X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fmail%2Fmilters.nix;h=4b93a7aea78847d9a575dd2ad912fef061b2fa0c;hb=1a64deeb894dc95e2645a75771732c6cc53a79ad;hp=e00a2f35d0d57e2cfc1ed6d34908e96780a8fa5f;hpb=ef43c36272ca539cbfe803ded03949451b17b679;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/mail/milters.nix b/modules/private/mail/milters.nix
deleted file mode 100644
index e00a2f3..0000000
--- a/modules/private/mail/milters.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{ lib, pkgs, config, name, ... }:
-{
-  imports =
-       builtins.attrValues (import ../../../lib/flake-compat.nix ../../../flakes/private/openarc).nixosModules
-    ++ builtins.attrValues (import ../../../lib/flake-compat.nix ../../../flakes/private/opendmarc).nixosModules;
-
-  options.myServices.mail.milters.sockets = lib.mkOption {
-    type = lib.types.attrsOf lib.types.path;
-    default = {
-      opendkim = "/run/opendkim/opendkim.sock";
-      opendmarc = "/run/opendmarc/opendmarc.sock";
-      openarc = "/run/openarc/openarc.sock";
-    };
-    readOnly = true;
-    description = ''
-      milters sockets
-      '';
-  };
-  config = lib.mkIf (config.myServices.mail.enable || config.myServices.mailBackup.enable) {
-    secrets.keys = [
-      {
-        dest = "opendkim/eldiron.private";
-        user = config.services.opendkim.user;
-        group = config.services.opendkim.group;
-        permissions = "0400";
-        text = config.myEnv.mail.dkim.eldiron.private;
-      }
-      {
-        dest = "opendkim/eldiron.txt";
-        user = config.services.opendkim.user;
-        group = config.services.opendkim.group;
-        permissions = "0444";
-        text = ''
-          eldiron._domainkey	IN	TXT	${config.myEnv.mail.dkim.eldiron.public}'';
-      }
-    ];
-    users.users."${config.services.opendkim.user}".extraGroups = [ "keys" ];
-    services.opendkim = {
-      enable = true;
-      socket = "local:${config.myServices.mail.milters.sockets.opendkim}";
-      domains = builtins.concatStringsSep "," (lib.flatten (map
-        (zone: map
-          (e: "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}")
-          (zone.withEmail or [])
-        )
-        config.myEnv.dns.masterZones
-      ));
-      keyPath = "${config.secrets.location}/opendkim";
-      selector = "eldiron";
-      configFile = pkgs.writeText "opendkim.conf" ''
-        SubDomains        yes
-        UMask             002
-        AlwaysAddARHeader yes
-        '';
-      group = config.services.postfix.group;
-    };
-    systemd.services.opendkim.serviceConfig.Slice = "mail.slice";
-    systemd.services.opendkim.preStart = lib.mkBefore ''
-      # Skip the prestart script as keys are handled in secrets
-      exit 0
-      '';
-    services.filesWatcher.opendkim = {
-      restart = true;
-      paths = [
-        config.secrets.fullPaths."opendkim/eldiron.private"
-      ];
-    };
-
-    systemd.services.milter_verify_from = {
-      description  = "Verify from milter";
-      after = [ "network.target" ];
-      wantedBy = [ "multi-user.target" ];
-
-      serviceConfig = {
-        Slice = "mail.slice";
-        User = "postfix";
-        Group = "postfix";
-        ExecStart = let python = pkgs.python3.withPackages (p: [ p.pymilter ]);
-          in "${python}/bin/python ${./verify_from.py} -s /run/milter_verify_from/verify_from.sock";
-        RuntimeDirectory = "milter_verify_from";
-      };
-    };
-  };
-}