[perso/Immae/Config/Nix.git] / flakes / opendmarc / flake.nix

{
  description = "Open source ARC implementation";

  inputs.myuids = {
    url = "https://git.immae.eu/perso/Immae/Config/Nix.git";
    type = "git";
    dir = "flakes/myuids";
  };
  inputs.libspf2 = {
    url = "https://git.immae.eu/perso/Immae/Config/Nix.git";
    type = "git";
    dir = "flakes/libspf2";
    inputs.nixpkgs.follows = "nixpkgs";
  };
  inputs.flake-utils.url = "github:numtide/flake-utils";
  inputs.nixpkgs.url = "github:NixOS/nixpkgs";

  outputs = { self, myuids, libspf2, flake-utils, nixpkgs }: flake-utils.lib.eachSystem ["aarch64-linux" "i686-linux" "x86_64-linux"] (system:
    let
      pkgs = import nixpkgs { inherit system; overlays = [ libspf2.overlay ]; };
    in rec {
      packages.opendmarc = pkgs.callPackage ./. {};
      defaultPackage = packages.opendmarc;
      legacyPackages.opendmarc = packages.opendmarc;
      apps.opendmarc = flake-utils.lib.mkApp { drv = packages.opendmarc; };
      defaultApp = apps.opendmarc;
      hydraJobs = checks;
      checks = {
        build = defaultPackage;
      } // pkgs.lib.optionalAttrs (builtins.elem system pkgs.lib.systems.doubles.linux) {
        test =
          let testing = import (nixpkgs + "/nixos/lib/testing-python.nix") { inherit system; };
          in testing.makeTest {
            nodes = {
              server = { pkgs, ... }: {
                imports = [ self.nixosModule ];
                config.services.opendmarc.enable = true;
              };
            };
            testScript = ''
              start_all()
              server.wait_for_unit("opendmarc.service")
              server.succeed("[ -S /run/opendmarc/opendmarc.sock ]")
            '';
          };
        };
    }) // rec {
     overlays = {
       opendmarc = final: prev: {
         opendmarc = self.defaultPackage."${final.system}";
       };
     };
     overlay = overlays.opendmarc;
     nixosModule = { config, lib, pkgs, ... }:
       let
         cfg = config.services.opendmarc;
         defaultSock = "local:/run/opendmarc/opendmarc.sock";
         args = [ "-f" "-l" "-p" cfg.socket ] ++ lib.optionals (cfg.configFile != null) [ "-c" cfg.configFile ];
       in {
         options = {
           services.opendmarc = {
             enable = lib.mkOption {
               type = lib.types.bool;
               default = false;
               description = "Whether to enable the OpenDMARC sender authentication system.";
             };

             socket = lib.mkOption {
               type = lib.types.str;
               default = defaultSock;
               description = "Socket which is used for communication with OpenDMARC.";
             };

             user = lib.mkOption {
               type = lib.types.str;
               default = "opendmarc";
               description = "User for the daemon.";
             };

             group = lib.mkOption {
               type = lib.types.str;
               default = "opendmarc";
               description = "Group for the daemon.";
             };

             configFile = lib.mkOption {
               type = lib.types.nullOr lib.types.path;
               default = null;
               description = "Additional OpenDMARC configuration.";
             };

           };
         };

         config = lib.mkIf cfg.enable {
           users.users = lib.optionalAttrs (cfg.user == "opendmarc") {
             opendmarc = {
               group = cfg.group;
               uid = myuids.lib.uids.opendmarc;
             };
           };

           users.groups = lib.optionalAttrs (cfg.group == "opendmarc") {
             opendmarc.gid = myuids.lib.gids.opendmarc;
           };

           environment.systemPackages = [ self.defaultPackage."${pkgs.system}" ];

           systemd.services.opendmarc = {
             description = "OpenDMARC daemon";
             after = [ "network.target" ];
             wantedBy = [ "multi-user.target" ];

