[perso/Immae/Config/Nix.git] / flakes / private / openarc / flake.nix

{
  inputs.openarc = {
    path = "../../openarc";
    type = "path";
  };
  inputs.nix-lib.url = "github:NixOS/nixpkgs";

  description = "Private configuration for openarc";
  outputs = { self, nix-lib, openarc }:
    let
      cfg = name': { config, lib, pkgs, name, ... }: lib.mkIf (name == name') {
        services.openarc = {
          enable = true;
          user = "opendkim";
          socket = "local:${config.myServices.mail.milters.sockets.openarc}";
          group = config.services.postfix.group;
          configFile = pkgs.writeText "openarc.conf" ''
            AuthservID              mail.immae.eu
            Domain                  mail.immae.eu
            KeyFile                 ${config.secrets.fullPaths."opendkim/eldiron.private"}
            Mode                    sv
            Selector                eldiron
            SoftwareHeader          yes
            Syslog                  Yes
            '';
        };
        systemd.services.openarc.serviceConfig.Slice = "mail.slice";
        systemd.services.openarc.postStart = lib.optionalString
              (lib.strings.hasPrefix "local:" config.services.openarc.socket) ''
          while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do
            sleep 0.5
          done
          chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket}
          '';
        services.filesWatcher.openarc = {
          restart = true;
          paths = [
            config.secrets.fullPaths."opendkim/eldiron.private"
          ];
        };
      };
    in
      openarc.outputs //
      { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; };
}
Commit	Line	Data
ef43c362 IB	1	{
ef43c362 IB	2	inputs.openarc = {
ada96f10 IB	3	path = "../../openarc";
ada96f10 IB	4	type = "path";
ef43c362	5	};
5e2ec9fb	6	inputs.nix-lib.url = "github:NixOS/nixpkgs";
ef43c362 IB	7
ef43c362 IB	8	description = "Private configuration for openarc";
5e2ec9fb	9	outputs = { self, nix-lib, openarc }:
ef43c362 IB	10	let
	11	cfg = name': { config, lib, pkgs, name, ... }: lib.mkIf (name == name') {
	12	services.openarc = {
	13	enable = true;
	14	user = "opendkim";
	15	socket = "local:${config.myServices.mail.milters.sockets.openarc}";
	16	group = config.services.postfix.group;
	17	configFile = pkgs.writeText "openarc.conf" ''
	18	AuthservID mail.immae.eu
	19	Domain mail.immae.eu
	20	KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"}
	21	Mode sv
	22	Selector eldiron
	23	SoftwareHeader yes
	24	Syslog Yes
	25	'';
	26	};
	27	systemd.services.openarc.serviceConfig.Slice = "mail.slice";
	28	systemd.services.openarc.postStart = lib.optionalString
	29	(lib.strings.hasPrefix "local:" config.services.openarc.socket) ''
	30	while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do
	31	sleep 0.5
	32	done
	33	chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket}
	34	'';
	35	services.filesWatcher.openarc = {
	36	restart = true;
	37	paths = [
	38	config.secrets.fullPaths."opendkim/eldiron.private"
	39	];
	40	};
	41	};
	42	in
	43	openarc.outputs //
5e2ec9fb	44	{ nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; };
ef43c362	45	}