added script for domains

2026-03-27 17:46:52 -05:00
parent 691a555645
commit 335c5ffa2e
5 changed files with 231 additions and 75 deletions
--- a/modules/core/sovran-manage-domains.nix
+++ b/modules/core/sovran-manage-domains.nix
@@ -3,7 +3,9 @@
 let
  domains = config.sovran_systemsOS.domainRequirements;

-  # Build the domain prompts dynamically from registered modules
+  # Build list of domain names for the missing-check script
+  domainNamesList = lib.concatMapStringsSep " " (d: d.name) domains;
+
  domainPrompts = lib.concatMapStringsSep "\n" (d: ''
    echo ""
    echo -e "''${GREEN}── ${d.label} ──''${NC}"
@@ -30,104 +32,237 @@ curl \"''${DDNS_URL%auto}''${DOLLAR}{IP}\""
    fi
  '') domains;

-  # Build the summary list
+  # Only prompt for domains that don't have a file yet
+  missingDomainPrompts = lib.concatMapStringsSep "\n" (d: ''
+    if [ ! -f "/var/lib/domains/${d.name}" ]; then
+      MISSING=true
+      echo ""
+      echo -e "''${GREEN}── ${d.label} (NEW) ──''${NC}"
+      read -p "  Subdomain (e.g. ${d.example}): " DOMAIN
+
+      if [ -n "$DOMAIN" ]; then
+        echo "$DOMAIN" > "/var/lib/domains/${d.name}"
+        echo "  Saved: $DOMAIN"
+        ${lib.optionalString d.needsDDNS ''
+        read -p "  Njal.la DDNS URL for $DOMAIN (paste full URL, or Enter to skip): " DDNS_URL
+        if [ -n "$DDNS_URL" ]; then
+          NEW_NJALLA_ENTRIES="$NEW_NJALLA_ENTRIES
+curl \"''${DDNS_URL%auto}''${DOLLAR}{IP}\""
+        fi
+        ''}
+      else
+        echo "  Skipped."
+      fi
+    fi
+  '') domains;
+
  domainSummary = lib.concatMapStringsSep "\n" (d: ''
    if [ -f "/var/lib/domains/${d.name}" ]; then
      echo "  ${d.label}: $(cat /var/lib/domains/${d.name})"
    fi
  '') domains;
-in
-{
-  environment.systemPackages = [
-    (pkgs.writeShellScriptBin "sovran-setup-domains" ''
-      set -euo pipefail

-      GREEN='\033[0;32m'
-      YELLOW='\033[1;33m'
-      CYAN='\033[0;36m'
-      NC='\033[0m'
-      DOLLAR='$'
+  # ── Full setup (first boot) ─────────────────────────────────
+  setupScript = pkgs.writeShellScriptBin "sovran-setup-domains" ''
+    set -euo pipefail

-      echo ""
-      echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
-      echo -e "''${CYAN}  Sovran_SystemsOS — Domain & DDNS Setup''${NC}"
-      echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
-      echo ""
-      echo -e "''${YELLOW}Before running this, you need:''${NC}"
-      echo ""
-      echo "  1. Domains/subdomains purchased on https://njal.la"
-      echo "  2. For each subdomain, add a Dynamic record in"
-      echo "     your Njal.la dashboard."
-      echo "  3. Njal.la will give you a DDNS URL like:"
-      echo ""
-      echo -e "     ''${CYAN}https://njal.la/update/?h=sub.domain.com&k=abc123&auto''${NC}"
-      echo ""
-      echo "  Have those URLs ready."
-      echo ""
-      read -p "Press Enter to continue..."
+    GREEN='\033[0;32m'
+    YELLOW='\033[1;33m'
+    CYAN='\033[0;36m'
+    NC='\033[0m'
+    DOLLAR='$'

-      # ── Create directories ────────────────────────────
-      mkdir -p /var/lib/domains
-      mkdir -p /var/lib/njalla
+    echo ""
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo -e "''${CYAN}  Sovran_SystemsOS — Domain & DDNS Setup''${NC}"
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo ""
+    echo -e "''${YELLOW}Before running this, you need:''${NC}"
+    echo ""
+    echo "  1. Domains/subdomains purchased on https://njal.la"
+    echo "  2. For each subdomain, add a Dynamic record in"
+    echo "     your Njal.la dashboard."
+    echo "  3. Njal.la will give you a DDNS URL like:"
+    echo ""
+    echo -e "     ''${CYAN}https://njal.la/update/?h=sub.domain.com&k=abc123&auto''${NC}"
+    echo ""
+    echo "  Have those URLs ready."
+    echo ""
+    read -p "Press Enter to continue..."

