summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ymir.nix46
1 files changed, 29 insertions, 17 deletions
diff --git a/ymir.nix b/ymir.nix
index 22638a0e..b99e396b 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -47,25 +47,25 @@ in rec {
47 }); 47 });
48 uwsgi = pkgs.callPackage ./customized/uwsgi.nix { 48 uwsgi = pkgs.callPackage ./customized/uwsgi.nix {
49 extraPlugins = [ 49 extraPlugins = [
50 { name = "cgi"; 50 { name = "cgi";
51 interpreter = pkgs.python3; 51 interpreter = pkgs.python3;
52 path = "plugins/cgi"; 52 path = "plugins/cgi";
53 deps = [ pkgs.python3 ]; 53 deps = [ pkgs.python3 ];
54 install = '' 54 install = ''
55 ${pkgs.python3.executable} -m compileall $out/${pkgs.python3.sitePackages}/ 55 ${pkgs.python3.executable} -m compileall $out/${pkgs.python3.sitePackages}/
56 ${pkgs.python3.executable} -O -m compileall $out/${pkgs.python3.sitePackages}/ 56 ${pkgs.python3.executable} -O -m compileall $out/${pkgs.python3.sitePackages}/
57 ''; 57 '';
58 } 58 }
59 ]; 59 ];
60 plugins = []; 60 plugins = [];
61 }; 61 };
62 cgit = pkgs.stdenv.lib.overrideDerivation pkgs.cgit (oldAttrs : { 62 cgit = pkgs.stdenv.lib.overrideDerivation pkgs.cgit (oldAttrs : {
63 buildInputs = oldAttrs.buildInputs ++ [ 63 buildInputs = oldAttrs.buildInputs ++ [
64 pkgs.perl 64 pkgs.perl
65 pkgs.python3 65 pkgs.python3
66 pkgs.makeWrapper 66 pkgs.makeWrapper
67 ]; 67 ];
68 postInstall = let 68 postInstall = let
69 pythonEnv = pkgs.python3.buildEnv.override { extraLibs = with pkgs.python3Packages; [ pygments markdown ]; }; 69 pythonEnv = pkgs.python3.buildEnv.override { extraLibs = with pkgs.python3Packages; [ pygments markdown ]; };
70 in '' 70 in ''
71 wrapProgram $out/lib/cgit/filters/syntax-highlighting.py --prefix PYTHONPATH ':' ${pythonEnv}/lib/*/site-packages 71 wrapProgram $out/lib/cgit/filters/syntax-highlighting.py --prefix PYTHONPATH ':' ${pythonEnv}/lib/*/site-packages
@@ -113,6 +113,7 @@ in rec {
113 rsync 113 rsync
114 tmux 114 tmux
115 zsh 115 zsh
116 mlmmj
116 ]; 117 ];
117 118
118 networking = { 119 networking = {
@@ -369,6 +370,7 @@ in rec {
369 370
370 transport_maps = regexp:${pkgs.writeText "transport" '' 371 transport_maps = regexp:${pkgs.writeText "transport" ''
371 /^gkleen[@\+]/ uucp:isaac 372 /^gkleen[@\+]/ uucp:isaac
373 /^([^\+]+)@(lists|l)\..*/ mlmmj:$1
372 ''} 374 ''}
373 375
374 luser_relay = gkleen+''${local} 376 luser_relay = gkleen+''${local}
@@ -411,10 +413,14 @@ in rec {
411 permit_sasl_authenticated, 413 permit_sasl_authenticated,
412 reject_unauth_destination 414 reject_unauth_destination
413 415
416 mlmmj_destination_recipient_limit = 1
417 propagate_unmatched_extensions = virtual
418
414 alias_maps = hash:/etc/postfix/aliases texthash:/srv/mail/spm 419 alias_maps = hash:/etc/postfix/aliases texthash:/srv/mail/spm
415 ''; 420 '';
416 extraMasterConf = '' 421 extraMasterConf = ''
