...

author: Gregor Kleen <gkleen@yggdrasil.li> 2024-08-23 20:09:41 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2024-08-23 20:09:41 +0200
commit: f7c6f796fa348c2b3edfd9bc44d3e8533501681e (patch)
tree: 9fe21e6e85315a7c4b11f604dcee448971aabfb2
parent: c6d39b2d83cf588e1198ac3a2ae1893e276271f9 (diff)
download: nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar
nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.gz
nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.bz2
nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.xz
nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.zip
4 files changed, 38 insertions, 5 deletions
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix
index d2902f95..a0af9c29 100644
--- a/hosts/sif/default.nix
+++ b/hosts/sif/default.nix
@@ -680,6 +680,7 @@ in {
        "/var/lib/fprint"
        "/var/lib/bluetooth"
        "/var/lib/upower"
+        "/var/lib/postfix"
        "/etc/NetworkManager/system-connections"
        { directory = "/var/uucp"; user = "uucp"; group = "uucp"; mode = "0700"; }
        { directory = "/var/spool/uucp"; user = "uucp"; group = "uucp"; mode = "0750"; }
diff --git a/hosts/sif/mail/default.nix b/hosts/sif/mail/default.nix
index 4989150d..f36cd599 100644
--- a/hosts/sif/mail/default.nix
+++ b/hosts/sif/mail/default.nix
@@ -28,12 +28,7 @@
        args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ];
      };
    };
-    transport = ''
-      odin.asgard.yggdrasil uucp:odin
-    '';
    config = {
-      # always_bcc = "gkleen+sent@odin.asgard.yggdrasil";
      default_transport = "uucp:ymir";
      inet_interfaces = "loopback-only";
diff --git a/modules/machine-id/default.nix b/modules/machine-id/default.nix
new file mode 100644
index 00000000..2c33db26
--- /dev/null
+++ b/modules/machine-id/default.nix
@@ -0,0 +1,36 @@
+{ config, pkgs, lib, hostName, ... }:
+with lib;
+let
+  cfg = config.system.machine-id.generate;
+  generate = pkgs.writers.writePython3 "generate" {} ''
+    from hashlib import blake2s
+    from sys import argv
+    from base64 import b64decode
+    print(blake2s(
+        argv[2].strip().encode('utf-8'),
+        key=b64decode(argv[1]),
+        person=b'machn-id',
+        digest_size=16,
+    ).hexdigest())
+  '';
+  machine-id = trim (builtins.readFile (pkgs.runCommand "machine-id" { inherit hostName; } ''
+    ${generate} "${builtins.readFile ./seed}" "$hostName" > $out
+  ''));
+in {
+  options = {
+    system.machine-id.generate = {
+      enable = mkEnableOption "automatic generation of `/etc/machine-id`" // { default = true; };
+    };
+  };
+  config = mkIf cfg.enable {
+    environment.etc."machine-id".text = mkDefault machine-id;
+    networking.hostId = mkDefault (substring 0 8 machine-id);
+  };
+}
diff --git a/modules/machine-id/seed b/modules/machine-id/seed
new file mode 100644
index 00000000..176ce403
--- /dev/null
+++ b/modules/machine-id/seed
@@ -0,0 +1 @@
+ZmOKMn16QBuqIix5RVMCBj11XxQrLCWxcdjs+qBiuRA=
author	Gregor Kleen <gkleen@yggdrasil.li>	2024-08-23 20:09:41 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2024-08-23 20:09:41 +0200
commit	f7c6f796fa348c2b3edfd9bc44d3e8533501681e (patch)
tree	9fe21e6e85315a7c4b11f604dcee448971aabfb2
parent	c6d39b2d83cf588e1198ac3a2ae1893e276271f9 (diff)
download	nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.gz nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.bz2 nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.tar.xz nixos-f7c6f796fa348c2b3edfd9bc44d3e8533501681e.zip

diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index d2902f95..a0af9c29 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix
@@ -680,6 +680,7 @@ in {
680	"/var/lib/fprint"	680	"/var/lib/fprint"
681	"/var/lib/bluetooth"	681	"/var/lib/bluetooth"
682	"/var/lib/upower"	682	"/var/lib/upower"
		683	"/var/lib/postfix"
683	"/etc/NetworkManager/system-connections"	684	"/etc/NetworkManager/system-connections"
684	{ directory = "/var/uucp"; user = "uucp"; group = "uucp"; mode = "0700"; }	685	{ directory = "/var/uucp"; user = "uucp"; group = "uucp"; mode = "0700"; }
685	{ directory = "/var/spool/uucp"; user = "uucp"; group = "uucp"; mode = "0750"; }	686	{ directory = "/var/spool/uucp"; user = "uucp"; group = "uucp"; mode = "0750"; }


diff --git a/hosts/sif/mail/default.nix b/hosts/sif/mail/default.nix index 4989150d..f36cd599 100644 --- a/hosts/sif/mail/default.nix +++ b/hosts/sif/mail/default.nix
@@ -28,12 +28,7 @@
28	args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ];	28	args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ];
29	};	29	};
30	};	30	};
31	transport = ''
32	odin.asgard.yggdrasil uucp:odin
33	'';
34	config = {	31	config = {
35	# always_bcc = "gkleen+sent@odin.asgard.yggdrasil";
36
37	default_transport = "uucp:ymir";	32	default_transport = "uucp:ymir";
38		33
39	inet_interfaces = "loopback-only";	34	inet_interfaces = "loopback-only";


diff --git a/modules/machine-id/default.nix b/modules/machine-id/default.nix new file mode 100644 index 00000000..2c33db26 --- /dev/null +++ b/modules/machine-id/default.nix
@@ -0,0 +1,36 @@
		1	{ config, pkgs, lib, hostName, ... }:
		2
		3	with lib;
		4
		5	let
		6	cfg = config.system.machine-id.generate;
		7
		8	generate = pkgs.writers.writePython3 "generate" {} ''
		9	from hashlib import blake2s
		10	from sys import argv
		11	from base64 import b64decode
		12
		13
		14	print(blake2s(
		15	argv[2].strip().encode('utf-8'),
		16	key=b64decode(argv[1]),
		17	person=b'machn-id',
		18	digest_size=16,
		19	).hexdigest())
		20	'';
		21
		22	machine-id = trim (builtins.readFile (pkgs.runCommand "machine-id" { inherit hostName; } ''
		23	${generate} "${builtins.readFile ./seed}" "$hostName" > $out
		24	''));
		25	in {
		26	options = {
		27	system.machine-id.generate = {
		28	enable = mkEnableOption "automatic generation of `/etc/machine-id`" // { default = true; };
		29	};
		30	};
		31
		32	config = mkIf cfg.enable {
		33	environment.etc."machine-id".text = mkDefault machine-id;
		34	networking.hostId = mkDefault (substring 0 8 machine-id);
		35	};
		36	}


diff --git a/modules/machine-id/seed b/modules/machine-id/seed new file mode 100644 index 00000000..176ce403 --- /dev/null +++ b/modules/machine-id/seed
@@ -0,0 +1 @@
			ZmOKMn16QBuqIix5RVMCBj11XxQrLCWxcdjs+qBiuRA=