mediagoblin = ./webapps/mediagoblin.nix;
peertube = ./webapps/peertube.nix;
+ opendmarc = ./opendmarc.nix;
+ openarc = ./openarc.nix;
+
php-application = ./websites/php-application.nix;
websites = ./websites;
} // (if builtins.pathExists ./private then import ./private else {})
# Check that there is no clash with nixos/modules/misc/ids.nix
config = {
ids.uids = {
+ opendarc = 391;
+ opendmarc = 392;
peertube = 394;
redis = 395;
nullmailer = 396;
mastodon = 399;
};
ids.gids = {
+ opendarc = 392;
+ opendmarc = 392;
peertube = 394;
redis = 395;
nullmailer = 396;
--- /dev/null
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+ cfg = config.services.openarc;
+
+ defaultSock = "local:/run/openarc/openarc.sock";
+
+ args = [ "-f"
+ "-p" cfg.socket
+ ] ++ optionals (cfg.configFile != null) [ "-c" cfg.configFile ];
+
+in {
+
+ ###### interface
+
+ options = {
+
+ services.openarc = {
+
+ enable = mkOption {
+ type = types.bool;
+ default = false;
+ description = "Whether to enable the OpenARC sender authentication system.";
+ };
+
+ socket = mkOption {
+ type = types.str;
+ default = defaultSock;
+ description = "Socket which is used for communication with OpenARC.";
+ };
+
+ user = mkOption {
+ type = types.str;
+ default = "opendmarc";
+ description = "User for the daemon.";
+ };
+
+ group = mkOption {
+ type = types.str;
+ default = "opendmarc";
+ description = "Group for the daemon.";
+ };
+
+ configFile = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ description = "Additional OpenARC configuration.";
+ };
+
+ };
+
+ };
+
+
+ ###### implementation
+
+ config = mkIf cfg.enable {
+
+ users.users = optionalAttrs (cfg.user == "openarc") (singleton
+ { name = "openarc";
+ group = cfg.group;
+ uid = config.ids.uids.openarc;
+ });
+
+ users.groups = optionalAttrs (cfg.group == "openarc") (singleton
+ { name = "openarc";
+ gid = config.ids.gids.openarc;
+ });
+
+ environment.systemPackages = [ pkgs.openarc ];
+
+ systemd.services.openarc = {
+ description = "OpenARC daemon";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = {
+ ExecStart = "${pkgs.openarc}/bin/openarc ${escapeShellArgs args}";
+ User = cfg.user;
+ Group = cfg.group;
+ RuntimeDirectory = optional (cfg.socket == defaultSock) "openarc";
+ PermissionsStartOnly = true;
+ };
+ };
+
+ };
+}
--- /dev/null
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+ cfg = config.services.opendmarc;
+
+ defaultSock = "local:/run/opendmarc/opendmarc.sock";
+
+ args = [ "-f" "-l"
+ "-p" cfg.socket
+ ] ++ optionals (cfg.configFile != null) [ "-c" cfg.configFile ];
+
+in {
+
+ ###### interface
+
+ options = {
+
+ services.opendmarc = {
+
+ enable = mkOption {
+ type = types.bool;
+ default = false;
+ description = "Whether to enable the OpenDMARC sender authentication system.";
+ };
+
+ socket = mkOption {
+ type = types.str;
+ default = defaultSock;
+ description = "Socket which is used for communication with OpenDMARC.";
+ };
+
+ user = mkOption {
+ type = types.str;
+ default = "opendmarc";
+ description = "User for the daemon.";
+ };
+
+ group = mkOption {
+ type = types.str;
+ default = "opendmarc";
+ description = "Group for the daemon.";
+ };
+
+ configFile = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ description = "Additional OpenDMARC configuration.";
+ };
+
+ };
+
+ };
+
+
+ ###### implementation
+
+ config = mkIf cfg.enable {
+
+ users.users = optionalAttrs (cfg.user == "opendmarc") (singleton
+ { name = "opendmarc";
+ group = cfg.group;
+ uid = config.ids.uids.opendmarc;
+ });
+
+ users.groups = optionalAttrs (cfg.group == "opendmarc") (singleton
+ { name = "opendmarc";
+ gid = config.ids.gids.opendmarc;
+ });
+
+ environment.systemPackages = [ pkgs.opendmarc ];
+
+ systemd.services.opendmarc = {
