diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-07 15:22:57 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-15 23:15:44 +0200 |
| commit | 910c2e9eb4996bfa12cd1ef925843403f7d3e154 (patch) | |
| tree | 13e291516d2d66ee8307b46b8b116306efad9974 /flakes/private/opendmarc | |
| parent | 27dd65fc95a91155367acbe15754dc22c8869552 (diff) | |
| download | Nix-910c2e9eb4996bfa12cd1ef925843403f7d3e154.tar.gz Nix-910c2e9eb4996bfa12cd1ef925843403f7d3e154.tar.zst Nix-910c2e9eb4996bfa12cd1ef925843403f7d3e154.zip | |
Refactor opendmarc/openarc flakes
Diffstat (limited to 'flakes/private/opendmarc')
| -rw-r--r-- | flakes/private/opendmarc/flake.lock | 8 | ||||
| -rw-r--r-- | flakes/private/opendmarc/flake.nix | 9 |
2 files changed, 11 insertions, 6 deletions
diff --git a/flakes/private/opendmarc/flake.lock b/flakes/private/opendmarc/flake.lock index ea056e5..121f51d 100644 --- a/flakes/private/opendmarc/flake.lock +++ b/flakes/private/opendmarc/flake.lock | |||
| @@ -59,11 +59,11 @@ | |||
| 59 | }, | 59 | }, |
| 60 | "nix-lib": { | 60 | "nix-lib": { |
| 61 | "locked": { | 61 | "locked": { |
| 62 | "lastModified": 1630358951, | 62 | "lastModified": 1633008342, |
| 63 | "narHash": "sha256-y6jh6YDWX6fX88tS9bSFOVSnckCL4qgt7UqUJhLPSx8=", | 63 | "narHash": "sha256-wZV5YidnsqV/iufDIhaZip3LzwUGeIt8wtdiGS5+cXc=", |
| 64 | "owner": "NixOS", | 64 | "owner": "NixOS", |
| 65 | "repo": "nixpkgs", | 65 | "repo": "nixpkgs", |
| 66 | "rev": "2d786792ca69c98a8655858464e53698ad7311e2", | 66 | "rev": "6eae8a116011f4db0aa5146f364820024411d6bb", |
| 67 | "type": "github" | 67 | "type": "github" |
| 68 | }, | 68 | }, |
| 69 | "original": { | 69 | "original": { |
| @@ -109,7 +109,7 @@ | |||
| 109 | "nixpkgs": "nixpkgs_2" | 109 | "nixpkgs": "nixpkgs_2" |
| 110 | }, | 110 | }, |
| 111 | "locked": { | 111 | "locked": { |
| 112 | "narHash": "sha256-eIe5hzNsp1zz5m4ZMzORwdHuLkhEsKkS7WMpPOJE4ok=", | 112 | "narHash": "sha256-7jup/d3+WXXWsNMB7Sp5Py4rJQV30Z5+PJITBISbQ9o=", |
| 113 | "path": "../../opendmarc", | 113 | "path": "../../opendmarc", |
| 114 | "type": "path" | 114 | "type": "path" |
| 115 | }, | 115 | }, |
diff --git a/flakes/private/opendmarc/flake.nix b/flakes/private/opendmarc/flake.nix index 4b54ccf..debcfbd 100644 --- a/flakes/private/opendmarc/flake.nix +++ b/flakes/private/opendmarc/flake.nix | |||
| @@ -17,13 +17,18 @@ | |||
| 17 | outputs = { self, nix-lib, opendmarc, my-lib, files-watcher }: | 17 | outputs = { self, nix-lib, opendmarc, my-lib, files-watcher }: |
| 18 | let | 18 | let |
| 19 | cfg = name': { config, lib, pkgs, name, ... }: { | 19 | cfg = name': { config, lib, pkgs, name, ... }: { |
| 20 | imports = [ (my-lib.lib.withNarKey files-watcher "nixosModule") ]; | 20 | imports = [ |
| 21 | (my-lib.lib.withNarKey files-watcher "nixosModule") | ||
| 22 | (my-lib.lib.withNarKey opendmarc "nixosModule") | ||
| 23 | #FIXME: | ||
| 24 | #(my-lib.lib.withNarKey secrets "nixosModule") | ||
| 25 | ]; | ||
| 21 | config = lib.mkIf (name == name') { | 26 | config = lib.mkIf (name == name') { |
| 22 | users.users."${config.services.opendmarc.user}".extraGroups = [ "keys" ]; | 27 | users.users."${config.services.opendmarc.user}".extraGroups = [ "keys" ]; |
| 23 | systemd.services.opendmarc.serviceConfig.Slice = "mail.slice"; | 28 | systemd.services.opendmarc.serviceConfig.Slice = "mail.slice"; |
| 24 | services.opendmarc = { | 29 | services.opendmarc = { |
| 25 | enable = true; | 30 | enable = true; |
| 26 | socket = "local:${config.myServices.mail.milters.sockets.opendmarc}"; | 31 | socket = "/run/opendmarc/opendmarc.sock"; |
| 27 | configFile = pkgs.writeText "opendmarc.conf" '' | 32 | configFile = pkgs.writeText "opendmarc.conf" '' |
| 28 | AuthservID HOSTNAME | 33 | AuthservID HOSTNAME |
| 29 | FailureReports false | 34 | FailureReports false |