about summary refs log tree commit diff
path: root/nixpkgs/nixos/modules/services/misc/cfdyndns.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/modules/services/misc/cfdyndns.nix')
-rw-r--r--nixpkgs/nixos/modules/services/misc/cfdyndns.nix19
1 files changed, 3 insertions, 16 deletions
diff --git a/nixpkgs/nixos/modules/services/misc/cfdyndns.nix b/nixpkgs/nixos/modules/services/misc/cfdyndns.nix
index 5a02de2aad21..dba8ac200151 100644
--- a/nixpkgs/nixos/modules/services/misc/cfdyndns.nix
+++ b/nixpkgs/nixos/modules/services/misc/cfdyndns.nix
@@ -60,8 +60,8 @@ in
       startAt = "*:0/5";
       serviceConfig = {
         Type = "simple";
-        User = config.ids.uids.cfdyndns;
-        Group = config.ids.gids.cfdyndns;
+        LoadCredential = lib.optional (cfg.apiTokenFile != null) "CLOUDFLARE_APITOKEN_FILE:${cfg.apiTokenFile}";
+        DynamicUser = true;
       };
       environment = {
         CLOUDFLARE_RECORDS="${concatStringsSep "," cfg.records}";
@@ -72,23 +72,10 @@ in
           export CLOUDFLARE_EMAIL="${cfg.email}"
         ''}
         ${optionalString (cfg.apiTokenFile != null) ''
-          export CLOUDFLARE_APITOKEN="$(cat ${escapeShellArg cfg.apiTokenFile})"
+          export CLOUDFLARE_APITOKEN=$(${pkgs.systemd}/bin/systemd-creds cat CLOUDFLARE_APITOKEN_FILE)
         ''}
         ${pkgs.cfdyndns}/bin/cfdyndns
       '';
     };
-
-    users.users = {
-      cfdyndns = {
-        group = "cfdyndns";
-        uid = config.ids.uids.cfdyndns;
-      };
-    };
-
-    users.groups = {
-      cfdyndns = {
-        gid = config.ids.gids.cfdyndns;
-      };
-    };
   };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-03 03:49:36 +0000