feat(nix): add dynamic DNS module using godns

Adds support for updating Cloudflare DNS records using godns.

nix/modules/server/ddns.nix

@@ -0,0 +1,59 @@
+{ lib, config, ... }:
+let
+  inherit (lib.modules) mkIf;
+  inherit (lib.options) mkOption mkEnableOption;
+  inherit (lib.types) enum str listOf;
+  inherit (lib.lists) unique;
+  inherit (builtins) map;
+  inherit (config.flake.paths) secrets;
+in
+{
+  flake.modules.nixos.default =
+    { config, ... }:
+    let
+      cfg = config.server.ddns;
+      mkDomain = domain_name: {
+        inherit domain_name;
+        sub_domains = [
+          "@"
+          "*"
+        ];
+      };
+    in
+    {
+      options.server.ddns = {
+        enable = mkEnableOption "";
+        type = mkOption {
+          type = enum [ "godns" ];
+          default = "godns";
+        };
+        domains = mkOption {
+          type = listOf str;
+          default = [ ];
+        };
+      };
+
+      config = mkIf cfg.enable {
+        sops.secrets."keys/cloudflare".sopsFile = secrets + "/keys.yaml";
+        services.godns = {
+          enable = if (cfg.type == "godns") then true else false;
+          loadCredential = [ "cf_token:${config.sops.secrets."keys/cloudflare".path}" ];
+          settings = {
+            provider = "Cloudflare";
+            login_token_file = "$CREDENTIALS_DIRECTORY/cf_token";
+            # Sanitize the list of domains with unique so we can add to it with every service.
+            domains = map mkDomain (unique cfg.domains);
+            resolver = "1.1.1.1";
+            ip_urls = [
+              "https://wtfismyip.com/text"
+              "https://api.ipify.org"
+              "https://myip.biturl.top"
+              "https://api-ipv4.ip.sb/ip"
+            ];
+            ip_type = "IPv4";
+            interval = 300;
+          };
+        };
+      };
+    };
+}