diff options
Diffstat (limited to 'flakes/private/openarc/flake.nix')
-rw-r--r-- | flakes/private/openarc/flake.nix | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix new file mode 100644 index 0000000..6a2518b --- /dev/null +++ b/flakes/private/openarc/flake.nix | |||
@@ -0,0 +1,46 @@ | |||
1 | { | ||
2 | inputs.openarc = { | ||
3 | url = "https://git.immae.eu/perso/Immae/Config/Nix.git"; | ||
4 | type = "git"; | ||
5 | dir = "flakes/openarc"; | ||
6 | }; | ||
7 | inputs.nixpkgs.url = "github:NixOS/nixpkgs"; | ||
8 | |||
9 | description = "Private configuration for openarc"; | ||
10 | outputs = { self, nixpkgs, openarc }: | ||
11 | let | ||
12 | cfg = name': { config, lib, pkgs, name, ... }: lib.mkIf (name == name') { | ||
13 | services.openarc = { | ||
14 | enable = true; | ||
15 | user = "opendkim"; | ||
16 | socket = "local:${config.myServices.mail.milters.sockets.openarc}"; | ||
17 | group = config.services.postfix.group; | ||
18 | configFile = pkgs.writeText "openarc.conf" '' | ||
19 | AuthservID mail.immae.eu | ||
20 | Domain mail.immae.eu | ||
21 | KeyFile ${config.secrets.fullPaths."opendkim/eldiron.private"} | ||
22 | Mode sv | ||
23 | Selector eldiron | ||
24 | SoftwareHeader yes | ||
25 | Syslog Yes | ||
26 | ''; | ||
27 | }; | ||
28 | systemd.services.openarc.serviceConfig.Slice = "mail.slice"; | ||
29 | systemd.services.openarc.postStart = lib.optionalString | ||
30 | (lib.strings.hasPrefix "local:" config.services.openarc.socket) '' | ||
31 | while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do | ||
32 | sleep 0.5 | ||
33 | done | ||
34 | chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket} | ||
35 | ''; | ||
36 | services.filesWatcher.openarc = { | ||
37 | restart = true; | ||
38 | paths = [ | ||
39 | config.secrets.fullPaths."opendkim/eldiron.private" | ||
40 | ]; | ||
41 | }; | ||
42 | }; | ||
43 | in | ||
44 | openarc.outputs // | ||
45 | { nixosModules = openarc.nixosModules or {} // nixpkgs.lib.genAttrs ["eldiron" "backup-2"] cfg; }; | ||
46 | } | ||