]>
Commit | Line | Data |
---|---|---|
ef43c362 IB |
1 | { |
2 | inputs.openarc = { | |
3 | url = "https://git.immae.eu/perso/Immae/Config/Nix.git"; | |
4 | type = "git"; | |
5 | dir = "flakes/openarc"; | |
6 | }; | |
7 | inputs.nixpkgs.url = "github:NixOS/nixpkgs"; | |
8 | ||
9 | description = "Private configuration for openarc"; | |
10 | outputs = { self, nixpkgs, openarc }: | |
11 | let | |
12 | cfg = name': { config, lib, pkgs, name, ... }: lib.mkIf (name == name') { | |
13 | services.openarc = { | |
14 | enable = true; | |
15 | user = "opendkim"; | |
16 | socket = "local:${config.myServices.mail.milters.sockets.openarc}"; | |
17 | group = config.services.postfix.group; | |
18 | configFile = pkgs.writeText "openarc.conf" '' | |
19 | AuthservID mail.immae.eu | |
20 | Domain mail.immae.eu | |
21 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} | |
22 | Mode sv | |
23 | Selector eldiron | |
24 | SoftwareHeader yes | |
25 | Syslog Yes | |
26 | ''; | |
27 | }; | |
28 | systemd.services.openarc.serviceConfig.Slice = "mail.slice"; | |
29 | systemd.services.openarc.postStart = lib.optionalString | |
30 | (lib.strings.hasPrefix "local:" config.services.openarc.socket) '' | |
31 | while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do | |
32 | sleep 0.5 | |
33 | done | |
34 | chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket} | |
35 | ''; | |
36 | services.filesWatcher.openarc = { | |
37 | restart = true; | |
38 | paths = [ | |
39 | config.secrets.fullPaths."opendkim/eldiron.private" | |
40 | ]; | |
41 | }; | |
42 | }; | |
43 | in | |
44 | openarc.outputs // | |
45 | { nixosModules = openarc.nixosModules or {} // nixpkgs.lib.genAttrs ["eldiron" "backup-2"] cfg; }; | |
46 | } |