Merge remote-tracking branch 'cd/master'
This commit is contained in:
commit
facb65bd22
11
Makefile
11
Makefile
@ -9,6 +9,7 @@ export STOCKHOLM_VERSION ?= $(shell \
|
||||
printf '%s' "$$date.$$version"; \
|
||||
)
|
||||
|
||||
system ?= $(HOSTNAME)
|
||||
$(if $(system),,$(error unbound variable: system))
|
||||
|
||||
nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system).nix
|
||||
@ -54,15 +55,17 @@ evaluate = \
|
||||
--show-trace \
|
||||
-I nixos-config=$(nixos-config) \
|
||||
-I stockholm=$(stockholm) \
|
||||
-E '{ eval, f }: f eval' \
|
||||
--arg eval 'import ./.' \
|
||||
--arg f "eval@{ config, ... }: $(1)"
|
||||
-E "let eval = import <stockholm>; in with eval; $(1)"
|
||||
|
||||
execute = \
|
||||
result=$$($(call evaluate,config.krebs.build.$(1))) && \
|
||||
script=$$(echo "$$result" | jq -r .) && \
|
||||
echo "$$script" | PS5=% sh
|
||||
|
||||
ifeq ($(MAKECMDGOALS),)
|
||||
$(error No goals specified)
|
||||
endif
|
||||
|
||||
# usage: make deploy system=foo [target_host=bar]
|
||||
deploy: ssh ?= ssh
|
||||
deploy:
|
||||
@ -73,7 +76,7 @@ deploy:
|
||||
|
||||
# usage: make LOGNAME=shared system=wolf eval.config.krebs.build.host.name
|
||||
eval eval.:;@$(call evaluate,$${expr-eval})
|
||||
eval.%:;@$(call evaluate,$*)
|
||||
eval.%:;@$(call evaluate,$@)
|
||||
|
||||
# usage: make install system=foo [target_host=bar]
|
||||
install: ssh ?= ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
|
||||
|
@ -161,7 +161,7 @@ let
|
||||
ciko.mail = "wieczorek.stefan@gmail.com";
|
||||
Mic92.mail = "joerg@higgsboson.tk";
|
||||
in {
|
||||
"cfp@eloop.org" = [{ mail = "eloop2016@krebsco.de"; }];
|
||||
"*@eloop.org" = [{ mail = "eloop2016@krebsco.de"; }];
|
||||
"eloop2016@krebsco.de" = spam-ml ++ [ ciko Mic92 ];
|
||||
"postmaster@krebsco.de" = spam-ml; # RFC 822
|
||||
"lass@krebsco.de" = lass;
|
||||
|
@ -164,7 +164,7 @@ let
|
||||
control = dkim_disable_verify
|
||||
|
||||
accept message = relay not permitted 2
|
||||
recipients = lsearch;${lsearch.internet-aliases}
|
||||
recipients = lsearch*@;${lsearch.internet-aliases}
|
||||
|
||||
require message = relay not permitted
|
||||
domains = +local_domains : +relay_to_domains
|
||||
@ -198,7 +198,7 @@ let
|
||||
internet_aliases:
|
||||
debug_print = "R: internet_aliases for $local_part@$domain"
|
||||
driver = redirect
|
||||
data = ''${lookup{$local_part@$domain}lsearch{${lsearch.internet-aliases}}}
|
||||
data = ''${lookup{$local_part@$domain}lsearch*@{${lsearch.internet-aliases}}}
|
||||
|
||||
dnslookup:
|
||||
debug_print = "R: dnslookup for $local_part@$domain"
|
||||
|
@ -37,7 +37,7 @@ in {
|
||||
};
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment = {
|
||||
etc."exim.conf".text = ''
|
||||
etc."exim.conf".source = pkgs.writeEximConfig "exim.conf" ''
|
||||
exim_user = ${cfg.user.name}
|
||||
exim_group = ${cfg.group.name}
|
||||
exim_path = /var/setuid-wrappers/exim
|
||||
|
@ -355,11 +355,11 @@ with config.krebs.lib;
|
||||
};
|
||||
users = rec {
|
||||
mv = {
|
||||
mail = "mv@cd.retiolum";
|
||||
mail = "mv@cd.r";
|
||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGer9e2+Lew7vnisgBbsFNECEIkpNJgEaqQqgb9inWkQ mv@vod";
|
||||
};
|
||||
tv = {
|
||||
mail = "tv@nomic.retiolum";
|
||||
mail = "tv@nomic.r";
|
||||
pgp.pubkeys.default = ''
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
|
@ -56,6 +56,14 @@ rec {
|
||||
'';
|
||||
};
|
||||
|
||||
writeEximConfig = name: text: pkgs.runCommand name {
|
||||
inherit text;
|
||||
passAsFile = [ "text" ];
|
||||
} ''
|
||||
${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null
|
||||
mv "$textPath" $out
|
||||
'';
|
||||
|
||||
writeNixFromCabal = name: path: pkgs.runCommand name {} ''
|
||||
${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
|
||||
'';
|
||||
|
Loading…
Reference in New Issue
Block a user