Merge remote-tracking branch 'temp/master'
This commit is contained in:
commit
10850a2027
|
@ -202,6 +202,7 @@ let
|
|||
"kontakt@eloop.org" = eloop-ml;
|
||||
"root@eloop.org" = eloop-ml;
|
||||
"eloop2016@krebsco.de" = eloop-ml;
|
||||
"eloop2017@krebsco.de" = eloop-ml;
|
||||
"postmaster@krebsco.de" = spam-ml; # RFC 822
|
||||
"lass@krebsco.de" = lass;
|
||||
"makefu@krebsco.de" = makefu;
|
||||
|
|
|
@ -43,7 +43,6 @@ let
|
|||
primary_hostname = ${cfg.primary_hostname}
|
||||
domainlist local_domains = ${concatStringsSep ":" cfg.local_domains}
|
||||
domainlist relay_to_domains = ${concatStringsSep ":" cfg.relay_to_domains}
|
||||
hostlist relay_from_hosts = <; 127.0.0.1 ; ::1
|
||||
|
||||
acl_smtp_rcpt = acl_check_rcpt
|
||||
acl_smtp_data = acl_check_data
|
||||
|
@ -61,41 +60,15 @@ let
|
|||
begin acl
|
||||
|
||||
acl_check_rcpt:
|
||||
accept hosts = :
|
||||
control = dkim_disable_verify
|
||||
|
||||
deny message = Restricted characters in address
|
||||
domains = +local_domains
|
||||
local_parts = ^[.] : ^.*[@%!/|]
|
||||
|
||||
deny message = Restricted characters in address
|
||||
domains = !+local_domains
|
||||
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
||||
|
||||
accept local_parts = postmaster
|
||||
domains = +local_domains
|
||||
|
||||
#accept
|
||||
# hosts = *.r
|
||||
# domains = *.r
|
||||
# control = dkim_disable_verify
|
||||
|
||||
#require verify = sender
|
||||
|
||||
accept hosts = +relay_from_hosts
|
||||
control = submission
|
||||
control = dkim_disable_verify
|
||||
|
||||
accept authenticated = *
|
||||
control = submission
|
||||
control = dkim_disable_verify
|
||||
|
||||
require message = relay not permitted
|
||||
domains = +local_domains : +relay_to_domains
|
||||
|
||||
require verify = recipient
|
||||
deny
|
||||
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
||||
message = restricted characters in address
|
||||
|
||||
accept
|
||||
domains = +local_domains : +relay_to_domains
|
||||
|
||||
deny
|
||||
message = relay not permitted
|
||||
|
||||
|
||||
acl_check_data:
|
||||
|
@ -104,29 +77,19 @@ let
|
|||
|
||||
begin routers
|
||||
|
||||
retiolum:
|
||||
driver = manualroute
|
||||
domains = ! +local_domains : +relay_to_domains
|
||||
transport = remote_smtp
|
||||
route_list = ^.* $0 byname
|
||||
no_more
|
||||
|
||||
nonlocal:
|
||||
debug_print = "R: nonlocal for $local_part@$domain"
|
||||
driver = redirect
|
||||
domains = ! +local_domains
|
||||
allow_fail
|
||||
data = :fail: Mailing to remote domains not supported
|
||||
no_more
|
||||
|
||||
local_user:
|
||||
# debug_print = "R: local_user for $local_part@$domain"
|
||||
local:
|
||||
driver = accept
|
||||
domains = +local_domains
|
||||
check_local_user
|
||||
# local_part_suffix = +* : -*
|
||||
# local_part_suffix = +*
|
||||
# local_part_suffix_optional
|
||||
transport = home_maildir
|
||||
cannot_route_message = Unknown user
|
||||
|
||||
remote:
|
||||
driver = manualroute
|
||||
domains = +relay_to_domains
|
||||
transport = remote_smtp
|
