diff --git a/nixos/configurations/Tytonidae/dae/default.nix b/nixos/configurations/Tytonidae/dae/default.nix deleted file mode 100644 index e8e43d7..0000000 --- a/nixos/configurations/Tytonidae/dae/default.nix +++ /dev/null @@ -1,116 +0,0 @@ -{ - config, - rootPath, - pkgs, - ... -}: -{ - services.dae = { - enable = true; - openFirewall = { - enable = true; - port = 12345; - }; - disableTxChecksumIpGeneric = false; - config = builtins.readFile ./config.dae; - }; - sops.secrets.url = { - mode = "0444"; - sopsFile = rootPath + "/secrets/general.yaml"; - }; - systemd.services = - let - update = '' - head="user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36" - new_proxy=/etc/dae/proxy.d.new - num=0 - check=1 - urls="$(cat ${config.sops.secrets.url.path})" - mkdir -p ''${new_proxy} - for url in ''${urls}; do - txt=''${new_proxy}/''${num}.txt - config="''${new_proxy}/''${num}.dae" - echo \'curl -LH \""''${head}"\" \""''${url}"\" -o \""''${txt}"\"\' - curl -LH "''${head}" "''${url}" -o "''${txt}" - echo End curl - echo "" > ''${config} - { - echo 'subscription {' - echo \ \ wget:\ \"file://proxy.d/''${num}.txt\" - echo "}" - } >> ''${config} - if [[ ! -s ''${txt} ]]; then - check=0 - fi - chmod 0640 ''${txt} - chmod 0640 ''${config} - num=$((num+1)) - - if [[ ''${check} -eq 0 ]]; then - echo "''${txt}" is empty - exit 103 - fi - done - if [[ -d /etc/dae/proxy.d ]]; then - mv /etc/dae/proxy.d /etc/dae/proxy.d.old - fi - mv ''${new_proxy} /etc/dae/proxy.d - ''; - updateScript = pkgs.writeShellApplication { - name = "update.sh"; - runtimeInputs = with pkgs; [ - coreutils - curl - ]; - text = '' - mkdir -p /etc/proxy.d - if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then - echo "No subscription file found in /etc/dae/proxy.d. Update now..." - ${update} - else - echo "Found existing subscription files. Skipping immediate update." - fi - ''; - }; - updateForceScript = pkgs.writeShellApplication { - name = "update-force.sh"; - runtimeInputs = with pkgs; [ - coreutils - curl - ]; - text = '' - ${update} - ''; - }; - in - { - "update-dae-subscription-immediate" = { - after = [ "network-online.target" ]; - wants = [ "network-online.target" ]; - before = [ "dae.service" ]; - serviceConfig = { - Type = "oneshot"; - User = "root"; - ExecStart = [ - "${updateScript}/bin/update.sh" - ]; - }; - wantedBy = [ "multi-user.target" ]; - }; - "update-dae-subscription-force" = { - serviceConfig = { - Type = "oneshot"; - User = "root"; - ExecStartPre = [ - "-${pkgs.systemd}/bin/systemctl stop dae.service" - ]; - ExecStartPost = [ - "-${pkgs.systemd}/bin/systemctl start dae.service" - ]; - ExecStart = [ - "${updateForceScript}/bin/update-force.sh" - ]; - }; - }; - }; -} diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix index 373137f..d9eae92 100644 --- a/nixos/configurations/Tytonidae/default.nix +++ b/nixos/configurations/Tytonidae/default.nix @@ -10,7 +10,6 @@ ./users ./openssh.nix ./kvm.nix - ./dae ./nh.nix ./steam.nix @@ -19,10 +18,15 @@ ./networking.nix ]; - youthlic.home-manager = { - enable = true; - unixName = "david"; - hostName = "Tytonidae"; + youthlic = { + home-manager = { + enable = true; + unixName = "david"; + hostName = "Tytonidae"; + }; + programs = { + dae.enable = true; + }; }; programs.gnupg.agent = { diff --git a/nixos/configurations/Tytonidae/dae/config.dae b/nixos/modules/dae/config.dae similarity index 100% rename from nixos/configurations/Tytonidae/dae/config.dae rename to nixos/modules/dae/config.dae diff --git a/nixos/modules/dae/default.nix b/nixos/modules/dae/default.nix new file mode 100644 index 0000000..44b7024 --- /dev/null +++ b/nixos/modules/dae/default.nix @@ -0,0 +1,127 @@ +{ + config, + rootPath, + pkgs, + lib, + ... +}: +let + cfg = config.youthlic.programs.dae; +in +{ + options = { + youthlic.programs.dae = { + enable = lib.mkEnableOption "dae"; + }; + }; + config = lib.mkIf cfg.enable { + services.dae = { + enable = true; + openFirewall = { + enable = true; + port = 12345; + }; + disableTxChecksumIpGeneric = false; + config = builtins.readFile ./config.dae; + }; + sops.secrets.url = { + mode = "0444"; + sopsFile = rootPath + "/secrets/general.yaml"; + }; + systemd.services = + let + update = '' + head="user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36" + new_proxy=/etc/dae/proxy.d.new + num=0 + check=1 + urls="$(cat ${config.sops.secrets.url.path})" + mkdir -p ''${new_proxy} + for url in ''${urls}; do + txt=''${new_proxy}/''${num}.txt + config="''${new_proxy}/''${num}.dae" + echo \'curl -LH \""''${head}"\" \""''${url}"\" -o \""''${txt}"\"\' + curl -LH "''${head}" "''${url}" -o "''${txt}" + echo End curl + echo "" > ''${config} + { + echo 'subscription {' + echo \ \ wget:\ \"file://proxy.d/''${num}.txt\" + echo "}" + } >> ''${config} + if [[ ! -s ''${txt} ]]; then + check=0 + fi + chmod 0640 ''${txt} + chmod 0640 ''${config} + num=$((num+1)) + + if [[ ''${check} -eq 0 ]]; then + echo "''${txt}" is empty + exit 103 + fi + done + if [[ -d /etc/dae/proxy.d ]]; then + mv /etc/dae/proxy.d /etc/dae/proxy.d.old + fi + mv ''${new_proxy} /etc/dae/proxy.d + ''; + updateScript = pkgs.writeShellApplication { + name = "update.sh"; + runtimeInputs = with pkgs; [ + coreutils + curl + ]; + text = '' + mkdir -p /etc/proxy.d + if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then + echo "No subscription file found in /etc/dae/proxy.d. Update now..." + ${update} + else + echo "Found existing subscription files. Skipping immediate update." + fi + ''; + }; + updateForceScript = pkgs.writeShellApplication { + name = "update-force.sh"; + runtimeInputs = with pkgs; [ + coreutils + curl + ]; + text = '' + ${update} + ''; + }; + in + { + "update-dae-subscription-immediate" = { + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + before = [ "dae.service" ]; + serviceConfig = { + Type = "oneshot"; + User = "root"; + ExecStart = [ + "${updateScript}/bin/update.sh" + ]; + }; + wantedBy = [ "multi-user.target" ]; + }; + "update-dae-subscription-force" = { + serviceConfig = { + Type = "oneshot"; + User = "root"; + ExecStartPre = [ + "-${pkgs.systemd}/bin/systemctl stop dae.service" + ]; + ExecStartPost = [ + "-${pkgs.systemd}/bin/systemctl start dae.service" + ]; + ExecStart = [ + "${updateForceScript}/bin/update-force.sh" + ]; + }; + }; + }; + }; +} diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix index 0179a9b..f61187f 100644 --- a/nixos/modules/default.nix +++ b/nixos/modules/default.nix @@ -17,6 +17,7 @@ ./nix.nix ./home.nix ./sops.nix + ./dae ]; config = {