X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=flakes%2Fprivate%2Fopenarc%2Fflake.nix;h=5c4b73cfeb83583d744d68973365cace139db684;hb=bd5c5d4e23ebd3863a960976767ed4a83dfd07fe;hp=6a2518b9e9c2ec6c52fc6c022fc1712870305408;hpb=ef43c36272ca539cbfe803ded03949451b17b679;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix index 6a2518b..5c4b73c 100644 --- a/flakes/private/openarc/flake.nix +++ b/flakes/private/openarc/flake.nix @@ -1,46 +1,60 @@ { inputs.openarc = { - url = "https://git.immae.eu/perso/Immae/Config/Nix.git"; - type = "git"; - dir = "flakes/openarc"; + path = "../../openarc"; + type = "path"; }; - inputs.nixpkgs.url = "github:NixOS/nixpkgs"; + inputs.files-watcher = { + path = "../../files-watcher"; + type = "path"; + }; + inputs.my-lib = { + path = "../../lib"; + type = "path"; + }; + inputs.nix-lib.url = "github:NixOS/nixpkgs"; description = "Private configuration for openarc"; - outputs = { self, nixpkgs, openarc }: + outputs = { self, nix-lib, my-lib, files-watcher, openarc }: let - cfg = name': { config, lib, pkgs, name, ... }: lib.mkIf (name == name') { - services.openarc = { - enable = true; - user = "opendkim"; - socket = "local:${config.myServices.mail.milters.sockets.openarc}"; - group = config.services.postfix.group; - configFile = pkgs.writeText "openarc.conf" '' - AuthservID mail.immae.eu - Domain mail.immae.eu - KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} - Mode sv - Selector eldiron - SoftwareHeader yes - Syslog Yes + cfg = name': { config, lib, pkgs, name, ... }: { + imports = [ + (my-lib.lib.withNarKey files-watcher "nixosModule") + (my-lib.lib.withNarKey openarc "nixosModule") + #FIXME: + #(my-lib.lib.withNarKey secrets "nixosModule") + ]; + config = lib.mkIf (name == name') { + services.openarc = { + enable = true; + user = "opendkim"; + socket = "/run/openarc/openarc.sock"; + group = config.services.postfix.group; + configFile = pkgs.writeText "openarc.conf" '' + AuthservID mail.immae.eu + Domain mail.immae.eu + KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} + Mode sv + Selector eldiron + SoftwareHeader yes + Syslog Yes + ''; + }; + systemd.services.openarc.serviceConfig.Slice = "mail.slice"; + systemd.services.openarc.postStart = '' + while [ ! -S ${config.services.openarc.socket} ]; do + sleep 0.5 + done + chmod g+w ${config.services.openarc.socket} ''; - }; - systemd.services.openarc.serviceConfig.Slice = "mail.slice"; - systemd.services.openarc.postStart = lib.optionalString - (lib.strings.hasPrefix "local:" config.services.openarc.socket) '' - while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do - sleep 0.5 - done - chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket} - ''; - services.filesWatcher.openarc = { - restart = true; - paths = [ - config.secrets.fullPaths."opendkim/eldiron.private" - ]; + services.filesWatcher.openarc = { + restart = true; + paths = [ + config.secrets.fullPaths."opendkim/eldiron.private" + ]; + }; }; }; in openarc.outputs // - { nixosModules = openarc.nixosModules or {} // nixpkgs.lib.genAttrs ["eldiron" "backup-2"] cfg; }; + { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; }; }