diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2024-08-23 20:09:41 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2024-08-23 20:09:41 +0200 |
commit | f7c6f796fa348c2b3edfd9bc44d3e8533501681e (patch) | |
tree | 9fe21e6e85315a7c4b11f604dcee448971aabfb2 | |
parent | c6d39b2d83cf588e1198ac3a2ae1893e276271f9 (diff) | |
download | nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.gz nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.bz2 nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.xz nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.zip |
...
-rw-r--r-- | hosts/sif/default.nix | 1 | ||||
-rw-r--r-- | hosts/sif/mail/default.nix | 5 | ||||
-rw-r--r-- | modules/machine-id/default.nix | 36 | ||||
-rw-r--r-- | modules/machine-id/seed | 1 |
4 files changed, 38 insertions, 5 deletions
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index d2902f95..a0af9c29 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix | |||
@@ -680,6 +680,7 @@ in { | |||
680 | "/var/lib/fprint" | 680 | "/var/lib/fprint" |
681 | "/var/lib/bluetooth" | 681 | "/var/lib/bluetooth" |
682 | "/var/lib/upower" | 682 | "/var/lib/upower" |
683 | "/var/lib/postfix" | ||
683 | "/etc/NetworkManager/system-connections" | 684 | "/etc/NetworkManager/system-connections" |
684 | { directory = "/var/uucp"; user = "uucp"; group = "uucp"; mode = "0700"; } | 685 | { directory = "/var/uucp"; user = "uucp"; group = "uucp"; mode = "0700"; } |
685 | { directory = "/var/spool/uucp"; user = "uucp"; group = "uucp"; mode = "0750"; } | 686 | { directory = "/var/spool/uucp"; user = "uucp"; group = "uucp"; mode = "0750"; } |
diff --git a/hosts/sif/mail/default.nix b/hosts/sif/mail/default.nix index 4989150d..f36cd599 100644 --- a/hosts/sif/mail/default.nix +++ b/hosts/sif/mail/default.nix | |||
@@ -28,12 +28,7 @@ | |||
28 | args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ]; | 28 | args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ]; |
29 | }; | 29 | }; |
30 | }; | 30 | }; |
31 | transport = '' | ||
32 | odin.asgard.yggdrasil uucp:odin | ||
33 | ''; | ||
34 | config = { | 31 | config = { |
35 | # always_bcc = "gkleen+sent@odin.asgard.yggdrasil"; | ||
36 | |||
37 | default_transport = "uucp:ymir"; | 32 | default_transport = "uucp:ymir"; |
38 | 33 | ||
39 | inet_interfaces = "loopback-only"; | 34 | inet_interfaces = "loopback-only"; |
diff --git a/modules/machine-id/default.nix b/modules/machine-id/default.nix new file mode 100644 index 00000000..2c33db26 --- /dev/null +++ b/modules/machine-id/default.nix | |||
@@ -0,0 +1,36 @@ | |||
1 | { config, pkgs, lib, hostName, ... }: | ||
2 | |||
3 | with lib; | ||
4 | |||
5 | let | ||
6 | cfg = config.system.machine-id.generate; | ||
7 | |||
8 | generate = pkgs.writers.writePython3 "generate" {} '' | ||
9 | from hashlib import blake2s | ||
10 | from sys import argv | ||
11 | from base64 import b64decode | ||
12 | |||
13 | |||
14 | print(blake2s( | ||
15 | argv[2].strip().encode('utf-8'), | ||
16 | key=b64decode(argv[1]), | ||
17 | person=b'machn-id', | ||
18 | digest_size=16, | ||
19 | ).hexdigest()) | ||
20 | ''; | ||
21 | |||
22 | machine-id = trim (builtins.readFile (pkgs.runCommand "machine-id" { inherit hostName; } '' | ||
23 | ${generate} "${builtins.readFile ./seed}" "$hostName" > $out | ||
24 | '')); | ||
25 | in { | ||
26 | options = { | ||
27 | system.machine-id.generate = { | ||
28 | enable = mkEnableOption "automatic generation of `/etc/machine-id`" // { default = true; }; | ||
29 | }; | ||
30 | }; | ||
31 | |||
32 | config = mkIf cfg.enable { | ||
33 | environment.etc."machine-id".text = mkDefault machine-id; | ||
34 | networking.hostId = mkDefault (substring 0 8 machine-id); | ||
35 | }; | ||
36 | } | ||
diff --git a/modules/machine-id/seed b/modules/machine-id/seed new file mode 100644 index 00000000..176ce403 --- /dev/null +++ b/modules/machine-id/seed | |||
@@ -0,0 +1 @@ | |||
ZmOKMn16QBuqIix5RVMCBj11XxQrLCWxcdjs+qBiuRA= | |||