aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2023-10-13 00:43:56 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2023-10-13 01:10:12 +0200
commitc4511c38a49c60394b91ec9d4499cdbf41f4e60c (patch)
treee43bc1ab2f5562a871aaa51d19391aadc5dde717
parent1cf1f9162bd4556858a0190eee5bfd7ba0f7bb4c (diff)
downloadNix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.tar.gz
Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.tar.zst
Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.zip
Change dkim key for a 2048b one
Diffstat
-rw-r--r--deploy/flake.lock18
-rw-r--r--flake.lock18
-rw-r--r--flakes/flake.lock16
-rw-r--r--flakes/private/milters/flake.nix9
-rw-r--r--flakes/private/openarc/flake.nix5
-rw-r--r--systems/backup-2/flake.lock4
-rw-r--r--systems/eldiron/dns.nix6
-rw-r--r--systems/eldiron/flake.lock4
8 files changed, 46 insertions, 34 deletions
diff --git a/deploy/flake.lock b/deploy/flake.lock
index 7e21897..e53d39c 100644
--- a/deploy/flake.lock
+++ b/deploy/flake.lock
@@ -2783,7 +2783,7 @@
2783 }, 2783 },
2784 "locked": { 2784 "locked": {
2785 "lastModified": 1, 2785 "lastModified": 1,
2786 "narHash": "sha256-U/9W/+WAYIWL7g1Wy7sjF/DZzFyCYzs7UPu6QU2zboU=", 2786 "narHash": "sha256-0pgT4QFyk6vDVJZboD4Js8CRLJMtDCvPpMmYSHBgqnU=",
2787 "path": "../flakes", 2787 "path": "../flakes",
2788 "type": "path" 2788 "type": "path"
2789 }, 2789 },
@@ -2876,7 +2876,7 @@
2876 }, 2876 },
2877 "locked": { 2877 "locked": {
2878 "lastModified": 1, 2878 "lastModified": 1,
2879 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 2879 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
2880 "path": "../../flakes/private/milters", 2880 "path": "../../flakes/private/milters",
2881 "type": "path" 2881 "type": "path"
2882 }, 2882 },
@@ -3832,7 +3832,7 @@
3832 }, 3832 },
3833 "locked": { 3833 "locked": {
3834 "lastModified": 1, 3834 "lastModified": 1,
3835 "narHash": "sha256-4IYifux8V3QCpgdSwCR8CpbuOr7CEF6uj4OKTiaEnk8=", 3835 "narHash": "sha256-dslxX2j+qIz/5OJ7J0cMzPhPxMUlM3EoPbHFz2/omjI=",
3836 "path": "../systems/backup-2", 3836 "path": "../systems/backup-2",
3837 "type": "path" 3837 "type": "path"
3838 }, 3838 },
@@ -3903,7 +3903,7 @@
3903 }, 3903 },
3904 "locked": { 3904 "locked": {
3905 "lastModified": 1, 3905 "lastModified": 1,
3906 "narHash": "sha256-uwd/AAgnu/hYHk7lCI5EHBvajek3ucgPpuTRHzMqtas=", 3906 "narHash": "sha256-yMHsjZMbUXAE/6Bhrm+UVPBi4SD3BMEk+t7k/7S9JVo=",
3907 "path": "../systems/eldiron", 3907 "path": "../systems/eldiron",
3908 "type": "path" 3908 "type": "path"
3909 }, 3909 },
@@ -7004,7 +7004,7 @@
7004 }, 7004 },
7005 "locked": { 7005 "locked": {
7006 "lastModified": 1, 7006 "lastModified": 1,
7007 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 7007 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
7008 "path": "../../flakes/private/openarc", 7008 "path": "../../flakes/private/openarc",
7009 "type": "path" 7009 "type": "path"
7010 }, 7010 },
@@ -7523,7 +7523,7 @@
7523 }, 7523 },
7524 "locked": { 7524 "locked": {
7525 "lastModified": 1, 7525 "lastModified": 1,
7526 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 7526 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
7527 "path": "../../flakes/private/milters", 7527 "path": "../../flakes/private/milters",
7528 "type": "path" 7528 "type": "path"
7529 }, 7529 },
@@ -7558,7 +7558,7 @@
7558 }, 7558 },
7559 "locked": { 7559 "locked": {
7560 "lastModified": 1, 7560 "lastModified": 1,
7561 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 7561 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
7562 "path": "../../flakes/private/openarc", 7562 "path": "../../flakes/private/openarc",
7563 "type": "path" 7563 "type": "path"
7564 }, 7564 },
@@ -8394,7 +8394,7 @@
8394 }, 8394 },
8395 "locked": { 8395 "locked": {
8396 "lastModified": 1, 8396 "lastModified": 1,
8397 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 8397 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
8398 "path": "./private/milters", 8398 "path": "./private/milters",
8399 "type": "path" 8399 "type": "path"
