]>
Commit | Line | Data |
---|---|---|
ef43c362 IB |
1 | { |
2 | inputs.openarc = { | |
ada96f10 IB |
3 | path = "../../openarc"; |
4 | type = "path"; | |
ef43c362 | 5 | }; |
27dd65fc IB |
6 | inputs.files-watcher = { |
7 | path = "../../files-watcher"; | |
8 | type = "path"; | |
9 | }; | |
10 | inputs.my-lib = { | |
11 | path = "../../lib"; | |
12 | type = "path"; | |
13 | }; | |
5e2ec9fb | 14 | inputs.nix-lib.url = "github:NixOS/nixpkgs"; |
ef43c362 IB |
15 | |
16 | description = "Private configuration for openarc"; | |
27dd65fc | 17 | outputs = { self, nix-lib, my-lib, files-watcher, openarc }: |
ef43c362 | 18 | let |
27dd65fc IB |
19 | cfg = name': { config, lib, pkgs, name, ... }: { |
20 | imports = [ (my-lib.lib.withNarKey files-watcher "nixosModule") ]; | |
21 | config = lib.mkIf (name == name') { | |
22 | services.openarc = { | |
23 | enable = true; | |
24 | user = "opendkim"; | |
25 | socket = "local:${config.myServices.mail.milters.sockets.openarc}"; | |
26 | group = config.services.postfix.group; | |
27 | configFile = pkgs.writeText "openarc.conf" '' | |
28 | AuthservID mail.immae.eu | |
29 | Domain mail.immae.eu | |
30 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} | |
31 | Mode sv | |
32 | Selector eldiron | |
33 | SoftwareHeader yes | |
34 | Syslog Yes | |
35 | ''; | |
36 | }; | |
37 | systemd.services.openarc.serviceConfig.Slice = "mail.slice"; | |
38 | systemd.services.openarc.postStart = lib.optionalString | |
39 | (lib.strings.hasPrefix "local:" config.services.openarc.socket) '' | |
40 | while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do | |
41 | sleep 0.5 | |
42 | done | |
43 | chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket} | |
ef43c362 | 44 | ''; |
27dd65fc IB |
45 | services.filesWatcher.openarc = { |
46 | restart = true; | |
47 | paths = [ | |
48 | config.secrets.fullPaths."opendkim/eldiron.private" | |
49 | ]; | |
50 | }; | |
ef43c362 IB |
51 | }; |
52 | }; | |
53 | in | |
54 | openarc.outputs // | |
5e2ec9fb | 55 | { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; }; |
ef43c362 | 56 | } |