ref(dnsupdate): move under tools

Integrate properly the tool `dnsupdate` with flake.nix, by adding a
default.nix inside its directory.

Having all the tools under a directory named `tools` is easier to reason
about. I don't need a go.mod at the top level directory either, each
tool will have its own.

7 files changed, 25 insertions, 9 deletions

diff --git a/flake.nix b/flake.nix
index 4aa409b..685e66d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -55,13 +55,7 @@
         packages = pkgs // {
           inherit home-manager;
 
-          # nix run .#dnsupdate
-          dnsupdate = pkgs.writers.writeBashBin "dnsupdate" ''
-            #!/usr/bin/env bash
-            export TS_API_KEY=$(pass api/api.tailscale.com)
-            export GOOGLE_APPLICATION_CREDENTIALS=/run/agenix/gcloud/world-nix
-            go run ./cmd/dnsupdate/
-          '';
+          tools = { dnsupdate = import ./tools/dnsupdate { inherit pkgs; }; };
 
           users.fcuny = {
             blog = import ./users/fcuny/blog { inherit pkgs; };
diff --git a/cmd/dnsupdate/README.org b/tools/dnsupdate/README.org
index a80e407..2e7ca01 100644
--- a/cmd/dnsupdate/README.org
+++ b/tools/dnsupdate/README.org
@@ -1,7 +1,10 @@
 #+TITLE: dnsupdate
 
-Utility to update the managed zone for =fcuny.xyz= in Google Cloud.
+Utility to update the managed zone for =fcuny.xyz= in Google Cloud DNS.
 
 I use the domain =fcuny.xyz= to run a number of services on an IP provided by Tailscale. I don't want these domains to be visible on the web, but I also want to have a valid HTTPS certificate for them. By having a proper DNS I can use ACME to get the certificates, without making them available.
 
 Instead of updating the subdomains through the [[https://console.cloud.google.com/net-services/dns/zones/fcuny-xyz/details?project=fcuny-homelab][console]], I can now run this program.
+
+* Run
+To update the records, run =nix run .#tools.dnsupdate.push=.
diff --git a/tools/dnsupdate/default.nix b/tools/dnsupdate/default.nix
new file mode 100644
index 0000000..b8201c0
--- /dev/null
+++ b/tools/dnsupdate/default.nix
@@ -0,0 +1,19 @@
+{ pkgs, ... }:
+
+pkgs.buildGoModule rec {
+  name = "dnsupdate";
+  src = ./.;
+  vendorSha256 = "sha256-DQ/kYC/EZpcOKk0Y+DvwJtAPZpamxvEl7gKk8uEB2Ls=";
+  nativeBuildInputs = with pkgs; [ go ];
+
+  push = pkgs.writers.writeBashBin "dns-push" ''
+    set -ueo pipefail
+
+    cd $(git rev-parse --show-toplevel)/tools/dnsupdate
+
+    export TS_API_KEY=$(pass api/api.tailscale.com)
+    export GOOGLE_APPLICATION_CREDENTIALS=/run/agenix/gcloud/world-nix
+
+    go run .
+  '';
+}
diff --git a/go.mod b/tools/dnsupdate/go.mod
index 567819c..99fcce4 100644
--- a/go.mod
+++ b/tools/dnsupdate/go.mod
@@ -1,4 +1,4 @@
-module golang.fcuny.net/world
+module golang.fcuny.net/world/tools/dnsupdate
 
 go 1.16
 
diff --git a/go.sum b/tools/dnsupdate/go.sum
index d2af195..d2af195 100644
--- a/go.sum
+++ b/tools/dnsupdate/go.sum
diff --git a/cmd/dnsupdate/main.go b/tools/dnsupdate/main.go
index 6748ee9..6748ee9 100644
--- a/cmd/dnsupdate/main.go
+++ b/tools/dnsupdate/main.go
diff --git a/cmd/dnsupdate/ts.go b/tools/dnsupdate/ts.go
index 4d3ebb3..4d3ebb3 100644
--- a/cmd/dnsupdate/ts.go
+++ b/tools/dnsupdate/ts.go