.strip()

        def get_dns_ip(): return socket.gethostbyname_ex('${domain}')[2][0]

        def main(force_update):
            my_ip = get_public_ip()
            dns_ip = get_dns_ip()

            with open("${count-file-path}", "r") as f:
                content = f.read()
                if content == "": count = 0
                else: count = int(content)
            count += 1
            with open("${count-file-path}", "w") as f:
                f.write(str(count))

            if not (force_update or my_ip != dns_ip):
                print(f"Host IP and DNS response are both {my_ip} --> No Action")
                exit(0)
            else:
                with open("${passord-file-path}", 'r') as pw_file: pw = pw_file.read().strip()

                # Perform DNS updates
                resp_base = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password={pw}&ip={my_ip}")
                resp_subd = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=*&domain=${domain}&password={pw}&ip={my_ip}")
    
                # Reset the count file
                with open("${count-file-path}", 'w') as f: f.write('0')

                now_str = datetime.now().strftime('%Y/%m/%d-%R')
                log_entry = f"At {now_str} - from {dns_ip} to {my_ip} - {count} times - Response {resp_base.status_code}{' - (forced)' if force_update else '           '}\n"
                print(log_entry, end="")
                with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry)

        if __name__ == "__main__":
            parser = argparse.ArgumentParser()
            parser.add_argument('-f', '--force', action='store_true', help='Force update')
            args = parser.parse_args()
  
            main(args.force)
      '';
    in
    {
      script = ''
        set -eu
        ${u}/bin/update_namecheap
      '';
      serviceConfig = {
        Type = "oneshot";
        # User = "nx2";
      };
    };
  };
}