Configure ddclient to update AAAA record for prefect
Alan Pearce alan@alanpearce.eu
Tue, 18 Apr 2023 20:47:43 +0200
2 files changed, 114 insertions(+), 0 deletions(-)
A patches/ddclient-noipv4.patch
@@ -0,0 +1,79 @@+diff --git a/ddclient.in b/ddclient.in +index 5e4759e..dd2fb58 100755 +--- a/ddclient.in ++++ b/ddclient.in +@@ -431,7 +431,8 @@ my %variables = ( + 'proxy' => setv(T_FQDNP, 0, 0, undef, undef), + 'protocol' => setv(T_PROTO, 0, 0, 'dyndns2', undef), + +- 'use' => setv(T_USE, 0, 0, 'ip', undef), ++ 'use' => setv(T_USE, 0, 0, 'disabled', undef), ++ + 'usev4' => setv(T_USEV4, 0, 0, 'disabled', undef), + 'usev6' => setv(T_USEV6, 0, 0, 'disabled', undef), + 'ip' => setv(T_IP, 0, 0, undef, undef), +@@ -489,7 +490,7 @@ my %variables = ( + 'password' => setv(T_PASSWD,1, 0, '', undef), + 'host' => setv(T_STRING,1, 1, '', undef), + +- 'use' => setv(T_USE, 0, 0, 'ip', undef), ++ 'use' => setv(T_USE, 0, 0, 'disabled', undef), + 'if' => setv(T_IF, 0, 0, 'ppp0', undef), + 'web' => setv(T_STRING,0, 0, 'dyndns', undef), + 'web-skip' => setv(T_STRING,0, 0, '', undef), +@@ -1075,6 +1076,8 @@ sub main { + read_cache(opt('cache'), \%cache); + print_info() if opt('debug') && opt('verbose'); + ++ fatal("invalid argument '-use %s'; possible values are:\n%s", $opt{'use'}, join("\n", ip_strategies_usage())) ++ unless exists $ip_strategies{lc opt('use')}; + fatal("invalid argument '-use %s'; possible values are:\n%s", $opt{'use'}, join("\n", ip_strategies_usage())) + unless exists $ip_strategies{lc opt('use')}; + if (defined($opt{'usev6'})) { +@@ -1154,11 +1157,9 @@ sub update_nics { + next if $config{$h}{'protocol'} ne lc($s); + $examined{$h} = 1; + # we only do this once per 'use' and argument combination +- my $use = opt('use', $h) // 'disabled'; +- my $usev4 = opt('usev4', $h) // 'disabled'; ++ my $use = 'disabled'; ++ my $usev4 = 'disabled'; + my $usev6 = opt('usev6', $h) // 'disabled'; +- $use = 'disabled' if ($use eq 'no'); # backward compatibility +- $usev6 = 'disabled' if ($usev6 eq 'no'); # backward compatibility + my $arg_ip = opt('ip', $h) // ''; + my $arg_ipv4 = opt('ipv4', $h) // ''; + my $arg_ipv6 = opt('ipv6', $h) // ''; +@@ -1592,18 +1593,6 @@ sub init_config { + ## + $opt{'quiet'} = 0 if opt('verbose'); + +- ## infer the IP strategy if possible +- if (!$opt{'use'}) { +- $opt{'use'} = 'web' if ($opt{'web'}); +- $opt{'use'} = 'if' if ($opt{'if'}); +- $opt{'use'} = 'ip' if ($opt{'ip'}); +- } +- ## infer the IPv4 strategy if possible +- if (!$opt{'usev4'}) { +- $opt{'usev4'} = 'webv4' if ($opt{'webv4'}); +- $opt{'usev4'} = 'ifv4' if ($opt{'ifv4'}); +- $opt{'usev4'} = 'ipv4' if ($opt{'ipv4'}); +- } + ## infer the IPv6 strategy if possible + if (!$opt{'usev6'}) { + $opt{'usev6'} = 'webv6' if ($opt{'webv6'}); +@@ -5813,11 +5802,12 @@ sub nic_nsupdate_update { + ## nsupdate requires a port number to be separated by whitepace, not colon + $server =~ s/:/ /; + my $zone = $config{$h}{'zone'}; +- my $ip = $config{$h}{'wantip'}; ++ my $ip = $config{$h}{'wantipv6'}; + my $recordtype = ''; + if (is_ipv6($ip)) { + $recordtype = 'AAAA'; + } else { ++ next; + $recordtype = 'A'; + } + delete $config{$_}{'wantip'} foreach @hosts;
M system/prefect.nix → system/prefect.nix
@@ -136,5 +136,40 @@ networking = { hostName = "prefect"; }; + services.ddclient = { + enable = true; + package = (pkgs.ddclient.overrideAttrs + (old: { + patches = (old.patches or [ ]) ++ [ + ../patches/ddclient-noipv4.patch + ]; + })); + use = "no"; + protocol = "nsupdate"; + verbose = true; + zone = "alanpearce.eu"; + server = "pappel.alanpearce.eu"; + passwordFile = "/etc/secrets/ddns.key"; + domains = [ "prefect.home.alanpearce.eu" ]; + extraConfig = '' + usev4=disabled + usev6=cmdv6 + cmdv6=${pkgs.writeScript "getipv6" '' + #!/bin/sh + set -eo pipefail + ip --oneline address show dev enp7s0 to 2000::/3 primary \ + | awk '{ print $4 }' \ + | cut -d/ -f1 + ''} + ttl=3600 + ''; + }; + systemd.services.ddclient.path = with pkgs; + [ + iproute2 + coreutils + gawk + ]; + system.stateVersion = "23.05"; }