From b08fb0c4b3cb1a2824bdd76a5a26ad39721f3479 Mon Sep 17 00:00:00 2001
From: Jacob Bachmann <jacob.bachmann@posteo.de>
Date: Sun, 8 Sep 2024 23:48:28 +0200
Subject: [PATCH] feat: remove tailscale, setup ddclient for namecheap

---
 hosts/APPA/network.nix                   |  3 ++-
 hosts/APPA/services/adguard-home.nix     |  4 ++++
 hosts/APPA/services/ddclient.nix         | 17 +++++++++++++++++
 hosts/APPA/services/default.nix          |  1 +
 modules/core/network.nix                 |  5 +++--
 modules/home-manager/gui/waybar.nix      |  7 +++----
 secrets/passwords/ddclient/namecheap.age |  9 +++++++++
 secrets/secrets.nix                      |  1 +
 8 files changed, 40 insertions(+), 7 deletions(-)
 create mode 100644 hosts/APPA/services/ddclient.nix
 create mode 100644 secrets/passwords/ddclient/namecheap.age

diff --git a/hosts/APPA/network.nix b/hosts/APPA/network.nix
index 1aff028..1fd7219 100644
--- a/hosts/APPA/network.nix
+++ b/hosts/APPA/network.nix
@@ -1,6 +1,6 @@
+{ ... }:
 {
   networking = {
-    firewall.enable = true;
     hostName = "APPA";
     useDHCP = false;
     interfaces.enp0s25 = {
@@ -20,6 +20,7 @@
     };
     defaultGateway = {
       address = "192.168.2.1";
+      interface = "enp0s25";
     };
     defaultGateway6 = {
       address = "fdd2:59e7:4ee1:0001::1";
diff --git a/hosts/APPA/services/adguard-home.nix b/hosts/APPA/services/adguard-home.nix
index 82f5c90..6355a39 100644
--- a/hosts/APPA/services/adguard-home.nix
+++ b/hosts/APPA/services/adguard-home.nix
@@ -22,6 +22,10 @@
             domain = "dryb.org";
             answer = "192.168.2.40";
           }
+          {
+            domain = "speedport.ip";
+            answer = "192.168.2.1";
+          }
           {
             domain = "speedport.dryb.org";
             answer = "192.168.2.1";
diff --git a/hosts/APPA/services/ddclient.nix b/hosts/APPA/services/ddclient.nix
new file mode 100644
index 0000000..750cead
--- /dev/null
+++ b/hosts/APPA/services/ddclient.nix
@@ -0,0 +1,17 @@
+{ config, ... }:
+{
+  age.secrets.passwords-ddclient-namecheap = {
+    file = ../../../secrets/passwords/ddclient/namecheap.age;
+  };
+
+  services.ddclient = {
+    enable = true;
+    use = "web, web=ifconfig.me/";
+    protocol = "namecheap";
+    server = "dynamicdns.park-your-domain.com";
+    username = "dryb.org";
+    passwordFile = config.age.secrets.passwords-ddclient-namecheap.path;
+    domains = [ "vpn" ];
+    interval = "10min";
+  };
+}
diff --git a/hosts/APPA/services/default.nix b/hosts/APPA/services/default.nix
index 0a2de03..2193830 100644
--- a/hosts/APPA/services/default.nix
+++ b/hosts/APPA/services/default.nix
@@ -2,6 +2,7 @@
   imports = [
     ./adguard-home.nix
     ./anki.nix
+    ./ddclient.nix
     ./gitea.nix
     ./homepage-dashboard.nix
     ./nginx.nix
diff --git a/modules/core/network.nix b/modules/core/network.nix
index bfe5dba..233dbaa 100644
--- a/modules/core/network.nix
+++ b/modules/core/network.nix
@@ -5,7 +5,9 @@
   ...
 }:
 {
-  networking.networkmanager.enable = true;
+  networking = {
+    networkmanager.enable = true;
+  };
   systemd.services = {
     NetworkManager-wait-online.enable = false;
   };
@@ -15,5 +17,4 @@
     pkgs.wireguard-tools # tools for the wireguard secure network tunnel
   ];
   services.mullvad-vpn.enable = config.bchmnn.collections.vpn.enable;
-  services.tailscale.enable = config.bchmnn.collections.vpn.enable;
 }
diff --git a/modules/home-manager/gui/waybar.nix b/modules/home-manager/gui/waybar.nix
index af2ac75..c8afa35 100644
--- a/modules/home-manager/gui/waybar.nix
+++ b/modules/home-manager/gui/waybar.nix
@@ -133,7 +133,6 @@ in
           "modules-right": [
             "tray",
             "network",
-            "custom/tailscale",
             "custom/separator",
             "pulseaudio",
             "custom/separator",
@@ -154,12 +153,12 @@ in
             "format": "{ifname}",
             "format-disconnected": "ó°ˆ‚ ",
             "format-ethernet": "eth ó°ˆ ",
-            "format-wifi": "{signalStrength}% ï‡« ",
+            "format-wifi": "{signalStrength}% ï‡«  ",
             "interval": 1,
             "tooltip-format": "{ifname} via {gwaddr} ó°ˆ ",
             "tooltip-format-disconnected": "Disconnected",
-            "tooltip-format-ethernet": "{ifname} ïƒ ",
-            "tooltip-format-wifi": "{essid} ({signalStrength}%) ï‡« "
+            "tooltip-format-ethernet": "{ifname} ïƒ  ",
+            "tooltip-format-wifi": "{essid} ({signalStrength}%) ï‡«  "
           },
           "custom/tailscale": {
             "exec": "${tailscale-status}",
diff --git a/secrets/passwords/ddclient/namecheap.age b/secrets/passwords/ddclient/namecheap.age
new file mode 100644
index 0000000..cd1c073
--- /dev/null
+++ b/secrets/passwords/ddclient/namecheap.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 OFTJeQ /4VkgBRfkeDWGyydiC0UWnRldkkweIS3kQWiyazW30w
+FogoQsMtbjc0gUTGeMdoFTV0CZPv051x3qhRxYvGp+Q
+-> ssh-ed25519 lfMVeg tYYo7I8FawLwBrdTWtjDV/4hzhrUFlGZTAM5Hp8mtRE
+JEcLpEKgppWVrlUEvL+arvWBL7/6sVhW/ErXZRkzfIA
+-> ssh-ed25519 ueRyzQ wTI3u3XtBoTKargoSn+HWl9HQTZzXjCEnLGQRSCmVUE
++9ovukCRRZ3FO+uuPjdWWvUQBfTyW2NfDpEFkaTVBZE
+--- VpOsD2Mzrb/jWQVu9wLlTSiUZNbpBmD9ISDLtbivuO0
+b<Ý+YŸûh–•('3[“KN3:ˆ]Ö¦Uklÿ9¯êGà]”ÐR•ÂÃö,çêt}4)œ%Ñî=«Í#¾
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 32a13f7..a280577 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -21,4 +21,5 @@ in
 {
   "passwords/gitea/db.age".publicKeys = users ++ [ APPA ];
   "passwords/anki/admin.age".publicKeys = users ++ [ APPA ];
+  "passwords/ddclient/namecheap.age".publicKeys = users ++ [ APPA ];
 }