security-workarounds: let exim run with gnutls

2022-11-01 11:09:48 +01:00 · 2022-11-01 11:09:48 +01:00 · a5c08e9699
commit a5c08e9699
parent e5bb7bf7d1
1 changed files with 16 additions and 0 deletions
--- a/krebs/2configs/security-workarounds.nix
+++ b/krebs/2configs/security-workarounds.nix
@ -1,4 +1,20 @@
 { config, lib, pkgs, ... }:
 {
+  nixpkgs.overlays = [
+    (self: super: {
+      exim =
+        super.exim.overrideAttrs (old: {
+          buildInputs = old.buildInputs ++ [ self.gnutls ];
+          preBuild = /* sh */ ''
+            ${old.preBuild}
+            sed -Ei '
+              s:^USE_OPENSSL=.*:# &:
+              s:^# (USE_GNUTLS)=.*:\1=yes:
+              s:^# (USE_GNUTLS_PC=.*):\1:
+            ' Local/Makefile
+          '';
+        });
+    })
+  ];
  services.nginx.package = lib.mkDefault (pkgs.nginxStable.override { openssl = pkgs.libressl; });
 }