74 lines
1.4 KiB
Nix
74 lines
1.4 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
mods,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
host = "catvayor.sh";
|
|
in
|
|
{
|
|
users.users.moderators = {
|
|
shell = pkgs.zsh;
|
|
isNormalUser = true;
|
|
extraGroups = [ "postdrop" ];
|
|
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
|
|
};
|
|
home-manager.users.moderators = {
|
|
home.stateVersion = "23.11";
|
|
imports = with mods.home; [
|
|
neovim
|
|
zsh
|
|
];
|
|
};
|
|
mailserver.loginAccounts."moderators@${host}" = {
|
|
hashedPassword = "";
|
|
sieveScript = ''
|
|
require "vnd.dovecot.pipe";
|
|
pipe "procmail-modo";
|
|
'';
|
|
};
|
|
services.dovecot2.sieve = {
|
|
extensions = [ "vnd.dovecot.pipe" ];
|
|
pipeBins = [
|
|
(lib.getExe (
|
|
pkgs.writeShellApplication {
|
|
name = "procmail-modo";
|
|
text = ''
|
|
exec /run/wrappers/bin/sudo ${lib.getExe' pkgs.procmail "procmail"} -d moderators
|
|
'';
|
|
}
|
|
))
|
|
];
|
|
};
|
|
security.sudo.extraRules = [
|
|
{
|
|
users = [ "virtualMail" ];
|
|
commands = [
|
|
{
|
|
command = "${lib.getExe' pkgs.procmail "procmail"}";
|
|
options = [
|
|
"SETENV"
|
|
"NOPASSWD"
|
|
];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
services.postgresql = {
|
|
enable = true;
|
|
ensureUsers = [
|
|
{
|
|
name = "moderators";
|
|
ensureClauses.superuser = true;
|
|
}
|
|
];
|
|
ensureDatabases = [
|
|
"moderation"
|
|
];
|
|
identMap = ''
|
|
map-moderators moderators moderators
|
|
'';
|
|
};
|
|
}
|