From 910c2e9eb4996bfa12cd1ef925843403f7d3e154 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Thu, 7 Oct 2021 15:22:57 +0200
Subject: Refactor opendmarc/openarc flakes

---
 flakes/private/openarc/flake.lock | 10 +++++-----
 flakes/private/openarc/flake.nix  | 16 ++++++++++------
 2 files changed, 15 insertions(+), 11 deletions(-)

(limited to 'flakes/private/openarc')

diff --git a/flakes/private/openarc/flake.lock b/flakes/private/openarc/flake.lock
index 76ddaed..f0f56c7 100644
--- a/flakes/private/openarc/flake.lock
+++ b/flakes/private/openarc/flake.lock
@@ -31,7 +31,7 @@
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "narHash": "sha256-YJREl39cf4zrFdAULMu1Yjg7hIEZCLuCnP8qJvWbIvM=",
+        "narHash": "sha256-HGNP1eH7b42BxViYx/F3ZPO9CM1X+5qfA9JoP2ArN+s=",
         "path": "../../lib",
         "type": "path"
       },
@@ -59,11 +59,11 @@
     },
     "nix-lib": {
       "locked": {
-        "lastModified": 1629758329,
-        "narHash": "sha256-Qdno5vgP0pnc+nEB5DjYGseW+4MuXiJMfc6cHwalCXY=",
+        "lastModified": 1633008342,
+        "narHash": "sha256-wZV5YidnsqV/iufDIhaZip3LzwUGeIt8wtdiGS5+cXc=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "99967a54d893b9742b38809ccfe3172b6918bdef",
+        "rev": "6eae8a116011f4db0aa5146f364820024411d6bb",
         "type": "github"
       },
       "original": {
@@ -110,7 +110,7 @@
         "openarc": "openarc_2"
       },
       "locked": {
-        "narHash": "sha256-w+MiC+2IBNsXJT9Ln5TBfipv0eCqZOdyY/BYGFVu+nk=",
+        "narHash": "sha256-ilrfNs6jpi1OceDE3y1atkovECx6PKNWubwLc0Sjx+s=",
         "path": "../../openarc",
         "type": "path"
       },
diff --git a/flakes/private/openarc/flake.nix b/flakes/private/openarc/flake.nix
index 9cc9aed..5c4b73c 100644
--- a/flakes/private/openarc/flake.nix
+++ b/flakes/private/openarc/flake.nix
@@ -17,12 +17,17 @@
   outputs = { self, nix-lib, my-lib, files-watcher, openarc }:
     let
       cfg = name': { config, lib, pkgs, name, ... }: {
-        imports = [ (my-lib.lib.withNarKey files-watcher "nixosModule") ];
+        imports = [
+          (my-lib.lib.withNarKey files-watcher "nixosModule")
+          (my-lib.lib.withNarKey openarc "nixosModule")
+          #FIXME:
+          #(my-lib.lib.withNarKey secrets "nixosModule")
+        ];
         config = lib.mkIf (name == name') {
           services.openarc = {
             enable = true;
             user = "opendkim";
-            socket = "local:${config.myServices.mail.milters.sockets.openarc}";
+            socket = "/run/openarc/openarc.sock";
             group = config.services.postfix.group;
             configFile = pkgs.writeText "openarc.conf" ''
               AuthservID              mail.immae.eu
@@ -35,12 +40,11 @@
               '';
           };
           systemd.services.openarc.serviceConfig.Slice = "mail.slice";
-          systemd.services.openarc.postStart = lib.optionalString
-                (lib.strings.hasPrefix "local:" config.services.openarc.socket) ''
-            while [ ! -S ${lib.strings.removePrefix "local:" config.services.openarc.socket} ]; do
+          systemd.services.openarc.postStart = ''
+            while [ ! -S ${config.services.openarc.socket} ]; do
               sleep 0.5
             done
-            chmod g+w ${lib.strings.removePrefix "local:" config.services.openarc.socket}
+            chmod g+w ${config.services.openarc.socket}
             '';
           services.filesWatcher.openarc = {
             restart = true;
-- 
cgit v1.2.3