root/the_prg_server_configuration
1
0
Fork 0
mirror of https://codeberg.org/polyteknisk-radiogruppe/the_prg_server_configuration.git synced 2026-06-13 18:28:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add support for auth_email and auth_key as script arguments

Browse source
This commit is contained in:
Root User 2026-03-03 13:58:05 +01:00
parent 40f5a99e1f
commit 04963481fe
Signed by: root
GPG key ID: 087F0A95E5766D72
1 changed files with 26 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

83
nix-system-configs/modules/system/traefik.nix
View file

@ -644,21 +644,28 @@ in {
${pkgs.util-linux}/bin/logger -s "DDNS Updater: No zone_identifier arg provided; using zone_identifier env: '$zone_identifier'"
fi
# If auth_email/auth_key were passed as the 3rd/4th arguments, use them (wrapper now passes them)
if [ -n "$3" ]; then
auth_email="$3"
${pkgs.util-linux}/bin/logger -s "DDNS Updater: Using auth_email from arg: '$auth_email'"
else
${pkgs.util-linux}/bin/logger -s "DDNS Updater: No auth_email arg provided; using auth_email env: '$auth_email'"
fi
if [ -n "$4" ]; then
auth_key="$4"
# avoid printing the key itself to logs; show length instead
${pkgs.util-linux}/bin/logger -s "DDNS Updater: Using auth_key from arg (length=''${#auth_key})"
else
${pkgs.util-linux}/bin/logger -s "DDNS Updater: No auth_key arg provided; using auth_key env (length=''${#auth_key})"
fi
# Fail fast if we still don't have a zone identifier
if [ -z "$zone_identifier" ]; then
${pkgs.util-linux}/bin/logger -s "DDNS Updater: zone_identifier is empty cannot proceed (invalid zone)."
exit 2
fi
# Debug: log auth status
${pkgs.util-linux}/bin/logger -s "DDNS Updater: auth_key length: ''${#auth_key}, auth_email: '$auth_email', auth_method: '$auth_method'"
# Fail fast if we don't have auth credentials
if [ -z "$auth_key" ]; then
${pkgs.util-linux}/bin/logger -s "DDNS Updater: auth_key is empty cannot authenticate with Cloudflare."
exit 2
fi
###########################################
## Check and set the proper auth header
###########################################
@ -678,9 +685,6 @@ in {
-H "''$auth_header ''$auth_key" \
-H "Content-Type: application/json")
# Debug: log first 200 chars of response
${pkgs.util-linux}/bin/logger -s "DDNS Updater: Record fetch response (first 200 chars): ''${record:0:200}"
###########################################
## Check if the domain has an A record
###########################################
@ -689,12 +693,6 @@ in {
exit 1
fi
# Check if the API returned an error
if [[ $record == *"\\"success\\":false"* ]]; then
${pkgs.util-linux}/bin/logger -s "DDNS Updater: Cloudflare API returned error: $record"
exit 1
fi
###########################################
## Get existing IP
###########################################
@ -710,14 +708,6 @@ in {
###########################################
record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\\1/')
# Fail fast if we couldn't extract the record ID
if [ -z "$record_identifier" ] || [[ $record_identifier == *"{"* ]]; then
${pkgs.util-linux}/bin/logger -s "DDNS Updater: Failed to extract record_identifier from response. Got: '$record_identifier'"
exit 1
fi
${pkgs.util-linux}/bin/logger -s "DDNS Updater: Using record_identifier: '$record_identifier'"
###########################################
## Change the IP@Cloudflare using the API
###########################################
@ -740,18 +730,18 @@ in {
${pkgs.curl}/bin/curl -L -X POST "''${slackuri}" --data-raw "{\"channel\":\"''${slackchannel}\",\"text\":\"''${msg}\"}"
fi
if [[ $discorduri != "" ]]; then
msg="$${sitename} DDNS Update Failed: $${record_name}: $${record_identifier} ($${CURRENT_IP})."
