X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=flakes%2Fprivate%2Fopenarc%2Fflake.nix;h=56c3a1ae7b6ed64aec9a37bdd96e52e67685df4d;hb=1a64deeb894dc95e2645a75771732c6cc53a79ad;hp=5c4b73cfeb83583d744d68973365cace139db684;hpb=910c2e9eb4996bfa12cd1ef925843403f7d3e154;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix index 5c4b73c..56c3a1a 100644 --- a/flakes/private/openarc/flake.nix +++ b/flakes/private/openarc/flake.nix @@ -1,60 +1,47 @@ { - inputs.openarc = { - path = "../../openarc"; - type = "path"; - }; - inputs.files-watcher = { - path = "../../files-watcher"; - type = "path"; - }; - inputs.my-lib = { - path = "../../lib"; - type = "path"; - }; - inputs.nix-lib.url = "github:NixOS/nixpkgs"; + inputs.openarc.url = "path:../../openarc"; + inputs.secrets.url = "path:../../secrets"; + inputs.files-watcher.url = "path:../../files-watcher"; description = "Private configuration for openarc"; - outputs = { self, nix-lib, my-lib, files-watcher, openarc }: - let - cfg = name': { config, lib, pkgs, name, ... }: { - imports = [ - (my-lib.lib.withNarKey files-watcher "nixosModule") - (my-lib.lib.withNarKey openarc "nixosModule") - #FIXME: - #(my-lib.lib.withNarKey secrets "nixosModule") - ]; - config = lib.mkIf (name == name') { - services.openarc = { - enable = true; - user = "opendkim"; - socket = "/run/openarc/openarc.sock"; - group = config.services.postfix.group; - configFile = pkgs.writeText "openarc.conf" '' - AuthservID mail.immae.eu - Domain mail.immae.eu - KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} - Mode sv - Selector eldiron - SoftwareHeader yes - Syslog Yes - ''; - }; - systemd.services.openarc.serviceConfig.Slice = "mail.slice"; - systemd.services.openarc.postStart = '' - while [ ! -S ${config.services.openarc.socket} ]; do - sleep 0.5 - done - chmod g+w ${config.services.openarc.socket} + outputs = { self, files-watcher, openarc, secrets }: { + nixosModule = self.nixosModules.openarc; + nixosModules.openarc = { config, pkgs, ... }: { + imports = [ + files-watcher.nixosModule + openarc.nixosModule + secrets.nixosModule + ]; + config = { + services.openarc = { + enable = true; + user = "opendkim"; + socket = "/run/openarc/openarc.sock"; + group = config.services.postfix.group; + configFile = pkgs.writeText "openarc.conf" '' + AuthservID mail.immae.eu + Domain mail.immae.eu + KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} + Mode sv + Selector eldiron + SoftwareHeader yes + Syslog Yes ''; - services.filesWatcher.openarc = { - restart = true; - paths = [ - config.secrets.fullPaths."opendkim/eldiron.private" - ]; - }; + }; + systemd.services.openarc.serviceConfig.Slice = "mail.slice"; + systemd.services.openarc.postStart = '' + while [ ! -S ${config.services.openarc.socket} ]; do + sleep 0.5 + done + chmod g+w ${config.services.openarc.socket} + ''; + services.filesWatcher.openarc = { + restart = true; + paths = [ + config.secrets.fullPaths."opendkim/eldiron.private" + ]; }; }; - in - openarc.outputs // - { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; }; + }; + }; }