1 files changed, 40 insertions, 56 deletions
diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix
index b4ab4c8..56c3a1a 100644
--- a/flakes/private/openarc/flake.nix
+++ b/flakes/private/openarc/flake.nix
@@ -1,63 +1,47 @@
 {
-  inputs.openarc = {
+  inputs.openarc.url = "path:../../openarc";
-    path = "../../openarc";
+  inputs.secrets.url = "path:../../secrets";
-    type = "path";
+  inputs.files-watcher.url = "path:../../files-watcher";
-  };
-  inputs.secrets = {
-    path = "../../secrets";
-    type = "path";
-  };
-  inputs.files-watcher = {
-    path = "../../files-watcher";
-    type = "path";
-  };
-  inputs.my-lib = {
-    path = "../../lib";
-    type = "path";
-  };
-  inputs.nix-lib.url = "github:NixOS/nixpkgs";
  description = "Private configuration for openarc";
-  outputs = { self, nix-lib, my-lib, files-watcher, openarc, secrets }:
+  outputs = { self, files-watcher, openarc, secrets }: {
-    let
+    nixosModule = self.nixosModules.openarc;
-      cfg = name': { config, lib, pkgs, name, ... }: {
+    nixosModules.openarc = { config, pkgs, ... }: {
-        imports = [
+      imports = [
-          (my-lib.lib.withNarKey files-watcher "nixosModule")
+        files-watcher.nixosModule
-          (my-lib.lib.withNarKey openarc "nixosModule")
+        openarc.nixosModule
-          (my-lib.lib.withNarKey secrets "nixosModule")
+        secrets.nixosModule
-        ];
+      ];
-        config = lib.mkIf (name == name') {
+      config = {
-          services.openarc = {
+        services.openarc = {
-            enable = true;
+          enable = true;
-            user = "opendkim";
+          user = "opendkim";
-            socket = "/run/openarc/openarc.sock";
+          socket = "/run/openarc/openarc.sock";
-            group = config.services.postfix.group;
+          group = config.services.postfix.group;
-            configFile = pkgs.writeText "openarc.conf" ''
+          configFile = pkgs.writeText "openarc.conf" ''
-              AuthservID              mail.immae.eu
+            AuthservID              mail.immae.eu
-              Domain                  mail.immae.eu
+            Domain                  mail.immae.eu
-              KeyFile                 ${config.secrets.fullPaths."opendkim/eldiron.private"}
+            KeyFile                 ${config.secrets.fullPaths."opendkim/eldiron.private"}
-              Mode                    sv
+            Mode                    sv
-              Selector                eldiron
+            Selector                eldiron
-              SoftwareHeader          yes
+            SoftwareHeader          yes
-              Syslog                  Yes
+            Syslog                  Yes
-              '';
-          };
-          systemd.services.openarc.serviceConfig.Slice = "mail.slice";
-          systemd.services.openarc.postStart = ''
-            while [ ! -S ${config.services.openarc.socket} ]; do
-              sleep 0.5
-            done
-            chmod g+w ${config.services.openarc.socket}
            '';
-          services.filesWatcher.openarc = {
+        };
-            restart = true;
+        systemd.services.openarc.serviceConfig.Slice = "mail.slice";
-            paths = [
+        systemd.services.openarc.postStart = ''
-              config.secrets.fullPaths."opendkim/eldiron.private"
+          while [ ! -S ${config.services.openarc.socket} ]; do
-            ];
+            sleep 0.5
-          };
+          done
+          chmod g+w ${config.services.openarc.socket}
+          '';
+        services.filesWatcher.openarc = {
+          restart = true;
+          paths = [
+            config.secrets.fullPaths."opendkim/eldiron.private"
+          ];
        };
      };
-    in
+    };
-      openarc.outputs //
+  };
-      { nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; };
 }

diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix index b4ab4c8..56c3a1a 100644 --- a/flakes/private/openarc/flake.nix +++ b/flakes/private/openarc/flake.nix
@@ -1,63 +1,47 @@
1	{	1	{
2	inputs.openarc = {	2	inputs.openarc.url = "path:../../openarc";
3	path = "../../openarc";	3	inputs.secrets.url = "path:../../secrets";
4	type = "path";	4	inputs.files-watcher.url = "path:../../files-watcher";
5	};
6	inputs.secrets = {
7	path = "../../secrets";
8	type = "path";
9	};
10	inputs.files-watcher = {
11	path = "../../files-watcher";
12	type = "path";
13	};
14	inputs.my-lib = {
15	path = "../../lib";
16	type = "path";
17	};
18	inputs.nix-lib.url = "github:NixOS/nixpkgs";
19		5
20	description = "Private configuration for openarc";	6	description = "Private configuration for openarc";
21	outputs = { self, nix-lib, my-lib, files-watcher, openarc, secrets }:	7	outputs = { self, files-watcher, openarc, secrets }: {
22	let	8	nixosModule = self.nixosModules.openarc;
23	cfg = name': { config, lib, pkgs, name, ... }: {	9	nixosModules.openarc = { config, pkgs, ... }: {
24	imports = [	10	imports = [
25	(my-lib.lib.withNarKey files-watcher "nixosModule")	11	files-watcher.nixosModule
26	(my-lib.lib.withNarKey openarc "nixosModule")	12	openarc.nixosModule
27	(my-lib.lib.withNarKey secrets "nixosModule")	13	secrets.nixosModule
28	];	14	];
29	config = lib.mkIf (name == name') {	15	config = {
30	services.openarc = {	16	services.openarc = {
31	enable = true;	17	enable = true;
32	user = "opendkim";	18	user = "opendkim";
33	socket = "/run/openarc/openarc.sock";	19	socket = "/run/openarc/openarc.sock";
34	group = config.services.postfix.group;	20	group = config.services.postfix.group;
35	configFile = pkgs.writeText "openarc.conf" ''	21	configFile = pkgs.writeText "openarc.conf" ''
36	AuthservID mail.immae.eu	22	AuthservID mail.immae.eu
37	Domain mail.immae.eu	23	Domain mail.immae.eu
38	KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"}	24	KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"}
39	Mode sv	25	Mode sv
40	Selector eldiron	26	Selector eldiron
41	SoftwareHeader yes	27	SoftwareHeader yes
42	Syslog Yes	28	Syslog Yes
43	'';
44	};
45	systemd.services.openarc.serviceConfig.Slice = "mail.slice";
46	systemd.services.openarc.postStart = ''
47	while [ ! -S ${config.services.openarc.socket} ]; do
48	sleep 0.5
49	done
50	chmod g+w ${config.services.openarc.socket}
51	'';	29	'';
52	services.filesWatcher.openarc = {	30	};
53	restart = true;	31	systemd.services.openarc.serviceConfig.Slice = "mail.slice";
54	paths = [	32	systemd.services.openarc.postStart = ''
55	config.secrets.fullPaths."opendkim/eldiron.private"	33	while [ ! -S ${config.services.openarc.socket} ]; do
56	];	34	sleep 0.5
57	};	35	done
		36	chmod g+w ${config.services.openarc.socket}
		37	'';
		38	services.filesWatcher.openarc = {
		39	restart = true;
		40	paths = [
		41	config.secrets.fullPaths."opendkim/eldiron.private"
		42	];
58	};	43	};
59	};	44	};
60	in	45	};
61	openarc.outputs //	46	};
62	{ nixosModules = openarc.nixosModules or {} // nix-lib.lib.genAttrs ["eldiron" "backup-2"] cfg; };
63	}	47	}