]>
Commit | Line | Data |
---|---|---|
ef43c362 IB |
1 | { |
2 | inputs.openarc = { | |
ada96f10 IB |
3 | path = "../../openarc"; |
4 | type = "path"; | |
ef43c362 | 5 | }; |
27dd65fc IB |
6 | inputs.files-watcher = { |
7 | path = "../../files-watcher"; | |
8 | type = "path"; | |
9 | }; | |
10 | inputs.my-lib = { | |
11 | path = "../../lib"; | |
12 | type = "path"; | |
13 | }; | |
5e2ec9fb | 14 | inputs.nix-lib.url = "github:NixOS/nixpkgs"; |
ef43c362 IB |
15 | |
16 | description = "Private configuration for openarc"; | |
27dd65fc | 17 | outputs = { self, nix-lib, my-lib, files-watcher, openarc }: |
ef43c362 | 18 | let |
27dd65fc | 19 | cfg = name': { config, lib, pkgs, name, ... }: { |
910c2e9e IB |
20 | imports = [ |
21 | (my-lib.lib.withNarKey files-watcher "nixosModule") | |
22 | (my-lib.lib.withNarKey openarc "nixosModule") | |
23 | #FIXME: | |
24 | #(my-lib.lib.withNarKey secrets "nixosModule") | |
25 | ]; | |
27dd65fc IB |
26 | config = lib.mkIf (name == name') { |
27 | services.openarc = { | |
28 | enable = true; | |
29 | user = "opendkim"; | |
910c2e9e | 30 | socket = "/run/openarc/openarc.sock"; |
27dd65fc IB |
31 | group = config.services.postfix.group; |
32 | configFile = pkgs.writeText "openarc.conf" '' | |
33 | AuthservID mail.immae.eu | |
34 | Domain mail.immae.eu | |
35 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} | |
36 | Mode sv | |
37 | Selector eldiron | |
38 | SoftwareHeader yes | |
39 | Syslog Yes | |
40 | ''; | |
41 | }; | |
42 | systemd.services.openarc.serviceConfig.Slice = "mail.slice"; | |
910c2e9e IB |
43 | systemd.services.openarc.postStart = '' |
44 | while [ ! -S ${config.services.openarc.socket} ]; do | |
27dd65fc IB |
45 | sleep 0.5 |
46 | done | |
910c2e9e | 47 | chmod g+w ${config.services.openarc.socket} |
ef43c362 | 48 | ''; |
27dd65fc IB |
49 | services.filesWatcher.openarc = { |
50 | restart = true; | |
51 | paths = [ | |
52 | config.secrets.fullPaths."opendkim/eldiron.private" | |
53 | ]; | |
54 | }; | |
ef43c362 IB |
55 | }; |
56 | }; | |
57 | in | |
58 | openarc.outputs // | |
5e2ec9fb | 59 | { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; }; |
ef43c362 | 60 | } |