2024-06-21 13:46:57 +02:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
lib,
|
|
|
|
...
|
|
|
|
}:
|
2024-07-18 14:47:43 +02:00
|
|
|
let
|
|
|
|
host = "catvayor.sh";
|
|
|
|
in
|
2024-06-21 13:46:57 +02:00
|
|
|
{
|
|
|
|
users.users.moderators = {
|
|
|
|
isNormalUser = true;
|
2024-09-07 13:39:07 +02:00
|
|
|
extraGroups = [ "postdrop" ];
|
2024-06-21 13:46:57 +02:00
|
|
|
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
|
|
|
|
};
|
2024-09-26 11:51:04 +02:00
|
|
|
home-manager.users.moderators = { };
|
2024-07-18 14:47:43 +02:00
|
|
|
mailserver.loginAccounts."moderators@${host}" = {
|
2024-06-21 13:46:57 +02:00
|
|
|
hashedPassword = "";
|
|
|
|
sieveScript = ''
|
|
|
|
require "vnd.dovecot.pipe";
|
|
|
|
pipe "procmail-modo";
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
services.dovecot2.sieve = {
|
|
|
|
extensions = [ "vnd.dovecot.pipe" ];
|
|
|
|
pipeBins = [
|
|
|
|
(lib.getExe (
|
|
|
|
pkgs.writeShellApplication {
|
|
|
|
name = "procmail-modo";
|
|
|
|
text = ''
|
|
|
|
exec /run/wrappers/bin/sudo ${lib.getExe' pkgs.procmail "procmail"} -d moderators
|
|
|
|
'';
|
|
|
|
}
|
|
|
|
))
|
|
|
|
];
|
|
|
|
};
|
|
|
|
security.sudo.extraRules = [
|
|
|
|
{
|
|
|
|
users = [ "virtualMail" ];
|
|
|
|
commands = [
|
|
|
|
{
|
|
|
|
command = "${lib.getExe' pkgs.procmail "procmail"}";
|
|
|
|
options = [
|
|
|
|
"SETENV"
|
|
|
|
"NOPASSWD"
|
|
|
|
];
|
|
|
|
}
|
|
|
|
];
|
|
|
|
}
|
|
|
|
];
|
2024-07-09 17:55:50 +02:00
|
|
|
services.postgresql = {
|
|
|
|
enable = true;
|
|
|
|
ensureUsers = [
|
|
|
|
{
|
|
|
|
name = "moderators";
|
|
|
|
ensureClauses.superuser = true;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
ensureDatabases = [
|
|
|
|
"moderation"
|
|
|
|
];
|
|
|
|
identMap = ''
|
|
|
|
map-moderators moderators moderators
|
|
|
|
'';
|
|
|
|
};
|
2024-06-21 13:46:57 +02:00
|
|
|
}
|