||||
route_list = ^.* $0 byname
|
||||
|
||||
|
||||
begin transports
|
||||
|
|
|
@ -157,39 +157,28 @@ let
|
|||
begin acl
|
||||
|
||||
acl_check_rcpt:
|
||||
accept hosts = :
|
||||
control = dkim_disable_verify
|
||||
|
||||
deny message = Restricted characters in address
|
||||
domains = +local_domains
|
||||
local_parts = ^[.] : ^.*[@%!/|]
|
||||
|
||||
deny message = Restricted characters in address
|
||||
domains = !+local_domains
|
||||
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
||||
|
||||
accept local_parts = postmaster
|
||||
domains = +local_domains
|
||||
|
||||
accept hosts = +relay_from_hosts
|
||||
control = submission
|
||||
control = dkim_disable_verify
|
||||
|
||||
accept authenticated = *
|
||||
control = submission
|
||||
control = dkim_disable_verify
|
||||
|
||||
accept message = relay not permitted 2
|
||||
recipients = lsearch*@;${lsearch.internet-aliases}
|
||||
|
||||
require message = relay not permitted
|
||||
domains = +local_domains : +relay_to_domains
|
||||
|
||||
require
|
||||
message = unknown user
|
||||
verify = recipient/callout
|
||||
deny
|
||||
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
||||
message = restricted characters in address
|
||||
|
||||
accept
|
||||
recipients = lsearch*@;${lsearch.internet-aliases}
|
||||
|
||||
accept
|
||||
authenticated = *
|
||||
control = dkim_disable_verify
|
||||
control = submission
|
||||
|
||||
accept
|
||||
control = dkim_disable_verify
|
||||
control = submission
|
||||
hosts = +relay_from_hosts
|
||||
|
||||
accept
|
||||
domains = +local_domains : +relay_to_domains
|
||||
|
||||
deny
|
||||
message = relay not permitted
|
||||
|
||||
|
||||
acl_check_data:
|
||||
|
|
|
@ -13,12 +13,12 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "populate";
|
||||
version = "1.2.4";
|
||||
version = "1.2.5";
|
||||
|
||||
src = fetchgit {
|
||||
url = http://cgit.ni.krebsco.de/populate;
|
||||
rev = "refs/tags/v${version}";
|
||||
sha256 = "0az41vaxfwrh9l19z3cbc7in8pylrnyc0xkzk6773xg2nj4g8a28";
|
||||
sha256 = "10s4x117zp5whqq991xzw1i2jc1xhl580kx8hhzv8f1b4c9carx1";
|
||||
};
|
||||
|
||||
phases = [
|
||||
|
|
13
krebs/5pkgs/simple/quote.nix
Normal file
13
krebs/5pkgs/simple/quote.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
{ jq, writeDashBin }:
|
||||
|
||||
# usage: quote [ARGS...]
|
||||
writeDashBin "quote" ''
|
||||
set -efu
|
||||
prefix=
|
||||
for x; do
|
||||
y=$(${jq}/bin/jq -nr --arg x "$x" '$x | @sh "\(.)"')
|
||||
echo -n "$prefix$y"
|
||||
prefix=' '
|
||||
done
|
||||
echo
|
||||
''
|
|
@ -1,5 +1,5 @@
|
|||
with import <stockholm/lib>;
|
||||
{ utillinux, writeDash }:
|
||||
{ coreutils, quote, utillinux, writeDash }:
|
||||
|
||||
opt-spec: cmd-spec: let
|
||||
|
||||
|
@ -43,6 +43,9 @@ in writeDash wrapper-name ''
|
|||
unset ${opt.varname}
|
||||
'') opts)}
|
||||
|
||||
WITHGETOPT_ORIG_ARGS=$(${quote}/bin/quote "$@")
|
||||
export WITHGETOPT_ORIG_ARGS
|
||||
|
||||
args=$(${utillinux}/bin/getopt \
|
||||
-l ${shell.escape
|
||||
(concatMapStringsSep ","
