Merge remote-tracking branch 'ni/master'

This commit is contained in:
lassulus 2022-12-08 13:11:27 +01:00
commit d7341bbff6
6 changed files with 65 additions and 12 deletions

View File

@ -12,6 +12,8 @@ let
api = {
enable = mkEnableOption "krebs.exim-smarthost";
enableSPFVerification = mkEnableOption "SPF verification";
authenticators = mkOption {
type = types.attrsOf types.str;
default = {};
@ -126,8 +128,9 @@ let
domainlist sender_domains = ${concatStringsSep ":" cfg.sender_domains}
hostlist relay_from_hosts = <;${concatStringsSep ";" cfg.relay_from_hosts}
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
never_users = root
@ -179,6 +182,41 @@ let
accept
acl_check_mail:
${if cfg.enableSPFVerification then indent /* exim */ ''
accept
authenticated = *
accept
hosts = +relay_from_hosts
deny
spf = fail : softfail
log_message = spf=$spf_result
message = SPF validation failed: \
$sender_host_address is not allowed to send mail from \
''${if def:sender_address_domain\
{$sender_address_domain}\
{$sender_helo_name}}
deny
spf = permerror
log_message = spf=$spf_result
message = SPF validation failed: \
syntax error in SPF record(s) for \
''${if def:sender_address_domain\
{$sender_address_domain}\
{$sender_helo_name}}
defer
spf = temperror
log_message = spf=$spf_result; deferred
message = temporary error during SPF validation; \
please try again later
warn
spf = none : neutral
log_message = spf=$spf_result
accept
add_header = $spf_received
'' else indent /* exim */ ''
accept
''}
begin routers

View File

@ -2,6 +2,12 @@
with import <stockholm/lib>;
let
optionalAttr = name: value:
if name != null then
{ ${name} = value; }
else
{};
cfg = config.krebs.htgen;
out = {
@ -30,8 +36,15 @@ let
};
script = mkOption {
type = types.str;
type = types.nullOr types.str;
default = null;
};
scriptFile = mkOption {
type = types.nullOr types.str;
default = null;
};
user = mkOption {
type = types.user;
default = {
@ -54,8 +67,10 @@ let
after = [ "network.target" ];
environment = {
HTGEN_PORT = toString htgen.port;
HTGEN_SCRIPT = htgen.script;
};
}
// optionalAttr "HTGEN_SCRIPT" htgen.script
// optionalAttr "HTGEN_SCRIPT_FILE" htgen.scriptFile
;
serviceConfig = {
SyslogIdentifier = "htgen";
User = htgen.user.name;

View File

@ -1,13 +1,12 @@
{ fetchgit, lib, pkgs, stdenv }:
stdenv.mkDerivation rec {
pname = "htgen";
version = "1.3.1";
version = "1.4.0";
#src = <htgen>;
src = fetchgit {
url = "http://cgit.krebsco.de/htgen";
url = "https://cgit.krebsco.de/htgen";
rev = "refs/tags/${version}";
sha256 = "0ml8kp89bwkrwy6iqclzyhxgv2qn9dcpwaafbmsr4mgcl70zx22r";
sha256 = "1k6xdr4g1p2wjiyizwh33ihw3azbar7kmhyxywcq0whpip9inpmj";
};
installPhase = ''

View File

@ -61,6 +61,9 @@ in
emulateWheel = true;
};
# Conflicts with TLP, but gets enabled by DEs.
services.power-profiles-daemon.enable = false;
services.tlp.enable = true;
services.tlp.settings = {
START_CHARGE_THRESH_BAT0 = 80;

View File

@ -18,8 +18,6 @@ with import <stockholm/lib>;
krebs.htgen.imgur = {
port = 7771;
script = /* sh */ ''
(. ${pkgs.htgen-imgur}/bin/htgen-imgur)
'';
scriptFile = "${pkgs.htgen-imgur}/bin/htgen-imgur";
};
}

View File

@ -32,7 +32,7 @@ stdenv.mkDerivation rec {
preFixup = ''
patchelf --set-interpreter \
${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \
${pkgs.pkgsi686Linux.glibc}/lib/ld-linux-x86-64.so.2 \
$out/lib/utsushi/networkscan
# libstdc++.so.6