aboutsummaryrefslogtreecommitdiff
path: root/flakes/private/openarc
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2021-01-21 09:56:28 +0100
committerIsmaël Bouya <ismael.bouya@normalesup.org>2021-01-21 10:07:19 +0100
commitef43c36272ca539cbfe803ded03949451b17b679 (patch)
tree3cf9412dbb2f407f3c8f97e7eaf208dfdb368bd4 /flakes/private/openarc
parent23f9fdf03a6673dbe334ae33be4f498cc4753191 (diff)
downloadNix-ef43c36272ca539cbfe803ded03949451b17b679.tar.gz
Nix-ef43c36272ca539cbfe803ded03949451b17b679.tar.zst
Nix-ef43c36272ca539cbfe803ded03949451b17b679.zip
Add private flake for openarc and opendmarc
Diffstat (limited to 'flakes/private/openarc')
-rw-r--r--flakes/private/openarc/flake.lock113
-rw-r--r--flakes/private/openarc/flake.nix46
2 files changed, 159 insertions, 0 deletions
diff --git a/flakes/private/openarc/flake.lock b/flakes/private/openarc/flake.lock
new file mode 100644
index 0000000..69186fb
--- /dev/null
+++ b/flakes/private/openarc/flake.lock
@@ -0,0 +1,113 @@
1{
2 "nodes": {
3 "flake-utils": {
4 "locked": {
5 "lastModified": 1609246779,
6 "narHash": "sha256-eq6ZXE/VWo3EMC65jmIT6H/rrUc9UWOWVujkzav025k=",
7 "owner": "numtide",
8 "repo": "flake-utils",
9 "rev": "08c7ad4a0844adc4a7f9f5bb3beae482e789afa4",
10 "type": "github"
11 },
12 "original": {
13 "owner": "numtide",
14 "repo": "flake-utils",
15 "type": "github"
16 }
17 },
18 "myuids": {
19 "locked": {
20 "dir": "flakes/myuids",
21 "lastModified": 1609281959,
22 "narHash": "sha256-SYNlHeobQAzTzK0pM5AqMn7M2WbTuzBeoD+Q3Mu+sho=",
23 "ref": "master",
24 "rev": "1be9e64bb4556676f65e6e5044e04426848849c0",
25 "revCount": 791,
26 "type": "git",
27 "url": "https://git.immae.eu/perso/Immae/Config/Nix.git"
28 },
29 "original": {
30 "dir": "flakes/myuids",
31 "type": "git",
32 "url": "https://git.immae.eu/perso/Immae/Config/Nix.git"
33 }
34 },
35 "nixpkgs": {
36 "locked": {
37 "lastModified": 1611218116,
38 "narHash": "sha256-CcyGZ8cLlHgiViWyBjRIjdsdRZxJjP2MgtWeuqSv3CE=",
39 "owner": "NixOS",
40 "repo": "nixpkgs",
41 "rev": "30ab92ea31f6b7e9095b1e7e4b56a5000823efdf",
42 "type": "github"
43 },
44 "original": {
45 "owner": "NixOS",
46 "repo": "nixpkgs",
47 "type": "github"
48 }
49 },
50 "nixpkgs_2": {
51 "locked": {
52 "lastModified": 1597943282,
53 "narHash": "sha256-G/VQBlqO7YeFOSvn29RqdvABZxmQBtiRYVA6kjqWZ6o=",
54 "owner": "NixOS",
55 "repo": "nixpkgs",
56 "rev": "c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38",
57 "type": "github"
58 },
59 "original": {
60 "owner": "NixOS",
61 "repo": "nixpkgs",
62 "type": "github"
63 }
64 },
65 "openarc": {
66 "inputs": {
67 "flake-utils": "flake-utils",
68 "myuids": "myuids",
69 "nixpkgs": "nixpkgs_2",
70 "openarc": "openarc_2"
71 },
72 "locked": {
73 "dir": "flakes/openarc",
74 "lastModified": 1611091761,
75 "narHash": "sha256-fE3FBeUxVaMezKjEpepdQW9apOza+0AfBALFhaaD0VA=",
76 "ref": "master",
77 "rev": "23f9fdf03a6673dbe334ae33be4f498cc4753191",
78 "revCount": 802,
79 "type": "git",
80 "url": "https://git.immae.eu/perso/Immae/Config/Nix.git"
81 },
82 "original": {
83 "dir": "flakes/openarc",
84 "type": "git",
85 "url": "https://git.immae.eu/perso/Immae/Config/Nix.git"
86 }
87 },
88 "openarc_2": {
89 "flake": false,
90 "locked": {
91 "lastModified": 1537545083,
92 "narHash": "sha256-xUSRARC7875vFjtZ66t8KBlKmkEdIZblWHc4zqGZAQQ=",
93 "owner": "trusteddomainproject",
94 "repo": "OpenARC",
95 "rev": "355ee2a1ca85acccce494478991983b54f794f4e",
96 "type": "github"
97 },
98 "original": {
99 "owner": "trusteddomainproject",
100 "repo": "OpenARC",
101 "type": "github"
102 }
103 },
104 "root": {
105 "inputs": {
106 "nixpkgs": "nixpkgs",
107 "openarc": "openarc"
108 }
109 }
110 },
111 "root": "root",
112 "version": 7
113}
diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix
new file mode 100644
index 0000000..6a2518b
--- /dev/null
+++ b/flakes/private/openarc/flake.nix
@@ -0,0 +1,46 @@
1{
2 inputs.openarc = {
3 url = "https://git.immae.eu/perso/Immae/Config/Nix.git";
4 type = "git";
5 dir = "flakes/openarc";
6 };
7 inputs.nixpkgs.url = "github:NixOS/nixpkgs";
8
9 description = "Private configuration for openarc";
10 outputs = { self, nixpkgs, openarc }:
11 let
12 cfg = name': { config, lib, pkgs, name, ... }: lib.mkIf (name == name') {
13 services.openarc = {
14 enable = true;
15 user = "opendkim";
16 socket = "local:${config.myServices.mail.milters.sockets.openarc}";
17 group = config.services.postfix.group;
18 configFile = pkgs.writeText "openarc.conf" ''
19 AuthservID mail.immae.eu
20 Domain mail.immae.eu
21 KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"}
22 Mode sv
23 Selector eldiron
24 SoftwareHeader yes
25 Syslog Yes
26 '';
27 };
28 systemd.services.openarc.serviceConfig.Slice = "mail.slice";
29 systemd.services.openarc.postStart = lib.optionalString
30 (lib.strings.hasPrefix "local:" config.services.openarc.socket) ''
31 while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do
32 sleep 0.5
33 done
34 chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket}
35 '';
36 services.filesWatcher.openarc = {
37 restart = true;
38 paths = [
39 config.secrets.fullPaths."opendkim/eldiron.private"
40 ];
41 };
42 };
43 in
44 openarc.outputs //
45 { nixosModules = openarc.nixosModules or {} // nixpkgs.lib.genAttrs ["eldiron" "backup-2"] cfg; };
46}