diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-13 00:43:56 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-13 01:10:12 +0200 |
| commit | c4511c38a49c60394b91ec9d4499cdbf41f4e60c (patch) | |
| tree | e43bc1ab2f5562a871aaa51d19391aadc5dde717 /flakes | |
| parent | 1cf1f9162bd4556858a0190eee5bfd7ba0f7bb4c (diff) | |
| download | Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.tar.gz Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.tar.zst Nix-c4511c38a49c60394b91ec9d4499cdbf41f4e60c.zip | |
Change dkim key for a 2048b one
Diffstat (limited to 'flakes')
| -rw-r--r-- | flakes/flake.lock | 16 | ||||
| -rw-r--r-- | flakes/private/milters/flake.nix | 9 | ||||
| -rw-r--r-- | flakes/private/openarc/flake.nix | 5 |
3 files changed, 19 insertions, 11 deletions
diff --git a/flakes/flake.lock b/flakes/flake.lock index d5a227a..e4b20b2 100644 --- a/flakes/flake.lock +++ b/flakes/flake.lock | |||
| @@ -2797,7 +2797,7 @@ | |||
| 2797 | }, | 2797 | }, |
| 2798 | "locked": { | 2798 | "locked": { |
| 2799 | "lastModified": 1, | 2799 | "lastModified": 1, |
| 2800 | "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", | 2800 | "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=", |
| 2801 | "path": "../../flakes/private/milters", | 2801 | "path": "../../flakes/private/milters", |
| 2802 | "type": "path" | 2802 | "type": "path" |
| 2803 | }, | 2803 | }, |
| @@ -3753,7 +3753,7 @@ | |||
| 3753 | }, | 3753 | }, |
| 3754 | "locked": { | 3754 | "locked": { |
| 3755 | "lastModified": 1, | 3755 | "lastModified": 1, |
| 3756 | "narHash": "sha256-4IYifux8V3QCpgdSwCR8CpbuOr7CEF6uj4OKTiaEnk8=", | 3756 | "narHash": "sha256-dslxX2j+qIz/5OJ7J0cMzPhPxMUlM3EoPbHFz2/omjI=", |
| 3757 | "path": "../systems/backup-2", | 3757 | "path": "../systems/backup-2", |
| 3758 | "type": "path" | 3758 | "type": "path" |
| 3759 | }, | 3759 | }, |
| @@ -3824,7 +3824,7 @@ | |||
| 3824 | }, | 3824 | }, |
| 3825 | "locked": { | 3825 | "locked": { |
| 3826 | "lastModified": 1, | 3826 | "lastModified": 1, |
| 3827 | "narHash": "sha256-uwd/AAgnu/hYHk7lCI5EHBvajek3ucgPpuTRHzMqtas=", | 3827 | "narHash": "sha256-yMHsjZMbUXAE/6Bhrm+UVPBi4SD3BMEk+t7k/7S9JVo=", |
| 3828 | "path": "../systems/eldiron", | 3828 | "path": "../systems/eldiron", |
| 3829 | "type": "path" | 3829 | "type": "path" |
| 3830 | }, | 3830 | }, |
| @@ -6847,7 +6847,7 @@ | |||
| 6847 | }, | 6847 | }, |
| 6848 | "locked": { | 6848 | "locked": { |
| 6849 | "lastModified": 1, | 6849 | "lastModified": 1, |
| 6850 | "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", | 6850 | "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=", |
| 6851 | "path": "../../flakes/private/openarc", | 6851 | "path": "../../flakes/private/openarc", |
| 6852 | "type": "path" | 6852 | "type": "path" |
| 6853 | }, | 6853 | }, |
| @@ -7366,7 +7366,7 @@ | |||
| 7366 | }, | 7366 | }, |
| 7367 | "locked": { | 7367 | "locked": { |
| 7368 | "lastModified": 1, | 7368 | "lastModified": 1, |
| 7369 | "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", | 7369 | "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=", |
| 7370 | "path": "../../flakes/private/milters", | 7370 | "path": "../../flakes/private/milters", |
| 7371 | "type": "path" | 7371 | "type": "path" |
| 7372 | }, | 7372 | }, |
| @@ -7401,7 +7401,7 @@ | |||
| 7401 | }, | 7401 | }, |
| 7402 | "locked": { | 7402 | "locked": { |
| 7403 | "lastModified": 1, | 7403 | "lastModified": 1, |
| 7404 | "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", | 7404 | "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=", |
| 7405 | "path": "../../flakes/private/openarc", | 7405 | "path": "../../flakes/private/openarc", |
| 7406 | "type": "path" | 7406 | "type": "path" |
| 7407 | }, | 7407 | }, |
| @@ -8276,7 +8276,7 @@ | |||
| 8276 | }, | 8276 | }, |