+ description = "OpenDMARC daemon";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = {
+ ExecStart = "${pkgs.opendmarc}/bin/opendmarc ${escapeShellArgs args}";
+ User = cfg.user;
+ Group = cfg.group;
+ RuntimeDirectory = optional (cfg.socket == defaultSock) "opendmarc";
+ PermissionsStartOnly = true;
+ };
+ };
+
+ };
+}
notmuch-python2 = callPackage ../pkgs/notmuch/notmuch-python { pythonPackages = python2Packages; };
notmuch-python3 = callPackage ../pkgs/notmuch/notmuch-python { pythonPackages = python3Packages; };
notmuch-vim = callPackage ../pkgs/notmuch/notmuch-vim {};
+ openarc = callPackage ../pkgs/openarc { inherit mylibs; };
+ opendmarc = callPackage ../pkgs/opendmarc { libspf2 = callPackage ../pkgs/opendmarc/libspf2.nix {}; };
pg_activity = callPackage ../pkgs/pg_activity { inherit mylibs; };
pgloader = callPackage ../pkgs/pgloader {};
telegram-cli = callPackage ../pkgs/telegram-cli { inherit mylibs; };
--- /dev/null
+{ stdenv, autoconf, automake, file, libtool, libbsd, mylibs, openssl, pkg-config, libmilter }:
+
+stdenv.mkDerivation (mylibs.fetchedGithub ./openarc.json // rec {
+ buildInputs = [ automake autoconf libbsd libtool openssl pkg-config libmilter ];
+
+ configureFlags = [
+ "--with-milter=${libmilter}"
+ ];
+ preConfigure = ''
+ autoreconf --force --install
+ sed -i -e "s@/usr/bin/file@${file}/bin/file@" ./configure
+ '';
+ meta = with stdenv.lib; {
+ description = "Open source ARC implementation";
+ homepage = https://github.com/trusteddomainproject/OpenARC;
+ platforms = platforms.unix;
+ };
+})
--- /dev/null
+{
+ "tag": "355ee2a-master",
+ "meta": {
+ "name": "openarc",
+ "url": "https://github.com/trusteddomainproject/OpenARC",
+ "branch": "master"
+ },
+ "github": {
+ "owner": "trusteddomainproject",
+ "repo": "OpenARC",
+ "rev": "355ee2a1ca85acccce494478991983b54f794f4e",
+ "sha256": "0101k6hwwf3pb3jrc88x86d4l698gjmynn9v2rpvxwxv200r2i65",
+ "fetchSubmodules": true
+ }
+}
--- /dev/null
+{ stdenv, fetchurl, pkgconfig, libbsd, openssl, libmilter , perl, makeWrapper, libspf2 }:
+
+stdenv.mkDerivation rec {
+ name = "opendmarc-${version}";
+ version = "1.3.2";
+
+ src = fetchurl {
+ url = "mirror://sourceforge/opendmarc/files/${name}.tar.gz";
+ sha256 = "1yrggj8yq0915y2i34gfz2xpl1w2lgb1vggp67rwspgzm40lng11";
+ };
+
+ configureFlags= [
+ "--with-spf"
+ "--with-spf2-include=${libspf2}/include/spf2"
+ "--with-spf2-lib=${libspf2}/lib/"
+ "--with-milter=${libmilter}"
+ ];
+
+ buildInputs = [ libspf2 libbsd openssl libmilter perl ];
+
+ meta = with stdenv.lib; {
+ description = "Free open source software implementation of the DMARC specification";
+ homepage = http://www.trusteddomain.org/opendmarc/;
+ platforms = platforms.unix;
+ };
+}
--- /dev/null
+{ stdenv, file, fetchurl, fetchpatch, libnsl }:
+
+stdenv.mkDerivation rec {
+ name = "libspf2-${version}";
+ version = "1.2.10";
+
+ patches = [
+ (fetchpatch {
+ name = "fix-variadic-macros.patch";
+ url = "https://git.archlinux.org/svntogit/community.git/plain/trunk/fix-variadic-macros.patch?h=packages/libspf2";
+ sha256 = "00dqpcgjr9jy2qprgqv2qiyvq8y3wlz4yns9xzabf2064jzqh2ic";
+ })
+ ];
+ preConfigure = ''
+ sed -i -e "s@/usr/bin/file@${file}/bin/file@" ./configure
+ '';
+ configureFlags = [
+ "--enable-static"
+ ];
+ postInstall = ''
+ rm $out/bin/*_static
+ '';
+ src = fetchurl {
+ url = "https://www.libspf2.org/spf/${name}.tar.gz";
+ sha256 = "1j91p0qiipzf89qxq4m1wqhdf01hpn1h5xj4djbs51z23bl3s7nr";
+ };
+
+ buildInputs = [ libnsl ];
+
+ meta = with stdenv.lib; {
+ description = "Sender Policy Framework record checking library";
+ homepage = https://www.libspf2.org/;
+ platforms = platforms.unix;
+ };
+}
projects / perso / Immae / Config / Nix / NUR.git / commitdiff