${pkgs.curl}/bin/curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST --data-raw "{\"content\":\"$${msg}\"}" "$${discorduri}"
msg="''${sitename} DDNS Update Failed: ''${record_name}: ''${record_identifier} (''${CURRENT_IP})."
${pkgs.curl}/bin/curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST --data-raw "{\"content\":\"''${msg}\"}" "''${discorduri}"
fi
exit 1;;
*)
msg="$${sitename} Updated: $${record_name}'s new IP Address is $${CURRENT_IP}"
${pkgs.util-linux}/bin/logger "DDNS Updater: $${CURRENT_IP} $${record_name} DDNS updated."
msg="''${sitename} Updated: ''${record_name}'s new IP Address is ''${CURRENT_IP}"
${pkgs.util-linux}/bin/logger "DDNS Updater: ''${CURRENT_IP} ''${record_name} DDNS updated."
if [[ $slackuri != "" ]]; then
${pkgs.curl}/bin/curl -L -X POST "$${slackuri}" --data-raw "{\"channel\":\"$${slackchannel}\",\"text\":\"$${msg}\"}"
${pkgs.curl}/bin/curl -L -X POST "''${slackuri}" --data-raw "{\"channel\":\"''${slackchannel}\",\"text\":\"''${msg}\"}"
fi
if [[ $discorduri != "" ]]; then
${pkgs.curl}/bin/curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST --data-raw "{\"content\":\"$${msg}\"}" "$${discorduri}"
${pkgs.curl}/bin/curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST --data-raw "{\"content\":\"''${msg}\"}" "''${discorduri}"
fi
exit 0;;
esac
@ -768,44 +758,23 @@ in {
# Wrapper: source env, map tokens, loop declared records and call the upstream single-run script
if [ -f "${envFile}" ]; then
echo "DEBUG: Sourcing environment file: ${envFile}" >&2
# shellcheck disable=SC1090
source "${envFile}"
echo "DEBUG: After sourcing - CLOUDFLARE_DNS_API_TOKEN length: ''${#CLOUDFLARE_DNS_API_TOKEN:-0}, CLOUDFLARE_API_TOKEN length: ''${#CLOUDFLARE_API_TOKEN:-0}" >&2
else
echo "ERROR: Environment file not found: ${envFile}" >&2
exit 1
fi
# Map env variables from the env file into auth_key/auth_email used by the upstream script
if [ -n "''${CLOUDFLARE_DNS_API_TOKEN:-}" ]; then
export auth_key="''${CLOUDFLARE_DNS_API_TOKEN}"
echo "DEBUG: Using CLOUDFLARE_DNS_API_TOKEN (length: ''${#auth_key})" >&2
export auth_key="''${CLOUDFLARE_DNS_API_TOKEN:-}"
elif [ -n "''${CLOUDFLARE_API_TOKEN:-}" ]; then
export auth_key="''${CLOUDFLARE_API_TOKEN}"
echo "DEBUG: Using CLOUDFLARE_API_TOKEN (length: ''${#auth_key})" >&2
else
echo "ERROR: No Cloudflare API token found in environment file" >&2
echo "ERROR: Available variables: $(set | grep CLOUDFLARE || echo 'none')" >&2
exit 1
export auth_key="''${CLOUDFLARE_API_TOKEN:-}"
fi
if [ -n "''${CLOUDFLARE_USERNAME:-}" ]; then
export auth_email="''${CLOUDFLARE_USERNAME}"
echo "DEBUG: Using CLOUDFLARE_USERNAME: '$auth_email'" >&2
else
echo "DEBUG: No CLOUDFLARE_USERNAME found, auth_email will be empty" >&2
export auth_email="''${CLOUDFLARE_USERNAME:-}"
fi
# Export auth_method for the single-run script
export auth_method="token"
# Ensure zone id is exported for the single-run script
export zone_identifier="${zoneId}"
# Debug: log that we're starting with credentials
echo "Starting DDNS update with auth_key length: ''${#auth_key}, auth_email: '$auth_email'" >&2
# Loop records from the Nix list. "@" maps to the base domain
for r in ${recordsStr}; do
if [ "$r" = "@" ]; then
@ -814,7 +783,7 @@ in {
export record_name="$r.${domain}"
fi
# Invoke the single-run script explicitly with the system's bash via env to avoid /bin/bash shebang issues
${pkgs.bash}/bin/bash /etc/cloudflare-ddns/update-single.sh "$record_name" "$zone_identifier" || true
${pkgs.bash}/bin/bash /etc/cloudflare-ddns/update-single.sh "$record_name" "$zone_identifier" "$auth_email" "$auth_key" || true
done
'';