|
||||
|
|
24
shell.nix
24
shell.nix
|
@ -20,7 +20,7 @@ let
|
|||
set -efu
|
||||
|
||||
. ${init.env}
|
||||
. ${init.proxy opts}
|
||||
. ${init.proxy "deploy" opts}
|
||||
|
||||
# Use system's nixos-rebuild, which is not self-contained
|
||||
export PATH=/run/current-system/sw/bin
|
||||
|
@ -55,7 +55,7 @@ let
|
|||
# TODO inline prepare.sh?
|
||||
fi
|
||||
|
||||
. ${init.proxy opts}
|
||||
. ${init.proxy "install" opts}
|
||||
|
||||
# Reset PATH because we need access to nixos-install.
|
||||
# TODO provide nixos-install instead of relying on prepare.sh
|
||||
|
@ -93,7 +93,7 @@ let
|
|||
export dummy_secrets=true
|
||||
|
||||
. ${init.env}
|
||||
. ${init.proxy opts}
|
||||
. ${init.proxy "test" opts}
|
||||
|
||||
exec ${utils.build} config.system.build.toplevel
|
||||
'');
|
||||
|
@ -143,18 +143,6 @@ let
|
|||
''}
|
||||
'');
|
||||
|
||||
# usage: quote [ARGS...]
|
||||
cmds.quote = pkgs.writeDash "cmds.quote" ''
|
||||
set -efu
|
||||
prefix=
|
||||
for x; do
|
||||
y=$(${pkgs.jq}/bin/jq -nr --arg x "$x" '$x | @sh "\(.)"')
|
||||
echo -n "$prefix$y"
|
||||
prefix=' '
|
||||
done
|
||||
echo
|
||||
'';
|
||||
|
||||
init.env = pkgs.writeText "init.env" /* sh */ ''
|
||||
export quiet
|
||||
export system
|
||||
|
@ -171,7 +159,7 @@ let
|
|||
export target_local="$(echo $target_object | ${pkgs.jq}/bin/jq -r .local)"
|
||||
'';
|
||||
|
||||
init.proxy = opts: pkgs.writeText "init.proxy" /* sh */ ''
|
||||
init.proxy = command: opts: pkgs.writeText "init.proxy" /* sh */ ''
|
||||
if \test "''${using_proxy-}" != true; then
|
||||
|
||||
source=$(get-source "$source_file")
|
||||
|
@ -194,7 +182,8 @@ let
|
|||
opts
|
||||
)} \
|
||||
using_proxy=true \
|
||||
$(quote "$0" "$@")
|
||||
${lib.shell.escape command} \
|
||||
$WITHGETOPT_ORIG_ARGS \
|
||||
")"
|
||||
fi
|
||||
fi
|
||||
|
@ -243,6 +232,7 @@ in pkgs.stdenv.mkDerivation {
|
|||
fi
|
||||
export PATH=${lib.makeBinPath [
|
||||
pkgs.populate
|
||||
pkgs.quote
|
||||
shell.cmdspkg
|
||||
]}
|
||||
|
||||
|
|
|
@ -80,7 +80,7 @@ mainNoArgs = do
|
|||
, modMask = mod4Mask
|
||||
, keys = myKeys
|
||||
, workspaces = workspaces0
|
||||
, layoutHook = smartBorders $ myLayout
|
||||
, layoutHook = smartBorders $ FixedColumn 1 20 80 10 ||| Full
|
||||
-- , handleEventHook = myHandleEventHooks <+> handleTimerEvent
|
||||
--, handleEventHook = handleTimerEvent
|
||||
, manageHook = placeHook (smart (1,0)) <+> floatNextHook
|
||||
|
@ -91,10 +91,6 @@ mainNoArgs = do
|
|||
, focusedBorderColor = "#f000b0"
|
||||
, handleEventHook = handleShutdownEvent
|
||||
}
|
||||
where
|
||||
myLayout =
|
||||
(onWorkspace "im" $ reflectVert $ Mirror $ Tall 1 (3/100) (12/13))
|
||||
(FixedColumn 1 20 80 10 ||| Full)
|
||||
|
||||
|
||||
xmonad' :: (LayoutClass l Window, Read (l Window)) => XConfig l -> IO ()
|
||||
|
|
Loading…
Reference in a new issue