             serviceConfig = {
               ExecStart = "${self.defaultApp."${pkgs.system}".program} ${lib.escapeShellArgs args}";
               User = cfg.user;
               Group = cfg.group;
               RuntimeDirectory = lib.optional (cfg.socket == defaultSock) "opendmarc";
               PermissionsStartOnly = true;
             };
           };
         };
       };
    };
  }
Commit	Line	Data
a1a2455f IB	1	{
	2	description = "Open source ARC implementation";
	3
	4	inputs.myuids = {
	5	url = "https://git.immae.eu/perso/Immae/Config/Nix.git";
	6	type = "git";
	7	dir = "flakes/myuids";
	8	};
	9	inputs.libspf2 = {
	10	url = "https://git.immae.eu/perso/Immae/Config/Nix.git";
	11	type = "git";
	12	dir = "flakes/libspf2";
5e2ec9fb	13	inputs.nixpkgs.follows = "nixpkgs";
a1a2455f IB	14	};
	15	inputs.flake-utils.url = "github:numtide/flake-utils";
	16	inputs.nixpkgs.url = "github:NixOS/nixpkgs";
	17
	18	outputs = { self, myuids, libspf2, flake-utils, nixpkgs }: flake-utils.lib.eachSystem ["aarch64-linux" "i686-linux" "x86_64-linux"] (system:
	19	let
5e2ec9fb	20	pkgs = import nixpkgs { inherit system; overlays = [ libspf2.overlay ]; };
a1a2455f	21	in rec {
5e2ec9fb	22	packages.opendmarc = pkgs.callPackage ./. {};
a1a2455f IB	23	defaultPackage = packages.opendmarc;
	24	legacyPackages.opendmarc = packages.opendmarc;
	25	apps.opendmarc = flake-utils.lib.mkApp { drv = packages.opendmarc; };
	26	defaultApp = apps.opendmarc;
	27	hydraJobs = checks;
	28	checks = {
	29	build = defaultPackage;
	30	} // pkgs.lib.optionalAttrs (builtins.elem system pkgs.lib.systems.doubles.linux) {
	31	test =
	32	let testing = import (nixpkgs + "/nixos/lib/testing-python.nix") { inherit system; };
	33	in testing.makeTest {
	34	nodes = {
	35	server = { pkgs, ... }: {
	36	imports = [ self.nixosModule ];
	37	config.services.opendmarc.enable = true;
	38	};
	39	};
	40	testScript = ''
	41	start_all()
	42	server.wait_for_unit("opendmarc.service")
	43	server.succeed("[ -S /run/opendmarc/opendmarc.sock ]")
	44	'';
	45	};
	46	};
5e2ec9fb IB	47	}) // rec {
	48	overlays = {
	49	opendmarc = final: prev: {
	50	opendmarc = self.defaultPackage."${final.system}";
	51	};
	52	};
	53	overlay = overlays.opendmarc;
a1a2455f IB	54	nixosModule = { config, lib, pkgs, ... }:
	55	let
	56	cfg = config.services.opendmarc;
	57	defaultSock = "local:/run/opendmarc/opendmarc.sock";
	58	args = [ "-f" "-l" "-p" cfg.socket ] ++ lib.optionals (cfg.configFile != null) [ "-c" cfg.configFile ];
	59	in {
	60	options = {
	61	services.opendmarc = {
	62	enable = lib.mkOption {
	63	type = lib.types.bool;
	64	default = false;
	65	description = "Whether to enable the OpenDMARC sender authentication system.";
	66	};
	67
	68	socket = lib.mkOption {
	69	type = lib.types.str;
	70	default = defaultSock;
	71	description = "Socket which is used for communication with OpenDMARC.";
	72	};
	73
	74	user = lib.mkOption {
	75	type = lib.types.str;
	76	default = "opendmarc";
	77	description = "User for the daemon.";
	78	};
	79
	80	group = lib.mkOption {
	81	type = lib.types.str;
	82	default = "opendmarc";
	83	description = "Group for the daemon.";
	84	};
	85
	86	configFile = lib.mkOption {
	87	type = lib.types.nullOr lib.types.path;
	88	default = null;
	89	description = "Additional OpenDMARC configuration.";
	90	};
	91
	92	};
	93	};
	94
	95	config = lib.mkIf cfg.enable {
	96	users.users = lib.optionalAttrs (cfg.user == "opendmarc") {
	97	opendmarc = {
	98	group = cfg.group;
	99	uid = myuids.lib.uids.opendmarc;
	100	};
	101	};
	102
	103	users.groups = lib.optionalAttrs (cfg.group == "opendmarc") {
	104	opendmarc.gid = myuids.lib.gids.opendmarc;
	105	};
	106
	107	environment.systemPackages = [ self.defaultPackage."${pkgs.system}" ];
	108
	109	systemd.services.opendmarc = {
	110	description = "OpenDMARC daemon";
	111	after = [ "network.target" ];
	112	wantedBy = [ "multi-user.target" ];
	113
	114	serviceConfig = {
	115	ExecStart = "${self.defaultApp."${pkgs.system}".program} ${lib.escapeShellArgs args}";
	116	User = cfg.user;
	117	Group = cfg.group;
118	RuntimeDirectory = lib.optional (cfg.socket == defaultSock) "opendmarc";
119	PermissionsStartOnly = true;
120	};
121	};
122	};
123	};
124	};
125	}