3 url = "path:../../openarc";
6 url = "path:../../secrets";
8 inputs.files-watcher = {
9 url = "path:../../files-watcher";
12 url = "path:../../lib";
14 inputs.nix-lib.url = "github:NixOS/nixpkgs";
16 description = "Private configuration for openarc";
17 outputs = { self, nix-lib, my-lib, files-watcher, openarc, secrets }:
19 cfg = name': { config, lib, pkgs, name, ... }: {
21 (my-lib.lib.withNarKey files-watcher "nixosModule")
22 (my-lib.lib.withNarKey openarc "nixosModule")
23 (my-lib.lib.withNarKey secrets "nixosModule")
25 config = lib.mkIf (name == name') {
29 socket = "/run/openarc/openarc.sock";
30 group = config.services.postfix.group;
31 configFile = pkgs.writeText "openarc.conf" ''
32 AuthservID mail.immae.eu
34 KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"}
41 systemd.services.openarc.serviceConfig.Slice = "mail.slice";
42 systemd.services.openarc.postStart = ''
43 while [ ! -S ${config.services.openarc.socket} ]; do
46 chmod g+w ${config.services.openarc.socket}
48 services.filesWatcher.openarc = {
51 config.secrets.fullPaths."opendkim/eldiron.private"
58 { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; };