nsupdate: fix when mermet's nginx is down

author Julien Moutinho <julm@sourcephile.fr>

Wed, 5 May 2021 23:33:03 +0000 (01:33 +0200)

committer Julien Moutinho <julm@sourcephile.fr>

Wed, 5 May 2021 23:33:03 +0000 (01:33 +0200)
author Julien Moutinho <julm@sourcephile.fr>
Wed, 5 May 2021 23:33:03 +0000 (01:33 +0200)
committer Julien Moutinho <julm@sourcephile.fr>
Wed, 5 May 2021 23:33:03 +0000 (01:33 +0200)
diff --git a/hosts/losurdo/networking/nsupdate.nix b/hosts/losurdo/networking/nsupdate.nix

index 88f555574f5f5c150b591236b53e2c0105d01f0e..9c69f1e2209294cd49bb6b37748948096f8cfc6c 100644 (file)
--- a/hosts/losurdo/networking/nsupdate.nix
+++ b/hosts/losurdo/networking/nsupdate.nix
@@ -19,7 +19,8 @@ systemd.services.nsupdate = {
      Type = "simple";
      ExecStart = pkgs.writeShellScript "nsupdate" ''
        set -eux
-      publicIPv4=$(${pkgs.curl}/bin/curl -s4 https://whoami.sourcephile.fr/addr || true)
+      publicIPv4=$(${pkgs.curl}/bin/curl -s4 https://whoami.sourcephile.fr/addr ||
+        ${pkgs.curl}/bin/curl -s4L https://icanhazip.com || true)
        publicIPv6=$(${pkgs.curl}/bin/curl -s6L https://icanhazip.com || true)
        privateIPv4=$(${pkgs.miniupnpc}/bin/upnpc -s | sed -ne 's/^Local LAN ip address : //p')
        ${pkgs.knot-dns}/bin/knsupdate -k ${gnupg.secrets."knot/tsig/${domain}/bureau1.key".path} <<EOF
@@ -43,7 +44,7 @@ systemd.services.nsupdate = {
    };
  };
  users.users."nsupdate".isSystemUser = true;
-users.users."nsupdate".extraGroups = [ groups."keys".name ];
+users.groups."keys".members = [users."nsupdate".name];
  security.gnupg.secrets."knot/tsig/${domain}/bureau1.key" = {
    user = users."nsupdate".name;
  };
author	Julien Moutinho <julm@sourcephile.fr>
	Wed, 5 May 2021 23:33:03 +0000 (01:33 +0200)
committer	Julien Moutinho <julm@sourcephile.fr>
	Wed, 5 May 2021 23:33:03 +0000 (01:33 +0200)