kylekrein/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Aliasvault

Browse source
This commit is contained in:
Aleksandr Lebedev 2025-10-03 14:36:50 +02:00
parent 7a1053586d
commit 3cfbb8ec2e
5 changed files with 107 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

22
systems/x86_64-linux/stargate/duckdns.nix
View file

@ -17,14 +17,20 @@
systemd.services."duckdns" = {
script = let
duckdns = pkgs.writeShellScriptBin "duckdns" ''
TOKEN=$(${pkgs.coreutils}/bin/cat ${config.sops.secrets."duckdns".path})
REALV6=$(${pkgs.iproute2}/bin/ip -6 addr show dev enp3s0 scope global \
| ${pkgs.gawk}/bin/awk '/inet6 2/{print $2}' \
| ${pkgs.coreutils}/bin/cut -d/ -f1 \
| ${pkgs.gnugrep}/bin/grep -E 'f9c4$' \
| ${pkgs.coreutils}/bin/head -n1)
REALV4=$(${pkgs.curl}/bin/curl -s https://ifconfig.me --ipv4)
${pkgs.coreutils}/bin/echo url="https://www.duckdns.org/update?domains=kylekrein&token=$TOKEN&ipv6=$REALV6&ip=$REALV4" | ${pkgs.curl}/bin/curl -k -K -
TOKEN=$(${pkgs.coreutils}/bin/cat ${config.sops.secrets."duckdns".path})
REALV6=$(${pkgs.iproute2}/bin/ip -6 addr show dev enp3s0 scope global \
| ${pkgs.gawk}/bin/awk '/inet6 2/{print $2}' \
| ${pkgs.coreutils}/bin/cut -d/ -f1 \
| ${pkgs.gnugrep}/bin/grep -E 'f9c4$' \
| ${pkgs.coreutils}/bin/head -n1)
REALV4=$(${pkgs.curl}/bin/curl -s https://ifconfig.me --ipv4)
${pkgs.coreutils}/bin/echo url="https://www.duckdns.org/update?domains=kylekrein&token=$TOKEN&ipv6=$REALV6&ip=$REALV4" | ${pkgs.curl}/bin/curl -k -K -
${pkgs.coreutils}/bin/mkdir -p /etc/fail2ban/jail.d
${pkgs.coreutils}/bin/cat > /etc/fail2ban/jail.d/duckdns-ignore.local <<EOF
[DEFAULT]
ignoreip = 127.0.0.1/8 ::1 192.168.178.1/24 $REALV4 $REALV6
EOF
'';
in ''
set -eu