summaryrefslogtreecommitdiff
path: root/users/id1000.scm
diff options
context:
space:
mode:
Diffstat (limited to 'users/id1000.scm')
-rw-r--r--users/id1000.scm254
1 files changed, 253 insertions, 1 deletions
diff --git a/users/id1000.scm b/users/id1000.scm
index 0253061..cfc4827 100644
--- a/users/id1000.scm
+++ b/users/id1000.scm
@@ -29,7 +29,242 @@
#:use-module (guix gexp)
;; %suweren-home-services
- #:use-module (suweren home))
+ #:use-module (suweren home)
+
+ #:use-module (guix records)
+ #:use-module (ice-9 match))
+
+(define-record-type* <dkimproxy-out-signature-configuration>
+ dkimproxy-out-signature-configuration
+ make-dkimproxy-out-signature-configuration
+ dkimproxy-out-signature-configuration?
+ (type dkimproxy-out-signature-configuration-type
+ (default 'dkim))
+ (key dkimproxy-out-signature-configuration-key
+ (default #f))
+ (algorithm dkimproxy-out-signature-configuration-algorithm
+ (default #f))
+ (method dkimproxy-out-signature-configuration-method
+ (default #f))
+ (domain dkimproxy-out-signature-configuration-domain
+ (default #f))
+ (identity dkimproxy-out-signature-configuration-identity
+ (default #f))
+ (selector dkimproxy-out-signature-configuration-selector
+ (default #f)))
+
+(define-public generate-dkimproxy-out-signature-configuration
+ (match-lambda
+ (($
+ <dkimproxy-out-signature-configuration>
+ type
+ key
+ algorithm
+ method
+ domain
+ identity
+ selector )
+ (string-append
+ (match type
+ ('dkim "dkim")
+ ('domainkeys "domainkeys"))
+ (if (or key algorithm method domain identity selector)
+ (string-append
+ "("
+ (string-join
+ `(,@ (if key
+ (list (string-append "key=" key))
+ '())
+ ,@ (if algorithm
+ (list (string-append "a=" algorithm))
+ '())
+ ,@ (if method
+ (list (string-append "c=" method))
+ '())
+ ,@ (if domain
+ (list (string-append "d=" domain))
+ '())
+ ,@ (if identity
+ (list (string-append "i=" identity))
+ '())
+ ,@ (if selector
+ (list (string-append "s=" selector))
+ '()))
+ ",")
+ ")")
+ "")))))
+
+(define-record-type* <dkimproxy-out-configuration>
+ dkimproxy-out-configuration
+ make-dkimproxy-out-configuration
+ dkimproxy-out-configuration?
+ (package dkimproxy-out-configuration-package
+ (default (@ (gnu packages mail) dkimproxy)))
+ (listen dkimproxy-out-configuration-listen
+ (default #f))
+ (relay dkimproxy-out-configuration-relay
+ (default #f))
+ (list-id-map dkimproxy-out-configuration-list-id-map
+ (default '()))
+ (sender-map dkimproxy-out-configuration-sender-map
+ (default '()))
+ (reject-error? dkimproxy-out-configuration-sender-reject-error?
+ (default #f))
+ (config-file dkimproxy-out-configuration-config-file
+ (default #f)))
+
+(define (generate-map-file config filename)
+ (apply
+ plain-file
+ filename
+ (map (lambda (config)
+ (match config
+ ((selector (config ...))
+ (string-append
+ selector " "
+ (string-join
+ (map
+ generate-dkimproxy-out-signature-configuration
+ config)
+ "\n")))
+ ((selector config)
+ (string-append
+ selector " "
+ (generate-dkimproxy-out-signature-configuration
+ config)))))
+ config)))
+
+(define dkimproxy-out-shepherd-service
+ (match-lambda
+ (($
+ <dkimproxy-out-configuration>
+ package
+ listen
+ relay
+ list-id-map
+ sender-map
+ reject-error?
+ config-file)
+ (list
+ ((@ (gnu services shepherd) shepherd-service)
+ (provision '(dkimproxy-out))
+ (requirement '(loopback))
+ (documentation "Outbound DKIM proxy.")