-      NJALLA_ENTRIES=""
+    # ── Create directories ────────────────────────────
+    mkdir -p /var/lib/domains
+    mkdir -p /var/lib/njalla

-      # ── SSL Email ─────────────────────────────────────
-      echo ""
-      echo -e "''${GREEN}── SSL Certificate Email ──''${NC}"
-      echo "Let's Encrypt needs an email for certificate notifications."
-      EXISTING_EMAIL=""
-      if [ -f "/var/lib/domains/sslemail" ]; then
-        EXISTING_EMAIL=$(cat /var/lib/domains/sslemail)
-        echo -e "  Current: ''${CYAN}$EXISTING_EMAIL''${NC}"
-      fi
-      read -p "  Email address (or Enter to keep current): " EMAIL_INPUT
-      SSL_EMAIL="''${EMAIL_INPUT:-$EXISTING_EMAIL}"
-      if [ -n "$SSL_EMAIL" ]; then
-        echo "$SSL_EMAIL" > /var/lib/domains/sslemail
-        echo "  Saved."
-      fi
+    NJALLA_ENTRIES=""

-      # ── Module domains (auto-generated from enabled modules) ──
-      ${domainPrompts}
+    # ── SSL Email ─────────────────────────────────────
+    echo ""
+    echo -e "''${GREEN}── SSL Certificate Email ──''${NC}"
+    echo "Let's Encrypt needs an email for certificate notifications."
+    EXISTING_EMAIL=""
+    if [ -f "/var/lib/domains/sslemail" ]; then
+      EXISTING_EMAIL=$(cat /var/lib/domains/sslemail)
+      echo -e "  Current: ''${CYAN}$EXISTING_EMAIL''${NC}"
+    fi
+    read -p "  Email address (or Enter to keep current): " EMAIL_INPUT
+    SSL_EMAIL="''${EMAIL_INPUT:-$EXISTING_EMAIL}"
+    if [ -n "$SSL_EMAIL" ]; then
+      echo "$SSL_EMAIL" > /var/lib/domains/sslemail
+      echo "  Saved."
+    fi

-      # ── Write njalla.sh ───────────────────────────────
-      echo ""
-      echo -e "''${GREEN}── Generating DDNS script ──''${NC}"
+    # ── All module domains ────────────────────────────
+    ${domainPrompts}

-      cat > /var/lib/njalla/njalla.sh <<SCRIPT
+    # ── Write njalla.sh ───────────────────────────────
+    echo ""
+    echo -e "''${GREEN}── Generating DDNS script ──''${NC}"
+
+    cat > /var/lib/njalla/njalla.sh <<SCRIPT
 #!/usr/bin/env bash
 IP=\$(dig @resolver4.opendns.com myip.opendns.com +short -4)
 $NJALLA_ENTRIES
 SCRIPT