8400 }, 8400 },
@@ -8429,7 +8429,7 @@
8429 }, 8429 },
8430 "locked": { 8430 "locked": {
8431 "lastModified": 1, 8431 "lastModified": 1,
8432 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 8432 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
8433 "path": "./private/openarc", 8433 "path": "./private/openarc",
8434 "type": "path" 8434 "type": "path"
8435 }, 8435 },
diff --git a/flake.lock b/flake.lock
index 1accf17..bcce42f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -2664,7 +2664,7 @@
2664 }, 2664 },
2665 "locked": { 2665 "locked": {
2666 "lastModified": 1, 2666 "lastModified": 1,
2667 "narHash": "sha256-U/9W/+WAYIWL7g1Wy7sjF/DZzFyCYzs7UPu6QU2zboU=", 2667 "narHash": "sha256-0pgT4QFyk6vDVJZboD4Js8CRLJMtDCvPpMmYSHBgqnU=",
2668 "path": "./flakes", 2668 "path": "./flakes",
2669 "type": "path" 2669 "type": "path"
2670 }, 2670 },
@@ -2892,7 +2892,7 @@
2892 }, 2892 },
2893 "locked": { 2893 "locked": {
2894 "lastModified": 1, 2894 "lastModified": 1,
2895 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 2895 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
2896 "path": "../../flakes/private/milters", 2896 "path": "../../flakes/private/milters",
2897 "type": "path" 2897 "type": "path"
2898 }, 2898 },
@@ -3848,7 +3848,7 @@
3848 }, 3848 },
3849 "locked": { 3849 "locked": {
3850 "lastModified": 1, 3850 "lastModified": 1,
3851 "narHash": "sha256-4IYifux8V3QCpgdSwCR8CpbuOr7CEF6uj4OKTiaEnk8=", 3851 "narHash": "sha256-dslxX2j+qIz/5OJ7J0cMzPhPxMUlM3EoPbHFz2/omjI=",
3852 "path": "../systems/backup-2", 3852 "path": "../systems/backup-2",
3853 "type": "path" 3853 "type": "path"
3854 }, 3854 },
@@ -3919,7 +3919,7 @@
3919 }, 3919 },
3920 "locked": { 3920 "locked": {
3921 "lastModified": 1, 3921 "lastModified": 1,
3922 "narHash": "sha256-uwd/AAgnu/hYHk7lCI5EHBvajek3ucgPpuTRHzMqtas=", 3922 "narHash": "sha256-yMHsjZMbUXAE/6Bhrm+UVPBi4SD3BMEk+t7k/7S9JVo=",
3923 "path": "../systems/eldiron", 3923 "path": "../systems/eldiron",
3924 "type": "path" 3924 "type": "path"
3925 }, 3925 },
@@ -7020,7 +7020,7 @@
7020 }, 7020 },
7021 "locked": { 7021 "locked": {
7022 "lastModified": 1, 7022 "lastModified": 1,
7023 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 7023 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
7024 "path": "../../flakes/private/openarc", 7024 "path": "../../flakes/private/openarc",
7025 "type": "path" 7025 "type": "path"
7026 }, 7026 },
@@ -7539,7 +7539,7 @@
7539 }, 7539 },
7540 "locked": { 7540 "locked": {
7541 "lastModified": 1, 7541 "lastModified": 1,
7542 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 7542 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
7543 "path": "../../flakes/private/milters", 7543 "path": "../../flakes/private/milters",
7544 "type": "path" 7544 "type": "path"
7545 }, 7545 },
@@ -7574,7 +7574,7 @@
7574 }, 7574 },
7575 "locked": { 7575 "locked": {
7576 "lastModified": 1, 7576 "lastModified": 1,
7577 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 7577 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
7578 "path": "../../flakes/private/openarc", 7578 "path": "../../flakes/private/openarc",
7579 "type": "path" 7579 "type": "path"
7580 }, 7580 },
@@ -8410,7 +8410,7 @@
8410 }, 8410 },
8411 "locked": { 8411 "locked": {
8412 "lastModified": 1, 8412 "lastModified": 1,
8413 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 8413 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
8414 "path": "./private/milters", 8414 "path": "./private/milters",
8415 "type": "path" 8415 "type": "path"
8416 }, 8416 },
@@ -8445,7 +8445,7 @@
8445 }, 8445 },
8446 "locked": { 8446 "locked": {
8447 "lastModified": 1, 8447 "lastModified": 1,
8448 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 8448 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
8449 "path": "./private/openarc", 8449 "path": "./private/openarc",
8450 "type": "path" 8450 "type": "path"
8451 }, 8451 },
diff --git a/flakes/flake.lock b/flakes/flake.lock
index d5a227a..e4b20b2 100644
--- a/flakes/flake.lock
+++ b/flakes/flake.lock
