feat: mail

2022-09-06 08:57:25 +02:00 · 2022-09-06 08:57:25 +02:00 · 5f2d2fc54b
commit 5f2d2fc54b
parent f83f1f3524
8 changed files with 68 additions and 3 deletions
--- a/flake.nix
+++ b/flake.nix
@ -8,7 +8,7 @@
    home-manager.url = "github:nix-community/home-manager";
    home-manager.inputs.nixpkgs.follows = "nixpkgs";
    impermanence.url = "github:nix-community/impermanence";
-    impermanence.inputs.nixpkgs.follows = "nixpkgs";
+    #impermanence.inputs.nixpkgs.follows = "nixpkgs";
    xynoblog.url = "github:thexyno/blog";
    xynoblog.inputs.nixpkgs.follows = "nixpkgs";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
@ -181,7 +181,7 @@
    let pkgs = nixpkgs.legacyPackages.${system}; in
    {
      devShell = pkgs.mkShell {
-        buildInputs = with pkgs; [ lefthook nixpkgs-fmt ];
+        buildInputs = with pkgs; [ lefthook nixpkgs-fmt inputs.agenix.packages.${system}.agenix ];
      };
      packages = lib.my.mapModules ./packages (p: pkgs.callPackage p { inputs = inputs; });
    });
--- a/hm-imports/zsh/zshrc
+++ b/hm-imports/zsh/zshrc
@ -48,7 +48,7 @@ n ()
    fi
 }

-ORIGTMPDIR=$TMPDIR # nix-shell overrides tmpdir, but we want to save it
+export ORIGTMPDIR=${TMPDIR:-$(mktemp -d)} # nix-shell overrides tmpdir, but we want to save it
 emacsclient ()
 {
    command emacsclient -s $ORIGTMPDIR/emacs$(id -u)/server "$@"
--- a/hosts/ds9/default.nix
+++ b/hosts/ds9/default.nix
@ -196,6 +196,27 @@ in
    fruit:metadata = stream
  '';

+  services.smartd = {
+    enable = true;
+  };
+  nixpkgs.overlays = [
+    (self: super: {
+      zfs = super.zfs.override {enableMail = true;};
+    })
+  ];
+
+  services.zfs.zed.settings = {
+    ZED_EMAIL_ADDR = [ "root" ];
+    ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";
+    ZED_EMAIL_OPTS = "@ADDRESS@";
+
+    ZED_NOTIFY_INTERVAL_SECS = 3600;
+    ZED_NOTIFY_VERBOSE = true;
+
+    ZED_USE_ENCLOSURE_LEDS = true;
+    ZED_SCRUB_AFTER_RESILVER = true;
+  };
+
  ragon = {
    cli.enable = true;
    user.enable = true;
@ -223,6 +244,7 @@ in
      docker.enable = true;
      ssh.enable = true;
      nginx.enable = true;
+      msmtp.enable = true;
      jellyfin.enable = true;
      photoprism.enable = true;
      tailscale.enable = true;
--- a/hosts/picard/default.nix
+++ b/hosts/picard/default.nix
@ -109,6 +109,8 @@
    script = "${pkgs.curl}/bin/curl -fss -m 10 --retry 5 -o /dev/null $(cat ${config.age.secrets.picardResticHealthCheckUrl.path})/fail";
  };
  services.xynoblog.enable = true;
+  boot.zfs.package = lib.mkForce (pkgs.zfs.override { enableMail = true; });
+  services.zfs.zed.enableMail = true;
  ragon = {
    cli.enable = true;
    user.enable = true;
@ -117,6 +119,7 @@

    services = {
      ssh.enable = true;
+      msmtp.enable = true;
      bitwarden.enable = true;
      gitlab.enable = false; # TODO gitlab-runner
      synapse.enable = true;
--- a/nixos-modules/services/msmtp.nix
+++ b/nixos-modules/services/msmtp.nix
@ -0,0 +1,21 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.ragon.services.msmtp;
+in
+{
+  options.ragon.services.msmtp.enable = lib.mkEnableOption "Enables msmtp";
+  config = lib.mkIf cfg.enable {
+    programs.msmtp = {
+      enable = true;
+    };
+    environment.etc."msmtprc".enable = false;
+    ragon.agenix.secrets.msmtprc = {
+      path = "/etc/msmtprc";
+      mode = "0644";
+    };
+    ragon.agenix.secrets.aliases = {
+      path = "/etc/aliases";
+      mode = "0644";
+    };
+  };
+}
--- a/secrets/aliases.age
+++ b/secrets/aliases.age
@ -0,0 +1,17 @@
+age-encryption.org/v1
+-> ssh-ed25519 ugHWWw VTuKkXWunXbu2WTd+E2waGeEl7g0f/oNTACPNgntGBo
+CvOioqM2nxtGvVWH5XTpNm4+cxCweXScY0C5pFFyLqg
+-> ssh-ed25519 UU9RSA 7uNSJZ2tIRNHh7MgWlvZ6hZbax6fZWvs6ZCCfCqTvic
+NwwrPDbpEbeVW98xByYbOq3B4ZY1q9Bot5cAZYk45sw
+-> ssh-ed25519 yqm35A ESh3UDixa7eo8WT4s4OLUl2hZ2aO+YFKOqlCp/T9cx4
+26DziZ1brodjCZrAYDCMBxWlXe+RMnKIz+hBoSKG0t8
+-> ssh-ed25519 kKx7Qw s23jAaybkI40kC2DaXYdOVuYp5DR09fC+ynrs4l7RVE
+K8HfhCN4Eua0U/Ib1azxikqdB9ipWzqvZ2U6vdffIgs
+-> ssh-ed25519 IbXxfw Ixc96Krq/ibCSOWhF5Ckx5TlcufTkYb6xngZoPJ1+Wo
+mAtp5p0voszNxWadJRXZm5rvtJEti83suoBhoqDFHT8
+-> ssh-ed25519 WceKOQ 5QRwNWuOae6DCekv9bBwZEwDtPTL8W9a93xWfsMcRAU
+TzK0g3FVBuujYsB5kplMyWluIboEigKI9rWll3FmVGw
+-> p>C-grease Yy'> M#H;
+o+PSejuhm+hthXQFewLLcU9ENoHKAeKnplvPIPFFtYBFR1Vy7ffnBY5GFHQ
+--- QaSqQ3aLEQzEPEPJ14H4l49c+PvV1F8/r1H/d86vlhY
+ð¸ eQæ²†<EFBFBD>p¦áÀ×¤ÂŸRO'X÷ÊDßÊ/êÇõ¹z#¯”HYsa°þè<C3BE>fx‹<78>™‰¯‘K¬<4B>ª
--- a/secrets/msmtprc.age
+++ b/secrets/msmtprc.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -6,6 +6,8 @@ in
  "nextshot.age".publicKeys = pubkeys.ragon.client;
  "pulseLaunch.age".publicKeys = pubkeys.ragon.client;
  "rootPasswd.age".publicKeys = pubkeys.ragon.computers;
+  "msmtprc.age".publicKeys = pubkeys.ragon.computers;
+  "aliases.age".publicKeys = pubkeys.ragon.computers;
  "wpa_supplicant.age".publicKeys = pubkeys.ragon.computers;
  "ragonPasswd.age".publicKeys = pubkeys.ragon.computers;
  "tailscaleKey.age".publicKeys = pubkeys.ragon.computers;