-      chmod 700 /var/lib/njalla/njalla.sh
-      echo "  Written to /var/lib/njalla/njalla.sh"
+    chmod 700 /var/lib/njalla/njalla.sh
+    echo "  Written to /var/lib/njalla/njalla.sh"
+
+    # ── Run DDNS update now ───────────────────────────
+    echo ""
+    read -p "Update Njal.la DNS records now? (y/n): " RUN_NOW
+    if [ "$RUN_NOW" = "y" ]; then
+      bash /var/lib/njalla/njalla.sh
+      echo "  DNS records updated."
+    fi
+
+    # ── Mark setup complete ───────────────────────────
+    touch /var/lib/domains/.setup-complete
+
+    # ── Summary ───────────────────────────────────────
+    echo ""
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo -e "''${CYAN}  Setup Complete!''${NC}"
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo ""
+    echo "  Configured domains:"
+    ${domainSummary}
+    echo ""
+    echo "  Domain files:   /var/lib/domains/"
+    echo "  DDNS script:    /var/lib/njalla/njalla.sh"
+    echo "  DDNS cron:      Every 15 minutes (already configured)"
+    echo ""
+    echo -e "''${YELLOW}  Rebuilding to activate services with new domains...''${NC}"
+    echo ""
+    nixos-rebuild switch --flake /etc/nixos#nixos
+  '';
+
+  # ── Add-domain script (existing machines, new features) ─────
+  addDomainScript = pkgs.writeShellScriptBin "sovran-add-domains" ''
+    set -euo pipefail
+
+    GREEN='\033[0;32m'
+    YELLOW='\033[1;33m'
+    CYAN='\033[0;36m'
+    NC='\033[0m'
+    DOLLAR='$'
+
+    MISSING=false
+    NEW_NJALLA_ENTRIES=""
+
+    echo ""
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo -e "''${CYAN}  Sovran_SystemsOS — New Feature Domains''${NC}"
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo ""
+    echo "  Checking for newly enabled features that need domains..."
+
+    mkdir -p /var/lib/domains
+    mkdir -p /var/lib/njalla
+
+    ${missingDomainPrompts}
+
+    if [ "$MISSING" = false ]; then
+      echo ""
+      echo -e "''${GREEN}  All domains are already configured. Nothing to do.''${NC}"
+      echo ""
+      exit 0
+    fi
+
+    # ── Append new entries to njalla.sh ───────────────
+    if [ -n "$NEW_NJALLA_ENTRIES" ]; then
+      echo ""
+      echo -e "''${GREEN}── Updating DDNS script ──''${NC}"
+
+      if [ -f /var/lib/njalla/njalla.sh ]; then
+        echo "$NEW_NJALLA_ENTRIES" >> /var/lib/njalla/njalla.sh
+        echo "  Appended new entries to /var/lib/njalla/njalla.sh"
+      else
+        cat > /var/lib/njalla/njalla.sh <<SCRIPT
+#!/usr/bin/env bash
+IP=\$(dig @resolver4.opendns.com myip.opendns.com +short -4)
+$NEW_NJALLA_ENTRIES
+SCRIPT
+        chmod 700 /var/lib/njalla/njalla.sh
+        echo "  Created /var/lib/njalla/njalla.sh"
+      fi

-      # ── Run DDNS update now ───────────────────────────
      echo ""
      read -p "Update Njal.la DNS records now? (y/n): " RUN_NOW
      if [ "$RUN_NOW" = "y" ]; then
        bash /var/lib/njalla/njalla.sh
        echo "  DNS records updated."
      fi
+    fi

