]>
Commit | Line | Data |
---|---|---|
1 | { | |
2 | inputs.openarc.url = "path:../../openarc"; | |
3 | inputs.secrets.url = "path:../../secrets"; | |
4 | inputs.files-watcher.url = "path:../../files-watcher"; | |
5 | ||
6 | description = "Private configuration for openarc"; | |
7 | outputs = { self, files-watcher, openarc, secrets }: { | |
8 | nixosModule = self.nixosModules.openarc; | |
9 | nixosModules.openarc = { config, pkgs, ... }: { | |
10 | imports = [ | |
11 | files-watcher.nixosModule | |
12 | openarc.nixosModule | |
13 | secrets.nixosModule | |
14 | ]; | |
15 | config = { | |
16 | services.openarc = { | |
17 | enable = true; | |
18 | user = "opendkim"; | |
19 | socket = "/run/openarc/openarc.sock"; | |
20 | group = config.services.postfix.group; | |
21 | configFile = pkgs.writeText "openarc.conf" '' | |
22 | AuthservID mail.immae.eu | |
23 | Domain mail.immae.eu | |
24 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron2.private"} | |
25 | Mode sv | |
26 | Selector eldiron2 | |
27 | SoftwareHeader yes | |
28 | Syslog Yes | |
29 | ''; | |
30 | }; | |
31 | systemd.services.openarc.serviceConfig.Slice = "mail.slice"; | |
32 | systemd.services.openarc.postStart = '' | |
33 | while [ ! -S ${config.services.openarc.socket} ]; do | |
34 | sleep 0.5 | |
35 | done | |
36 | chmod g+w ${config.services.openarc.socket} | |
37 | ''; | |
38 | services.filesWatcher.openarc = { | |
39 | restart = true; | |
40 | paths = [ | |
41 | config.secrets.fullPaths."opendkim/eldiron2.private" | |
42 | config.secrets.fullPaths."opendkim/eldiron.private" | |
43 | ]; | |
44 | }; | |
45 | }; | |
46 | }; | |
47 | }; | |
48 | } |