summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/0tests/data/secrets/shack/muell_mail.js0
-rw-r--r--krebs/2configs/shack/muell_mail.nix33
2 files changed, 33 insertions, 0 deletions
diff --git a/krebs/0tests/data/secrets/shack/muell_mail.js b/krebs/0tests/data/secrets/shack/muell_mail.js
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/krebs/0tests/data/secrets/shack/muell_mail.js
diff --git a/krebs/2configs/shack/muell_mail.nix b/krebs/2configs/shack/muell_mail.nix
new file mode 100644
index 000000000..732269c88
--- /dev/null
+++ b/krebs/2configs/shack/muell_mail.nix
@@ -0,0 +1,33 @@
+{ config, lib, pkgs, ... }:
+
+let
+ pkg = pkgs.callPackage (
+ pkgs.fetchgit {
+ url = "https://git.shackspace.de/rz/muell_mail";
+ rev = "317370e3e98ce34da4ee615af7a80df7b519ab89";
+ sha256 = "sha256:02mywm37n0v4icgy474wwkavb7vad93bvkigvz1cqn7fbg4ldc8k";
+ }) {};
+ home = "/var/lib/muell_mail";
+ cfg = toString <secrets/shack/muell_mail.js>;
+in {
+ users.users.muell_mail = {
+ inherit home;
+ createHome = true;
+ };
+ systemd.services.muell_mail = {
+ description = "muell_mail";
+ wantedBy = [ "multi-user.target" ];
+ environment.CONFIG = "${home}/muell_mail.js";
+ serviceConfig = {
+ User = "muell_mail";
+ ExecStartPre = pkgs.writeDash "muell_mail-pre" ''
+ install -D -omuell_mail -m700 ${cfg} ${home}/muell_mail.js
+ '';
+ WorkingDirectory = home;
+ PermissionsStartOnly = true;
+ ExecStart = "${pkg}/bin/muell_mail";
+ Restart = "always";
+ PrivateTmp = true;
+ };
+ };
+}