@@ -2797,7 +2797,7 @@
2797 }, 2797 },
2798 "locked": { 2798 "locked": {
2799 "lastModified": 1, 2799 "lastModified": 1,
2800 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 2800 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
2801 "path": "../../flakes/private/milters", 2801 "path": "../../flakes/private/milters",
2802 "type": "path" 2802 "type": "path"
2803 }, 2803 },
@@ -3753,7 +3753,7 @@
3753 }, 3753 },
3754 "locked": { 3754 "locked": {
3755 "lastModified": 1, 3755 "lastModified": 1,
3756 "narHash": "sha256-4IYifux8V3QCpgdSwCR8CpbuOr7CEF6uj4OKTiaEnk8=", 3756 "narHash": "sha256-dslxX2j+qIz/5OJ7J0cMzPhPxMUlM3EoPbHFz2/omjI=",
3757 "path": "../systems/backup-2", 3757 "path": "../systems/backup-2",
3758 "type": "path" 3758 "type": "path"
3759 }, 3759 },
@@ -3824,7 +3824,7 @@
3824 }, 3824 },
3825 "locked": { 3825 "locked": {
3826 "lastModified": 1, 3826 "lastModified": 1,
3827 "narHash": "sha256-uwd/AAgnu/hYHk7lCI5EHBvajek3ucgPpuTRHzMqtas=", 3827 "narHash": "sha256-yMHsjZMbUXAE/6Bhrm+UVPBi4SD3BMEk+t7k/7S9JVo=",
3828 "path": "../systems/eldiron", 3828 "path": "../systems/eldiron",
3829 "type": "path" 3829 "type": "path"
3830 }, 3830 },
@@ -6847,7 +6847,7 @@
6847 }, 6847 },
6848 "locked": { 6848 "locked": {
6849 "lastModified": 1, 6849 "lastModified": 1,
6850 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 6850 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
6851 "path": "../../flakes/private/openarc", 6851 "path": "../../flakes/private/openarc",
6852 "type": "path" 6852 "type": "path"
6853 }, 6853 },
@@ -7366,7 +7366,7 @@
7366 }, 7366 },
7367 "locked": { 7367 "locked": {
7368 "lastModified": 1, 7368 "lastModified": 1,
7369 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 7369 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
7370 "path": "../../flakes/private/milters", 7370 "path": "../../flakes/private/milters",
7371 "type": "path" 7371 "type": "path"
7372 }, 7372 },
@@ -7401,7 +7401,7 @@
7401 }, 7401 },
7402 "locked": { 7402 "locked": {
7403 "lastModified": 1, 7403 "lastModified": 1,
7404 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 7404 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
7405 "path": "../../flakes/private/openarc", 7405 "path": "../../flakes/private/openarc",
7406 "type": "path" 7406 "type": "path"
7407 }, 7407 },
@@ -8276,7 +8276,7 @@
8276 }, 8276 },
8277 "locked": { 8277 "locked": {
8278 "lastModified": 1, 8278 "lastModified": 1,
8279 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 8279 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
8280 "path": "./private/milters", 8280 "path": "./private/milters",
8281 "type": "path" 8281 "type": "path"
8282 }, 8282 },
@@ -8311,7 +8311,7 @@
8311 }, 8311 },
8312 "locked": { 8312 "locked": {
8313 "lastModified": 1, 8313 "lastModified": 1,
8314 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 8314 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
8315 "path": "./private/openarc", 8315 "path": "./private/openarc",
8316 "type": "path" 8316 "type": "path"
8317 }, 8317 },
diff --git a/flakes/private/milters/flake.nix b/flakes/private/milters/flake.nix
index c4de5b6..fc088f9 100644
--- a/flakes/private/milters/flake.nix
+++ b/flakes/private/milters/flake.nix
@@ -42,6 +42,12 @@
42 permissions = "0400"; 42 permissions = "0400";
43 text = config.myEnv.mail.dkim.eldiron.private; 43 text = config.myEnv.mail.dkim.eldiron.private;
44 }; 44 };
45 "opendkim/eldiron2.private" = {
46 user = config.services.opendkim.user;
47 group = config.services.opendkim.group;
48 permissions = "0400";
49 text = config.myEnv.mail.dkim.eldiron2.private;
50 };
45 }; 51 };
46 users.users."${config.services.opendkim.user}".extraGroups = [ "keys" ]; 52 users.users."${config.services.opendkim.user}".extraGroups = [ "keys" ];
47 services.opendkim = { 53 services.opendkim = {
@@ -55,7 +61,7 @@
55 in 61 in
56 builtins.concatStringsSep "," domains'; 62 builtins.concatStringsSep "," domains';
57 keyPath = config.secrets.fullPaths."opendkim"; 63 keyPath = config.secrets.fullPaths."opendkim";
