X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=flakes%2Fprivate%2Fopenarc%2Fflake.nix;h=5c4b73cfeb83583d744d68973365cace139db684;hb=bd5c5d4e23ebd3863a960976767ed4a83dfd07fe;hp=fd8ec5687ca95b14867289555a05b153c016f594;hpb=5e2ec9fb8628136e7f9f618c68c0e42ab086b80e;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix
index fd8ec56..5c4b73c 100644
--- a/flakes/private/openarc/flake.nix
+++ b/flakes/private/openarc/flake.nix
@@ -3,40 +3,55 @@
     path = "../../openarc";
     type = "path";
   };
+  inputs.files-watcher = {
+    path = "../../files-watcher";
+    type = "path";
+  };
+  inputs.my-lib = {
+    path = "../../lib";
+    type = "path";
+  };
   inputs.nix-lib.url = "github:NixOS/nixpkgs";
 
   description = "Private configuration for openarc";
-  outputs = { self, nix-lib, openarc }:
+  outputs = { self, nix-lib, my-lib, files-watcher, openarc }:
     let
-      cfg = name': { config, lib, pkgs, name, ... }: lib.mkIf (name == name') {
-        services.openarc = {
-          enable = true;
-          user = "opendkim";
-          socket = "local:${config.myServices.mail.milters.sockets.openarc}";
-          group = config.services.postfix.group;
-          configFile = pkgs.writeText "openarc.conf" ''
-            AuthservID              mail.immae.eu
-            Domain                  mail.immae.eu
-            KeyFile                 ${config.secrets.fullPaths."opendkim/eldiron.private"}
-            Mode                    sv
-            Selector                eldiron
-            SoftwareHeader          yes
-            Syslog                  Yes
+      cfg = name': { config, lib, pkgs, name, ... }: {
+        imports = [
+          (my-lib.lib.withNarKey files-watcher "nixosModule")
+          (my-lib.lib.withNarKey openarc "nixosModule")
+          #FIXME:
+          #(my-lib.lib.withNarKey secrets "nixosModule")
+        ];
+        config = lib.mkIf (name == name') {
+          services.openarc = {
+            enable = true;
+            user = "opendkim";
+            socket = "/run/openarc/openarc.sock";
+            group = config.services.postfix.group;
+            configFile = pkgs.writeText "openarc.conf" ''
+              AuthservID              mail.immae.eu
+              Domain                  mail.immae.eu
+              KeyFile                 ${config.secrets.fullPaths."opendkim/eldiron.private"}
+              Mode                    sv
+              Selector                eldiron
+              SoftwareHeader          yes
+              Syslog                  Yes
+              '';
+          };
+          systemd.services.openarc.serviceConfig.Slice = "mail.slice";
+          systemd.services.openarc.postStart = ''
+            while [ ! -S ${config.services.openarc.socket} ]; do
+              sleep 0.5
+            done
+            chmod g+w ${config.services.openarc.socket}
             '';
-        };
-        systemd.services.openarc.serviceConfig.Slice = "mail.slice";
-        systemd.services.openarc.postStart = lib.optionalString
-              (lib.strings.hasPrefix "local:" config.services.openarc.socket) ''
-          while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do
-            sleep 0.5
-          done
-          chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket}
-          '';
-        services.filesWatcher.openarc = {
-          restart = true;
-          paths = [
-            config.secrets.fullPaths."opendkim/eldiron.private"
-          ];
+          services.filesWatcher.openarc = {
+            restart = true;
+            paths = [
+              config.secrets.fullPaths."opendkim/eldiron.private"
+            ];
+          };
         };
       };
     in