Jafner/homelab
1
1
Fork 0
Code Issues 15 Pull Requests Actions Packages Projects Releases Wiki Activity

#82 Add Jafner.chat handling

Browse Source 
#32 Refactor config handling
This commit is contained in:
Joey Hafner 2023-02-10 13:33:04 -08:00
parent e72b3ef6f2
commit dac3146ac0
4 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -1,2 +1,3 @@
*.secret *.secret
*_secrets.env *_secrets.env
server\config\ddns\ddclient\ddclient.conf

17
server/config/ddns/README.md Normal file
View File

@ -0,0 +1,17 @@
# Updating ddclient.conf
ddclient does not natively support proper secret management for credentials. So in order to ensure that our DNS management credentials are not kept in Git, we have to work around that.
Our credentials are stored in `ddclient_secrets.env`, which is git-ignored. Additionally, the actual `ddclient.conf` file is git-ignored because it must contain the credentials.
So we generate the config file when it must be updated. To update the file, we can run the following command:
```bash
cd ~/homelab/server/config/ddns/ && \
export $(cat ddclient_secrets.env | xargs) && \
envsubst < ./ddclient/ddclient.template > ./ddclient/ddclient.conf && \
unset $(grep -v '^#' ddclient_secrets.env | sed -E 's/(.*)=.*/\1/' | xargs)
```
First we export the variables in the `ddclient_secrets.env` file (which are all simple key-value pairs). Then, the [`envsubst`](https://www.baeldung.com/linux/envsubst-command) command looks for env variable references (like `$USER_Jafner_chat`) in the `ddclient.template` file (via stdin) and replaces them with the values from the current shell. Lastly, we remove the secrets from the shell to preserve security.
[StackOverflow - Set environment variables from file of ke/value pairs](https://stackoverflow.com/questions/19331497/set-environment-variables-from-file-of-key-value-pairs)

26
server/config/ddns/ddclient/ddclient.template Normal file
View File

@ -0,0 +1,26 @@
# jafner.dev
use=web
web=dynamicdns.park-your-domain.com/getip
protocol=googledomains
ssl=yes
login=$USER_Jafner_dev
password=$PASS_Jafner_dev
@.jafner.dev, *.jafner.dev
# jafner.chat
use=web
web=dynamicdns.park-your-domain.com/getip
protocol=cloudflare
login=$USER_Jafner_chat
password=$PASS_Jafner_chat
zone=jafner.chat
jafner.chat,*.jafner.chat
# meganmcdonough.art
use=web
web=dynamicdns.park-your-domain.com/getip
protocol=googledomains
ssl=yes
login=$USER_Meganmcdonough_art
password=$PASS_Meganmcdonough_art
meganmcdonough.art

1
server/config/ddns/docker-compose.yml
View File

@ -17,6 +17,7 @@ services:
- cloudflare_secrets.env - cloudflare_secrets.env
labels: labels:
- traefik.enable=false - traefik.enable=false
ddclient: ddclient:
image: linuxserver/ddclient image: linuxserver/ddclient
container_name: ddns_ddclient container_name: ddns_ddclient