From a9326bf3943a300c846c14e5c9c5d4d6dca03930 Mon Sep 17 00:00:00 2001
From: satr14 <admin@satr14.my.id>
Date: Wed, 15 Apr 2026 21:33:48 +0700
Subject: [PATCH] fix cf tunnel dns issue

---
 lib/options.nix                    | 1 -
 modules/system/homelab/tunnels.nix | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/options.nix b/lib/options.nix
index 6205a07..d628f9b 100644
--- a/lib/options.nix
+++ b/lib/options.nix
@@ -21,7 +21,6 @@ in {
   
   homelab = rec {
     domain = "satr14.my.id"; # root domain for dns, ssl certs, reverse proxy, etc.
-    cf-tunnel-id = "26318288-cdd7-4e58-904b-c45f10d3e40a";
     ssh-keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIESvQFXoUBafatqnxTd6qk3WEOcfwb3AIWVTstR3lHzX forgejo"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJtdH1YqRH9xhuHMivezLvj/hpH77yfH3HUCaRboB/hb forgejo-deploy-runner"
diff --git a/modules/system/homelab/tunnels.nix b/modules/system/homelab/tunnels.nix
index c28f51d..1b83bd5 100644
--- a/modules/system/homelab/tunnels.nix
+++ b/modules/system/homelab/tunnels.nix
@@ -23,7 +23,7 @@
 
     script = lib.concatMapStringsSep "\n" (domain: ''
       echo "Ensuring DNS route for ${domain}..."
-      ${pkgs.cloudflared}/bin/cloudflared tunnel --origincert /mnt/data/apps/cloudflared/cert.pem route dns --overwrite-dns ${homelab.cf-tunnel-id} ${domain} || true
+      ${pkgs.cloudflared}/bin/cloudflared tunnel --origincert /mnt/data/apps/cloudflared/cert.pem route dns --overwrite-dns $(cat /mnt/data/apps/cloudflared/homelab.json | jq -r .TunnelID) ${domain} || true
     '') (builtins.attrNames homelab.routes);
   };
 }