]>
Commit | Line | Data |
---|---|---|
1 | { | |
2 | inputs.openarc = { | |
3 | path = "../../openarc"; | |
4 | type = "path"; | |
5 | }; | |
6 | inputs.secrets = { | |
7 | path = "../../secrets"; | |
8 | type = "path"; | |
9 | }; | |
10 | inputs.files-watcher = { | |
11 | path = "../../files-watcher"; | |
12 | type = "path"; | |
13 | }; | |
14 | inputs.my-lib = { | |
15 | path = "../../lib"; | |
16 | type = "path"; | |
17 | }; | |
18 | inputs.nix-lib.url = "github:NixOS/nixpkgs"; | |
19 | ||
20 | description = "Private configuration for openarc"; | |
21 | outputs = { self, nix-lib, my-lib, files-watcher, openarc, secrets }: | |
22 | let | |
23 | cfg = name': { config, lib, pkgs, name, ... }: { | |
24 | imports = [ | |
25 | (my-lib.lib.withNarKey files-watcher "nixosModule") | |
26 | (my-lib.lib.withNarKey openarc "nixosModule") | |
27 | (my-lib.lib.withNarKey secrets "nixosModule") | |
28 | ]; | |
29 | config = lib.mkIf (name == name') { | |
30 | services.openarc = { | |
31 | enable = true; | |
32 | user = "opendkim"; | |
33 | socket = "/run/openarc/openarc.sock"; | |
34 | group = config.services.postfix.group; | |
35 | configFile = pkgs.writeText "openarc.conf" '' | |
36 | AuthservID mail.immae.eu | |
37 | Domain mail.immae.eu | |
38 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} | |
39 | Mode sv | |
40 | Selector eldiron | |
41 | SoftwareHeader yes | |
42 | Syslog Yes | |
43 | ''; | |
44 | }; | |
45 | systemd.services.openarc.serviceConfig.Slice = "mail.slice"; | |
46 | systemd.services.openarc.postStart = '' | |
47 | while [ ! -S ${config.services.openarc.socket} ]; do | |
48 | sleep 0.5 | |
49 | done | |
50 | chmod g+w ${config.services.openarc.socket} | |
51 | ''; | |
52 | services.filesWatcher.openarc = { | |
53 | restart = true; | |
54 | paths = [ | |
55 | config.secrets.fullPaths."opendkim/eldiron.private" | |
56 | ]; | |
57 | }; | |
58 | }; | |
59 | }; | |
60 | in | |
61 | openarc.outputs // | |
62 | { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; }; | |
63 | } |