58 selector = "eldiron"; 64 selector = "eldiron2";
59 configFile = pkgs.writeText "opendkim.conf" '' 65 configFile = pkgs.writeText "opendkim.conf" ''
60 SubDomains yes 66 SubDomains yes
61 UMask 002 67 UMask 002
@@ -72,6 +78,7 @@
72 restart = true; 78 restart = true;
73 paths = [ 79 paths = [
74 config.secrets.fullPaths."opendkim/eldiron.private" 80 config.secrets.fullPaths."opendkim/eldiron.private"
81 config.secrets.fullPaths."opendkim/eldiron2.private"
75 ]; 82 ];
76 }; 83 };
77 84
diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix
index 56c3a1a..69e0767 100644
--- a/flakes/private/openarc/flake.nix
+++ b/flakes/private/openarc/flake.nix
@@ -21,9 +21,9 @@
21 configFile = pkgs.writeText "openarc.conf" '' 21 configFile = pkgs.writeText "openarc.conf" ''
22 AuthservID mail.immae.eu 22 AuthservID mail.immae.eu
23 Domain mail.immae.eu 23 Domain mail.immae.eu
24 KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} 24 KeyFile ${config.secrets.fullPaths."opendkim/eldiron2.private"}
25 Mode sv 25 Mode sv
26 Selector eldiron 26 Selector eldiron2
27 SoftwareHeader yes 27 SoftwareHeader yes
28 Syslog Yes 28 Syslog Yes
29 ''; 29 '';
@@ -38,6 +38,7 @@
38 services.filesWatcher.openarc = { 38 services.filesWatcher.openarc = {
39 restart = true; 39 restart = true;
40 paths = [ 40 paths = [
41 config.secrets.fullPaths."opendkim/eldiron2.private"
41 config.secrets.fullPaths."opendkim/eldiron.private" 42 config.secrets.fullPaths."opendkim/eldiron.private"
42 ]; 43 ];
43 }; 44 };
diff --git a/systems/backup-2/flake.lock b/systems/backup-2/flake.lock
index 83ba265..44a490f 100644
--- a/systems/backup-2/flake.lock
+++ b/systems/backup-2/flake.lock
@@ -371,7 +371,7 @@
371 }, 371 },
372 "locked": { 372 "locked": {
373 "lastModified": 1, 373 "lastModified": 1,
374 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 374 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
375 "path": "../../flakes/private/milters", 375 "path": "../../flakes/private/milters",
376 "type": "path" 376 "type": "path"
377 }, 377 },
@@ -856,7 +856,7 @@
856 }, 856 },
857 "locked": { 857 "locked": {
858 "lastModified": 1, 858 "lastModified": 1,
859 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 859 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
860 "path": "../../flakes/private/openarc", 860 "path": "../../flakes/private/openarc",
861 "type": "path" 861 "type": "path"
862 }, 862 },
diff --git a/systems/eldiron/dns.nix b/systems/eldiron/dns.nix
index 857b233..b076f62 100644
--- a/systems/eldiron/dns.nix
+++ b/systems/eldiron/dns.nix
@@ -50,7 +50,11 @@ in
50 }; 50 };
51 }; 51 };
52 mailSend = { 52 mailSend = {
53 # DKIM 53 # DKIM 2048b
54 subdomains._domainkey.subdomains.eldiron2.TXT = [
55 (toKV config.myEnv.mail.dkim.eldiron2.public)
56 ];
57 # DKIM 1024b
54 subdomains._domainkey.subdomains.eldiron.TXT = [ 58 subdomains._domainkey.subdomains.eldiron.TXT = [
55 (toKV config.myEnv.mail.dkim.eldiron.public) 59 (toKV config.myEnv.mail.dkim.eldiron.public)
56 ]; 60 ];
diff --git a/systems/eldiron/flake.lock b/systems/eldiron/flake.lock
index 3291993..0db13d7 100644
--- a/systems/eldiron/flake.lock
+++ b/systems/eldiron/flake.lock
@@ -2020,7 +2020,7 @@
2020 }, 2020 },
2021 "locked": { 2021 "locked": {
2022 "lastModified": 1, 2022 "lastModified": 1,
2023 "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", 2023 "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=",
2024 "path": "../../flakes/private/milters", 2024 "path": "../../flakes/private/milters",
2025 "type": "path" 2025 "type": "path"
2026 }, 2026 },
@@ -2055,7 +2055,7 @@
2055 }, 2055 },
2056 "locked": { 2056 "locked": {
2057 "lastModified": 1, 2057 "lastModified": 1,
2058 "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", 2058 "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=",
2059 "path": "../../flakes/private/openarc", 2059 "path": "../../flakes/private/openarc",
2060 "type": "path" 2060 "type": "path"
2061 }, 2061 },
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 21:03:11 +0000