summaryrefslogtreecommitdiff
path: root/ymir.nix
diff options
context:
space:
mode:
Diffstat (limited to 'ymir.nix')
-rw-r--r--ymir.nix12
1 files changed, 9 insertions, 3 deletions
diff --git a/ymir.nix b/ymir.nix
index 5f4c4969..6e68e01c 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -1,5 +1,7 @@
1{ config, pkgs, lib, ... }: 1{ config, pkgs, lib, ... }:
2 2
3with lib;
4
3let 5let
4 luaPam = pkgs.callPackage ./custom/luaPam.nix {}; 6 luaPam = pkgs.callPackage ./custom/luaPam.nix {};
5 luaPosix = pkgs.callPackage ./custom/luaPosix.nix {}; 7 luaPosix = pkgs.callPackage ./custom/luaPosix.nix {};
@@ -22,6 +24,10 @@ let
22 "ymir.kleen.li" "kleen.li" "www.kleen.li" 24 "ymir.kleen.li" "kleen.li" "www.kleen.li"
23 "ymir.nights.email" "nights.email" "www.nights.email" 25 "ymir.nights.email" "nights.email" "www.nights.email"
24 ]; 26 ];
27
28 dnsZones = listToAttrs (flatten (mapAttrsToList dnsZone (readDir ./custom/ymir/zones)));
29 dnsZone = fName: type: optional (type == "regular" || type == "symlink") (nameValuePair (dnsZoneName fName) (readFile (./custom/ymir/zones + fName)))
30 dnsZoneName = fName: concatStringsSep "." (reverseList (splitString "." (removeSuffix ".soa" fName)))
25in rec { 31in rec {
26 imports = 32 imports =
27 [ 33 [
@@ -688,7 +694,7 @@ in rec {
688 enable = true; 694 enable = true;
689 user = "postfix"; group = "postfix"; 695 user = "postfix"; group = "postfix";
690 socket = "local:/var/lib/postfix/queue/private/dkim"; 696 socket = "local:/var/lib/postfix/queue/private/dkim";
691 domains = ''csl:${pkgs.lib.concatStringsSep "," myDomains}''; 697 domains = ''csl:${concatStringsSep "," myDomains}'';
692 keyPath = "/var/lib/dkim/"; 698 keyPath = "/var/lib/dkim/";
693 selector = "ymir"; 699 selector = "ymir";
694 configFile = builtins.toFile "opendkim.conf" '' 700 configFile = builtins.toFile "opendkim.conf" ''
@@ -903,7 +909,7 @@ in rec {
903 "185.181.104.96 NOKEY" 909 "185.181.104.96 NOKEY"
904 ]; 910 ];
905 outgoingInterface = "188.68.51.254"; 911 outgoingInterface = "188.68.51.254";
906 children = (import ./ymir/zones/index.nix { inherit (pkgs) lib; }); 912 children = dnsZones;
907 dnssec = true; 913 dnssec = true;
908 dnssecPolicy = { 914 dnssecPolicy = {
909 coverage = "2mo"; 915 coverage = "2mo";
@@ -1041,6 +1047,6 @@ in rec {
1041 ''; 1047 '';
1042 1048
1043 users.extraUsers."vsftpd" = { 1049 users.extraUsers."vsftpd" = {
1044 home = lib.mkForce "/srv/ftp"; 1050 home = mkForce "/srv/ftp";
1045 }; 1051 };
1046} 1052}