417 uucp unix - n n - - pipe flags=Fqhu user=uucp argv=/var/setuid-wrappers/uux -z -a$sender - $nexthop!rmail ($recipient) 422 uucp unix - n n - - pipe flags=Fqhu user=uucp argv=/var/setuid-wrappers/uux -z -a$sender - $nexthop!rmail ($recipient)
423 mlmmj unix - n n - - pipe flags=ORhu user=mlmmj argv=${pkgs.mlmmj}/bin/mlmmj-receive -F -L /var/spool/lists/$nexthop
418 ''; 424 '';
419 networks = ["127.0.0.0/8" "[::ffff:127.0.0.0]/104" "[::1]/128" "10.141.0.0/16"]; 425 networks = ["127.0.0.0/8" "[::ffff:127.0.0.0]/104" "[::1]/128" "10.141.0.0/16"];
420 }; 426 };
@@ -474,6 +480,12 @@ in rec {
474 ''; 480 '';
475 users.groups."mail" = {}; 481 users.groups."mail" = {};
476 482
483 users.extraUsers."mlmmj" = {
484 isSystemUser = true;
485 home = "/var/spool/lists";
486 createHome = true;
487 };
488
477 security.acme = { 489 security.acme = {
478 certs = { 490 certs = {
479 "yggdrasil.li" = { 491 "yggdrasil.li" = {
@@ -482,7 +494,7 @@ in rec {
482 webroot = "/srv/www/acme/yggdrasil.li"; 494 webroot = "/srv/www/acme/yggdrasil.li";
483 email = "phikeebaogobaegh@141.li"; 495 email = "phikeebaogobaegh@141.li";
484 extraDomains = builtins.listToAttrs (builtins.map (name: { inherit name; value = "/srv/www/acme/${name}"; }) 496 extraDomains = builtins.listToAttrs (builtins.map (name: { inherit name; value = "/srv/www/acme/${name}"; })
485 ["dirty-haskell.org" "www.dirty-haskell.org" "files.141.li" "f.141.li" "ymir.141.li" "141.li" "www.141.li" "ymir.xmpp.li" "xmpp.li" "www.xmpp.li" "files.yggdrasil.li" "f.yggdrasil.li" "ymir.yggdrasil.li" "git.yggdrasil.li" "www.yggdrasil.li" "yggdrasil.li" "files.praseodym.org" "f.praseodym.org" "ymir.praseodym.org" "praseodym.org" "www.praseodym.org"]); 497 ["dirty-haskell.org" "www.dirty-haskell.org" "lists.dirty-haskell.org" "l.dirty-haskell.org" "files.141.li" "f.141.li" "ymir.141.li" "141.li" "www.141.li" "lists.141.li" "l.141.li" "ymir.xmpp.li" "xmpp.li" "www.xmpp.li" "lists.xmpp.li" "l.xmpp.li" "files.yggdrasil.li" "f.yggdrasil.li" "ymir.yggdrasil.li" "git.yggdrasil.li" "www.yggdrasil.li" "yggdrasil.li" "lists.yggdrasil.li" "l.yggdrasil.li" "files.praseodym.org" "f.praseodym.org" "ymir.praseodym.org" "praseodym.org" "www.praseodym.org" "lists.praseodym.org" "l.praseodym.org"]);
486 postRun = '' 498 postRun = ''
487 systemctl reload nginx.service 499 systemctl reload nginx.service
488 prosodyctl reload 500 prosodyctl reload
@@ -506,7 +518,7 @@ in rec {
506 IdentityFile ~/.ssh/odin 518 IdentityFile ~/.ssh/odin
507 Host hel 519 Host hel
508 Hostname hel.midgard.yggdrasil 520 Hostname hel.midgard.yggdrasil
509 IdentityFile ~/.ssh/hel 521 IdentityFile ~/.ssh/hel
510 ''; 522 '';
511 commandPath = ["${pkgs.rmail}/bin" "${pkgs.push2bin}/bin"]; 523 commandPath = ["${pkgs.rmail}/bin" "${pkgs.push2bin}/bin"];
512 defaultCommands = ["rmail" "push2bin"]; 524 defaultCommands = ["rmail" "push2bin"];