move ddns setup to hetzner

1 files changed, 14 insertions, 5 deletions

diff --git a/router.nix b/router.nix
index 20d07c1..3cc17bc 100644
--- a/router.nix
+++ b/router.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, pkgs, inputs, ... }:
 {
   boot.kernel.sysctl."net.ipv4.conf.all.forwarding" = true;
 
@@ -113,7 +113,11 @@
   };
   services.resolved.enable = false;
 
-  services.networkd-dispatcher = {
+  services.networkd-dispatcher =
+  let
+    logPath = "/home/mathias/networkd-dispatcher-run";
+  in
+  {
     enable = true;
     rules."ddns" = {
       onState = [ "routable" ];
@@ -124,8 +128,13 @@
           exit 0
         fi
 
-        ${pkgs.curl}/bin/curl "$(cat "${config.age.secrets."dyndns-url.txt".path}")"
-        printf "%s: %s\n" "$(date)" "$ADDR" >> /home/mathias/networkd-dispatcher-run
+        {
+          echo
+          printf "%s: %s\n" "$(date)" "$ADDR"
+          HCLOUD_TOKEN="$(cat "${config.age.secrets."hcloud-token.txt".path}")" \
+            ${inputs.unstable.legacyPackages.${pkgs.system}.hcloud}/bin/hcloud \
+            zone rrset set-records 0m.nu @ A --record "''${ADDR%% *}" 2>&1
+        } >> "${logPath}"
 
         exit 0
       '';
@@ -197,5 +206,5 @@
 
   age.secrets."wifi-password-staff.txt".file = ./secrets/wifi-password-staff.txt.age;
   age.secrets."wifi-password-guest.txt".file = ./secrets/wifi-password-guest.txt.age;
-  age.secrets."dyndns-url.txt".file = ./secrets/dyndns-url.txt.age;
+  age.secrets."hcloud-token.txt".file = ./secrets/hcloud-token.txt.age;
 }