-      # ── Summary ───────────────────────────────────────
-      echo ""
-      echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
-      echo -e "''${CYAN}  Setup Complete!''${NC}"
-      echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
-      echo ""
-      echo "  Configured domains:"
-      ${domainSummary}
-      echo ""
-      echo "  Domain files:   /var/lib/domains/"
-      echo "  DDNS script:    /var/lib/njalla/njalla.sh"
-      echo "  DDNS cron:      Every 15 minutes (already configured)"
-      echo ""
-      echo "  Next step:"
-      echo "    sudo nixos-rebuild switch --flake /etc/nixos#nixos"
-      echo ""
-    '')
+    # ── Summary ───────────────────────────────────────
+    echo ""
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo -e "''${CYAN}  New Domains Added!''${NC}"
+    echo -e "''${CYAN}══════════════════════════════════════════════''${NC}"
+    echo ""
+    echo "  All configured domains:"
+    ${domainSummary}
+    echo ""
+    echo -e "''${YELLOW}  Rebuilding to activate services with new domains...''${NC}"
+    echo ""
+    nixos-rebuild switch --flake /etc/nixos#nixos
+  '';
+
+  # ── Check script used by autostart ──────────────────────────
+  needsSetup = pkgs.writeShellScriptBin "sovran-domains-need-setup" ''
+    # First boot — no setup done at all
+    if [ ! -f /var/lib/domains/.setup-complete ]; then
+      exit 0
+    fi
+
+    # Existing machine — check for missing domain files
+    for NAME in ${domainNamesList}; do
+      if [ ! -f "/var/lib/domains/$NAME" ]; then
+        exit 0
+      fi
+    done
+
+    # Everything is configured
+    exit 1
+  '';
+
+in
+{
+  environment.systemPackages = [
+    setupScript
+    addDomainScript
+    needsSetup
  ];
+
+  # ── Auto-launch on login if any domains are missing ─────────
+  environment.etc."xdg/autostart/sovran-setup-domains.desktop".text = ''
+    [Desktop Entry]
+    Type=Application
+    Name=Sovran_SystemsOS Domain Setup
+    Comment=Configure domains for newly enabled features
+    Exec=${pkgs.bash}/bin/bash -c 'if ${needsSetup}/bin/sovran-domains-need-setup; then if [ ! -f /var/lib/domains/.setup-complete ]; then ${pkgs.gnome-terminal}/bin/gnome-terminal -- sudo ${setupScript}/bin/sovran-setup-domains; else ${pkgs.gnome-terminal}/bin/gnome-terminal -- sudo ${addDomainScript}/bin/sovran-add-domains; fi; fi'
+    Terminal=false
+    X-GNOME-Autostart-enabled=true
+  '';
 }
--- a/modules/element-calling.nix
+++ b/modules/element-calling.nix
@@ -49,6 +49,9 @@ lib.mkIf config.sovran_systemsOS.features.element-calling {
      Type = "oneshot";
      RemainAfterExit = true;
    };
+    unitConfig = {
+      ConditionPathExists = "/var/lib/domains/element-calling";
+    };
    path = [ pkgs.coreutils ];
    script = ''
      MATRIX=$(cat /var/lib/domains/matrix)
@@ -100,6 +103,9 @@ EOF
      Type = "oneshot";
      RemainAfterExit = true;
    };
+    unitConfig = {
+      ConditionPathExists = "/var/lib/domains/element-calling";
+    };
    path = [ pkgs.coreutils ];
    script = ''
      MATRIX=$(cat /var/lib/domains/matrix)
@@ -150,6 +156,9 @@ EOF
      Type = "oneshot";
      RemainAfterExit = true;
    };
+    unitConfig = {
+      ConditionPathExists = "/var/lib/domains/element-calling";
+    };
    path = [ pkgs.coreutils ];
    script = ''
      ELEMENT_CALLING=$(cat /var/lib/domains/element-calling)
@@ -185,6 +194,9 @@ EOF
      Type = "oneshot";
      RemainAfterExit = true;
    };
+    unitConfig = {
+      ConditionPathExists = "/var/lib/domains/element-calling";
+    };
    path = [ pkgs.coreutils ];
    script = ''
      MATRIX=$(cat /var/lib/domains/matrix)
--- a/modules/haven.nix
+++ b/modules/haven.nix
@@ -16,6 +16,9 @@ lib.mkIf (config.sovran_systemsOS.features.haven && npub != "") {
      Type = "oneshot";
      RemainAfterExit = true;
    };
+    unitConfig = {
+      ConditionPathExists = "/var/lib/domains/haven";
+    };
    path = [ pkgs.coreutils ];
    script = ''
      HAVEN=$(cat /var/lib/domains/haven)
--- a/modules/synapse.nix
+++ b/modules/synapse.nix
@@ -61,6 +61,9 @@ lib.mkIf config.sovran_systemsOS.services.synapse {
      Type = "oneshot";
      RemainAfterExit = true;
    };
+    unitConfig = {
+      ConditionPathExists = "/var/lib/domains/matrix";
+    };
    path = [ pkgs.coreutils ];
    script = ''
      set -euo pipefail
--- a/modules/vaultwarden.nix
+++ b/modules/vaultwarden.nix
@@ -11,6 +11,9 @@ lib.mkIf config.sovran_systemsOS.services.vaultwarden {
      Type = "oneshot";
      RemainAfterExit = true;
    };
+    unitConfig = {
+      ConditionPathExists = "/var/lib/domains/vaultwarden";
+    };
    path = [ pkgs.coreutils ];
    script = ''
      VAULTWARDEN=$(cat /var/lib/domains/vaultwarden)