+ (start
+ (let ((proxy (file-append package "/bin/dkimproxy.out")))
+ (if config-file
+ #~
+ (make-forkexec-constructor
+ (list
+ #$
+ proxy
+ (string-append "--conf_file=" #$ config-file)
+ "--pidfile=/var/run/dkimproxy.out.pid"
+ "--user=dkimproxy" "--group=dkimproxy")
+ #:pid-file "/var/run/dkimproxy.out.pid")
+ (let*
+ ((first-signature
+ (match sender-map
+ (((sender (signature _ ...)) _ ...) signature)
+ (((sender signature) _ ...) signature)))
+ (domains
+ (apply append
+ (map
+ (lambda (sender)
+ (match sender
+ (((domains ...) config) domains)
+ ((domain config) domain)))
+ sender-map)))
+ (sender-map
+ (generate-map-file sender-map "sender.map"))
+ (listid-map
+ (if (null? list-id-map)
+ #f
+ (generate-map-file list-id-map "listid.map")))
+ (keyfile
+ (dkimproxy-out-signature-configuration-key
+ first-signature))
+ (selector
+ (dkimproxy-out-signature-configuration-selector
+ first-signature))
+ (method
+ (dkimproxy-out-signature-configuration-method
+ first-signature))
+ (signature
+ (match (dkimproxy-out-signature-configuration-type
+ first-signature)
+ ('dkim "dkim")
+ ('domainkeys "domainkeys"))))
+ #~
+ (make-forkexec-constructor
+ `(,#$
+ proxy
+ "--pidfile=/var/run/dkimproxy.out.pid"
+ "--user=dkimproxy" "--group=dkimproxy"
+ ,(string-append "--listen=" #$ listen)
+ ,(string-append "--relay=" #$ relay)
+ ,(string-append "--sender_map=" #$ sender-map)
+ ,@ (if #$ listid-map
+ (list
+ (string-append "--listid_map=" #$ listid-map))
+ '())
+ ,(string-append "--domain=" #$ domains)
+ ,(string-append "--keyfile=" #$ keyfile)
+ ,(string-append "--selector=" #$ selector)
+ ,@ (if #$ method
+ (list
+ (string-append "--method=" #$ method))
+ '())
+ ,@ (if #$ reject-error?
+ '("--reject_error")
+ '())
+ ,@ (if #$ signature
+ (list
+ (string-append "--signature=" #$ signature))
+ '())))))))
+ (stop #~ (make-kill-destructor)))))))
+
+(define %dkimproxy-accounts
+ (list (user-group (name "dkimproxy")
+ (system? #t))
+ (user-account (name "dkimproxy")
+ (group "dkimproxy")
+ (system? #t)
+ (comment "Dkimproxy user")
+ (home-directory "/var/empty")
+ (shell (file-append (@ (gnu packages admin)
+ shadow)
+ "/sbin/nologin")))))
+
+(define dkimproxy-out-service-type
+ (service-type
+ (name 'dkimproxy-out)
+ (description "stub")
+ (extensions
+ (list
+ (service-extension
+ account-service-type
+ (const %dkimproxy-accounts))
+ (service-extension
+ (@ (gnu services shepherd) shepherd-root-service-type)
+ dkimproxy-out-shepherd-service)))))
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(define dkimproxy-signature-dkim
+ (dkimproxy-out-signature-configuration
+ (algorithm "rsa-sha256")
+ (key "/etc/mail/dkim/marekpasnikowski.pl.key")
+ (method "relaxed")
+ (selector "dkim")
+ (type 'dkim)))
+
+(define dkimproxy-signature-domainkeys
+ (dkimproxy-out-signature-configuration
+ (method "mofws")
+ (type 'domainkeys)))
+
+;;;;;
(define aliases-file
((@ (guix gexp) mixed-text-file)
@@ -45,6 +280,10 @@
"@just-aero.us\n"
"@elitetorrent1.com\n"))
+(define dkimproxy-signatures-marekpasnikowski
+ (list dkimproxy-signature-dkim
+ dkimproxy-signature-domainkeys))
+
(define dovecot-imap-login-inet-configuration
((@ (gnu services mail) inet-listener-configuration)
(address "192.168.10.2")
@@ -105,6 +344,9 @@
;;;
+(define dkimproxy-sender-marekpasnikowski
+ `("marekpasnikowski.pl" ,dkimproxy-signatures-marekpasnikowski))
+
(define dovecot-imap
((@ (gnu services mail) protocol-configuration)
(name "imap")))
@@ -229,6 +471,12 @@
;;;
+(define dkimproxy-out-configuration*
+ (dkimproxy-out-configuration
+ (listen "127.0.0.1:10027")
+ (relay "172.0.0.1:10028")
+ (sender-map `(,dkimproxy-sender-marekpasnikowski))))
+
(define dovecot-configuration*
((@ (gnu services mail) dovecot-configuration)
(disable-plaintext-auth? #t)
@@ -256,6 +504,10 @@
;;;
+(define-public dkim-service
+ (service dkimproxy-out-service-type
+ dkimproxy-out-configuration*))
+
(define-public dovecot-service
(service (@ (gnu services mail) dovecot-service-type)
dovecot-configuration*))
generated by cgit v1.2.3 (git 2.46.0) at 2024-09-19 16:30:46 +0000