raphael/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

core(flake): adding agenix to the flake

Browse source
This commit is contained in:
Raphael 2025-10-16 16:31:23 +02:00
parent c0c7fd7be3
commit 659333ca9f
No known key found for this signature in database
2 changed files with 21 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
flake.nix
View file

@ -7,6 +7,7 @@
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
agenix.url = "github:ryantm/agenix";
hm-config.url = "github:EniumRaphael/home-manager"; hm-config.url = "github:EniumRaphael/home-manager";
minecraft.url = "github:Infinidoge/nix-minecraft"; minecraft.url = "github:Infinidoge/nix-minecraft";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
@ -23,6 +24,7 @@
self, self,
nixpkgs, nixpkgs,
flake-utils, flake-utils,
agenix,
home-manager, home-manager,
hm-config, hm-config,
catppuccin, catppuccin,
@ -61,6 +63,7 @@
modules = [ modules = [
./hosts/server/configuration.nix ./hosts/server/configuration.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
agenix.nixosModules.default
{ {
home-manager.sharedModules = [ catppuccin.homeModules.catppuccin ]; home-manager.sharedModules = [ catppuccin.homeModules.catppuccin ];
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;

23
services/self_host/mail.nix
View file

@ -7,7 +7,8 @@
let let
cfg = config.service.selfhost.mail; cfg = config.service.selfhost.mail;
mailjetSecrets = import ../../.mailjetcred.nix; mailjet-user = config.age.secrets."mailjet-user".path;
mailjet-pass = config.age.secrets."mailjet-pass".path;
in in
{ {
config = lib.mkIf cfg { config = lib.mkIf cfg {
@ -99,14 +100,20 @@ in
}; };
}; };
}; };
environment.etc."postfix-sasl_passwd" = { # environment.etc."postfix-sasl_passwd" = {
text = "[in-v3.mailjet.com]:587 ${mailjetSecrets.smtpUser}:${mailjetSecrets.smtpPass}\n"; # text = "[in-v3.mailjet.com]:587 ${mailjetSecrets.smtpUser}:${mailjetSecrets.smtpPass}\n";
mode = "0600"; # mode = "0600";
}; # };
environment.etc."postfix-recipient_access".text = '' environment.etc."postfix-recipient_access".text = ''
no-reply@enium.eu REJECT 550 Cette adresse nest pas autorise a recevoir de mail no-reply@enium.eu REJECT 550 Cette adresse nest pas autorise a recevoir de mail
''; '';
systemd.services.postfix.preStart = lib.mkMerge [ systemd.services.postfix.preStart = lib.mkMerge [
(lib.mkBefore ''
umask 077
install -d -m 0700 /var/lib/postfix
echo "[in-v3.mailjet.com]:587 $(cat ${mailjet-user}):$(cat ${mailjet-pass})" > /var/lib/postfix/sasl_passwd
${pkgs.postfix}/bin/postmap /var/lib/postfix/sasl_passwd
'')
(lib.mkAfter '' (lib.mkAfter ''
install -Dm600 /etc/postfix-sasl_passwd /var/lib/postfix/sasl_passwd install -Dm600 /etc/postfix-sasl_passwd /var/lib/postfix/sasl_passwd
${pkgs.postfix}/bin/postmap /var/lib/postfix/sasl_passwd ${pkgs.postfix}/bin/postmap /var/lib/postfix/sasl_passwd
@ -181,6 +188,12 @@ in
''; '';
}; };
systemd.services.postfix.requires = [
"agenix.service"
];
systemd.services.postfix.after = [
"agenix.service"
];
systemd.services.dovecot.after = [ systemd.services.dovecot.after = [
"postfix-setup.service" "postfix-setup.service"
"postfix.service" "postfix.service"