config/profiles/domeneshop-dyndns/default.nix

{ config, pkgs, lib, ... }:
let
  cfg = config.services.domeneshop-updater;
in
{
  # auto domain update

  options = with lib; {
    services.domeneshop-updater.target = mkOption {
      type = types.str;
      #default = config.networking.fqdn;
    };
  };

  config = {

    systemd.services.domeneshop-updater = {
      description = "domene.shop dyndns domain updater";
      wantedBy = [ "multi-user.target" ];
      after = [ "network-online.target" ];
      wants = [ "network-online.target" ];
      serviceConfig = let
        prog = pkgs.writeShellApplication {
          name = "domeneshop-dyndns-updater.sh";
          runtimeInputs = with pkgs; [ curl yq ];
          text = ''
            test -s /var/lib/secrets/domeneshop.toml || {
              >&2 echo "ERROR: /var/lib/secrets/domeneshop.toml not found!"
              exit 1
            }
            DOMENESHOP_TOKEN="$( tomlq </var/lib/secrets/domeneshop.toml .secrets.DOMENESHOP_TOKEN  --raw-output)"
            DOMENESHOP_SECRET="$(tomlq </var/lib/secrets/domeneshop.toml .secrets.DOMENESHOP_SECRET --raw-output)"
            curl https://"$DOMENESHOP_TOKEN":"$DOMENESHOP_SECRET"@api.domeneshop.no/v0/dyndns/update?hostname=${cfg.target}
          '';
        };
      in {
        User  = "domeneshop";
        Group = "domeneshop";
        DynamicUser = true;
        ExecStart = "${prog}/bin/domeneshop-dyndns-updater.sh";
        PrivateTmp = true;
      };
    };
    systemd.timers.domeneshop-updater = let interval = "2h"; in {
      description = "Update domene.shop every ${interval}";
      wantedBy = [ "timers.target" ];
      timerConfig = {
        OnBootSec = "5m";
        OnUnitInactiveSec = interval;
        Unit = "domeneshop-updater.service";
      };
    };

  };
}