From f7c6f796fa348c2b3edfd9bc44d3e8533501681e Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Fri, 23 Aug 2024 20:09:41 +0200
Subject: ...

---
 hosts/sif/default.nix          |  1 +
 hosts/sif/mail/default.nix     |  5 -----
 modules/machine-id/default.nix | 36 ++++++++++++++++++++++++++++++++++++
 modules/machine-id/seed        |  1 +
 4 files changed, 38 insertions(+), 5 deletions(-)
 create mode 100644 modules/machine-id/default.nix
 create mode 100644 modules/machine-id/seed

diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix
index d2902f95..a0af9c29 100644
--- a/hosts/sif/default.nix
+++ b/hosts/sif/default.nix
@@ -680,6 +680,7 @@ in {
         "/var/lib/fprint"
         "/var/lib/bluetooth"
         "/var/lib/upower"
+        "/var/lib/postfix"
         "/etc/NetworkManager/system-connections"
         { directory = "/var/uucp"; user = "uucp"; group = "uucp"; mode = "0700"; }
         { directory = "/var/spool/uucp"; user = "uucp"; group = "uucp"; mode = "0750"; }
diff --git a/hosts/sif/mail/default.nix b/hosts/sif/mail/default.nix
index 4989150d..f36cd599 100644
--- a/hosts/sif/mail/default.nix
+++ b/hosts/sif/mail/default.nix
@@ -28,12 +28,7 @@
         args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ];
       };
     };
-    transport = ''
-      odin.asgard.yggdrasil uucp:odin
-    '';
     config = {
-      # always_bcc = "gkleen+sent@odin.asgard.yggdrasil";
-
       default_transport = "uucp:ymir";
 
       inet_interfaces = "loopback-only";
diff --git a/modules/machine-id/default.nix b/modules/machine-id/default.nix
new file mode 100644
index 00000000..2c33db26
--- /dev/null
+++ b/modules/machine-id/default.nix
@@ -0,0 +1,36 @@
+{ config, pkgs, lib, hostName, ... }:
+
+with lib;
+
+let
+  cfg = config.system.machine-id.generate;
+
+  generate = pkgs.writers.writePython3 "generate" {} ''
+    from hashlib import blake2s
+    from sys import argv
+    from base64 import b64decode
+
+
+    print(blake2s(
+        argv[2].strip().encode('utf-8'),
+        key=b64decode(argv[1]),
+        person=b'machn-id',
+        digest_size=16,
+    ).hexdigest())
+  '';
+
+  machine-id = trim (builtins.readFile (pkgs.runCommand "machine-id" { inherit hostName; } ''
+    ${generate} "${builtins.readFile ./seed}" "$hostName" > $out
+  ''));
+in {
+  options = {
+    system.machine-id.generate = {
+      enable = mkEnableOption "automatic generation of `/etc/machine-id`" // { default = true; };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    environment.etc."machine-id".text = mkDefault machine-id;
+    networking.hostId = mkDefault (substring 0 8 machine-id);
+  };
+}
diff --git a/modules/machine-id/seed b/modules/machine-id/seed
new file mode 100644
index 00000000..176ce403
--- /dev/null
+++ b/modules/machine-id/seed
@@ -0,0 +1 @@
+ZmOKMn16QBuqIix5RVMCBj11XxQrLCWxcdjs+qBiuRA=
-- 
cgit v1.2.3