diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-13 00:43:56 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-13 01:10:12 +0200 |
| commit | c4511c38a49c60394b91ec9d4499cdbf41f4e60c (patch) | |
| tree | e43bc1ab2f5562a871aaa51d19391aadc5dde717 /flakes/private | |
| parent | 1cf1f9162bd4556858a0190eee5bfd7ba0f7bb4c (diff) | |
| download | Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.tar.gz Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.tar.zst Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.zip | |
Change dkim key for a 2048b one
Diffstat (limited to 'flakes/private')
| -rw-r--r-- | flakes/private/milters/flake.nix | 9 | ||||
| -rw-r--r-- | flakes/private/openarc/flake.nix | 5 |
2 files changed, 11 insertions, 3 deletions
diff --git a/flakes/private/milters/flake.nix b/flakes/private/milters/flake.nix index c4de5b6..fc088f9 100644 --- a/flakes/private/milters/flake.nix +++ b/flakes/private/milters/flake.nix | |||
| @@ -42,6 +42,12 @@ | |||
| 42 | permissions = "0400"; | 42 | permissions = "0400"; |
| 43 | text = config.myEnv.mail.dkim.eldiron.private; | 43 | text = config.myEnv.mail.dkim.eldiron.private; |
| 44 | }; | 44 | }; |
| 45 | "opendkim/eldiron2.private" = { | ||
| 46 | user = config.services.opendkim.user; | ||
| 47 | group = config.services.opendkim.group; | ||
| 48 | permissions = "0400"; | ||
| 49 | text = config.myEnv.mail.dkim.eldiron2.private; | ||
| 50 | }; | ||
| 45 | }; | 51 | }; |
| 46 | users.users."${config.services.opendkim.user}".extraGroups = [ "keys" ]; | 52 | users.users."${config.services.opendkim.user}".extraGroups = [ "keys" ]; |
| 47 | services.opendkim = { | 53 | services.opendkim = { |
| @@ -55,7 +61,7 @@ | |||
| 55 | in | 61 | in |
| 56 | builtins.concatStringsSep "," domains'; | 62 | builtins.concatStringsSep "," domains'; |
| 57 | keyPath = config.secrets.fullPaths."opendkim"; | 63 | keyPath = config.secrets.fullPaths."opendkim"; |
| 58 | selector = "eldiron"; | 64 | selector = "eldiron2"; |
| 59 | configFile = pkgs.writeText "opendkim.conf" '' | 65 | configFile = pkgs.writeText "opendkim.conf" '' |
| 60 | SubDomains yes | 66 | SubDomains yes |
| 61 | UMask 002 | 67 | UMask 002 |
| @@ -72,6 +78,7 @@ | |||
| 72 | restart = true; | 78 | restart = true; |
| 73 | paths = [ | 79 | paths = [ |
| 74 | config.secrets.fullPaths."opendkim/eldiron.private" | 80 | config.secrets.fullPaths."opendkim/eldiron.private" |
| 81 | config.secrets.fullPaths."opendkim/eldiron2.private" | ||
| 75 | ]; | 82 | ]; |
| 76 | }; | 83 | }; |
| 77 | 84 | ||
diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix index 56c3a1a..69e0767 100644 --- a/flakes/private/openarc/flake.nix +++ b/flakes/private/openarc/flake.nix | |||
| @@ -21,9 +21,9 @@ | |||
| 21 | configFile = pkgs.writeText "openarc.conf" '' | 21 | configFile = pkgs.writeText "openarc.conf" '' |
| 22 | AuthservID mail.immae.eu | 22 | AuthservID mail.immae.eu |
| 23 | Domain mail.immae.eu | 23 | Domain mail.immae.eu |
| 24 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} | 24 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron2.private"} |
| 25 | Mode sv | 25 | Mode sv |
| 26 | Selector eldiron | 26 | Selector eldiron2 |
| 27 | SoftwareHeader yes | 27 | SoftwareHeader yes |
| 28 | Syslog Yes | 28 | Syslog Yes |
| 29 | ''; | 29 | ''; |
| @@ -38,6 +38,7 @@ | |||
| 38 | services.filesWatcher.openarc = { | 38 | services.filesWatcher.openarc = { |
| 39 | restart = true; | 39 | restart = true; |
| 40 | paths = [ | 40 | paths = [ |
| 41 | config.secrets.fullPaths."opendkim/eldiron2.private" | ||
| 41 | config.secrets.fullPaths."opendkim/eldiron.private" | 42 | config.secrets.fullPaths."opendkim/eldiron.private" |
| 42 | ]; | 43 | ]; |
| 43 | }; | 44 | }; |