| 8277 | "locked": { | 8277 | "locked": { |
| 8278 | "lastModified": 1, | 8278 | "lastModified": 1, |
| 8279 | "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", | 8279 | "narHash": "sha256-VhRXb3AAlSKwkq4BfVmoKzkLxEaAFGjYLAFETTZuhjE=", |
| 8280 | "path": "./private/milters", | 8280 | "path": "./private/milters", |
| 8281 | "type": "path" | 8281 | "type": "path" |
| 8282 | }, | 8282 | }, |
| @@ -8311,7 +8311,7 @@ | |||
| 8311 | }, | 8311 | }, |
| 8312 | "locked": { | 8312 | "locked": { |
| 8313 | "lastModified": 1, | 8313 | "lastModified": 1, |
| 8314 | "narHash": "sha256-08NmS2KKpthWHC7ob5cu1RBKA7JaPEMqcL5HHwH3vLA=", | 8314 | "narHash": "sha256-OAM9gsDUnwGZWwnFF9F1GWLDr41V4LdGj4+daTdwjks=", |
| 8315 | "path": "./private/openarc", | 8315 | "path": "./private/openarc", |
| 8316 | "type": "path" | 8316 | "type": "path" |
| 8317 | }, | 8317 | }, |
diff --git a/flakes/private/milters/flake.nix b/flakes/private/milters/flake.nix index c4de5b6..fc088f9 100644 --- a/flakes/private/milters/flake.nix +++ b/flakes/private/milters/flake.nix | |||
| @@ -42,6 +42,12 @@ | |||
| 42 | permissions = "0400"; | 42 | permissions = "0400"; |
| 43 | text = config.myEnv.mail.dkim.eldiron.private; | 43 | text = config.myEnv.mail.dkim.eldiron.private; |
| 44 | }; | 44 | }; |
| 45 | "opendkim/eldiron2.private" = { | ||
| 46 | user = config.services.opendkim.user; | ||
| 47 | group = config.services.opendkim.group; | ||
| 48 | permissions = "0400"; | ||
| 49 | text = config.myEnv.mail.dkim.eldiron2.private; | ||
| 50 | }; | ||
| 45 | }; | 51 | }; |
| 46 | users.users."${config.services.opendkim.user}".extraGroups = [ "keys" ]; | 52 | users.users."${config.services.opendkim.user}".extraGroups = [ "keys" ]; |
| 47 | services.opendkim = { | 53 | services.opendkim = { |
| @@ -55,7 +61,7 @@ | |||
| 55 | in | 61 | in |
| 56 | builtins.concatStringsSep "," domains'; | 62 | builtins.concatStringsSep "," domains'; |
| 57 | keyPath = config.secrets.fullPaths."opendkim"; | 63 | keyPath = config.secrets.fullPaths."opendkim"; |
| 58 | selector = "eldiron"; | 64 | selector = "eldiron2"; |
| 59 | configFile = pkgs.writeText "opendkim.conf" '' | 65 | configFile = pkgs.writeText "opendkim.conf" '' |
| 60 | SubDomains yes | 66 | SubDomains yes |
| 61 | UMask 002 | 67 | UMask 002 |
| @@ -72,6 +78,7 @@ | |||
| 72 | restart = true; | 78 | restart = true; |
| 73 | paths = [ | 79 | paths = [ |
| 74 | config.secrets.fullPaths."opendkim/eldiron.private" | 80 | config.secrets.fullPaths."opendkim/eldiron.private" |
| 81 | config.secrets.fullPaths."opendkim/eldiron2.private" | ||
| 75 | ]; | 82 | ]; |
| 76 | }; | 83 | }; |
| 77 | 84 | ||
diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix index 56c3a1a..69e0767 100644 --- a/flakes/private/openarc/flake.nix +++ b/flakes/private/openarc/flake.nix | |||
| @@ -21,9 +21,9 @@ | |||
| 21 | configFile = pkgs.writeText "openarc.conf" '' | 21 | configFile = pkgs.writeText "openarc.conf" '' |
| 22 | AuthservID mail.immae.eu | 22 | AuthservID mail.immae.eu |
| 23 | Domain mail.immae.eu | 23 | Domain mail.immae.eu |
| 24 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} | 24 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron2.private"} |
| 25 | Mode sv | 25 | Mode sv |
| 26 | Selector eldiron | 26 | Selector eldiron2 |
| 27 | SoftwareHeader yes | 27 | SoftwareHeader yes |
| 28 | Syslog Yes | 28 | Syslog Yes |
| 29 | ''; | 29 | ''; |
| @@ -38,6 +38,7 @@ | |||
| 38 | services.filesWatcher.openarc = { | 38 | services.filesWatcher.openarc = { |
| 39 | restart = true; | 39 | restart = true; |
| 40 | paths = [ | 40 | paths = [ |
| 41 | config.secrets.fullPaths."opendkim/eldiron2.private" | ||
| 41 | config.secrets.fullPaths."opendkim/eldiron.private" | 42 | config.secrets.fullPaths."opendkim/eldiron.private" |
| 42 | ]; | 43 | ]; |
| 43 | }; | 44 | }; |