commit e016f8c0ba45c39ccf42458acadf598597dcfd1c
parent c9128cf5f8fd469a173af00faa69e627de34bd5c
Author: Leah (ctucx) <leah@ctu.cx>
Date: Wed, 7 Sep 2022 23:37:38 +0200
parent c9128cf5f8fd469a173af00faa69e627de34bd5c
Author: Leah (ctucx) <leah@ctu.cx>
Date: Wed, 7 Sep 2022 23:37:38 +0200
machines/osterei/maddy: move python-scripts into nix variable as it looks cleaner
3 files changed, 97 insertions(+), 72 deletions(-)
M
|
137
++++++++++++++++++++++++++++++++++++++-----------------------------------------
diff --git a/helpers/writePythonScriptBin.nix b/helpers/writePythonScriptBin.nix @@ -0,0 +1,20 @@ +{ writeTextFile, stdenv, python3 }: + +{ + + writePythonScriptBin = name: packagesSelectionFun: text: + let + mkScriptName = s: (builtins.replaceStrings [ "\\" ] [ "-" ] s); + x = writeTextFile { name = "unit-script.py"; executable = true; destination = "/bin/${mkScriptName name}"; text = "#!/usr/bin/env python3\n${text}"; }; + deriv = stdenv.mkDerivation { + name = mkScriptName name; + buildInputs = [ (python3.withPackages (pythonPackages: packagesSelectionFun pythonPackages)) ]; + unpackPhase = "true"; + installPhase = '' + mkdir -p $out/bin + cp ${x}/bin/${mkScriptName name} $out/bin/${mkScriptName name} + ''; + }; + in "${deriv}/bin/${mkScriptName name}"; + +}
diff --git a/machines/osterei/maddy.nix b/machines/osterei/maddy.nix @@ -1,23 +1,67 @@ { config, lib, pkgs, ... }: let - maddy = pkgs.callPackage ../../pkgs/maddy.nix {}; - secrets = import ../../secrets/default.nix; - - writePythonScriptBin = name: packagesSelectionFun: text: - let - mkScriptName = s: (builtins.replaceStrings [ "\\" ] [ "-" ] s); - x = pkgs.writeTextFile { name = "unit-script.py"; executable = true; destination = "/bin/${mkScriptName name}"; text = "#!/usr/bin/env python3\n${text}"; }; - deriv = pkgs.stdenv.mkDerivation { - name = mkScriptName name; - buildInputs = [ (pkgs.python3.withPackages (pythonPackages: packagesSelectionFun pythonPackages)) ]; - unpackPhase = "true"; - installPhase = '' - mkdir -p $out/bin - cp ${x}/bin/${mkScriptName name} $out/bin/${mkScriptName name} - ''; - }; - in "${deriv}/bin/${mkScriptName name}"; + inherit (pkgs.callPackage ../../helpers/writePythonScriptBin.nix {}) writePythonScriptBin; + + maddy = pkgs.callPackage ../../pkgs/maddy.nix {}; + secrets = import ../../secrets/default.nix; + std = import <nix-std>; + + mailboxFilterScript = writePythonScriptBin "mailbox-filter.py" (ps: [ ps.toml ]) '' + from email.header import Header, decode_header, make_header + import sys, toml, re + + try: + account_name = sys.argv[1] + sender = sys.argv[2] + recipient = sys.argv[3] + subject = make_header(decode_header(sys.argv[4])) + + config = toml.load('/etc/maddy/filters/mailbox/' + account_name + '.toml') + + for type in [ 'recipient', 'subject', 'sender' ]: + if type not in config: + continue + + for key, value in config[type].items(): + if(re.search("^" + key + "$", str(eval(type)))): + print(value.replace(",", "\n")) + sys.exit(0) + + except: + pass + + sys.exit(0) + ''; + + receiveFilterScript = writePythonScriptBin "receive-filter.py" (ps: [ ps.toml ]) '' + import sys, toml + + try: + sender = sys.argv[1] + recipient = sys.argv[2] + config = toml.load('/etc/maddy/filters/receive.toml') + + for type in [ 'recipient', 'sender' ]: + if type not in config: + continue + + if 'reject' in config[type]: + if(eval(type) in config[type]['reject']): + sys.exit(10) + + if('quarantine' in config[type]): + if(eval(type) in config[type]['quarantine']): + sys.exit(20) + + except SystemExit as e: + sys.exit(e) + + except: + pass + + sys.exit(0) + ''; in { @@ -27,8 +71,8 @@ in { }) ]; - environment.etc."maddy/filters/mailbox/leah@ctu.cx.toml".text = "${builtins.toJSON secrets.maddy.mailboxFilter}"; - environment.etc."maddy/filters/receive.toml".text = "${builtins.toJSON secrets.maddy.receiveFilter}"; + environment.etc."maddy/filters/mailbox/leah@ctu.cx.toml".text = "${std.serde.toTOML secrets.maddy.mailboxFilter}"; + environment.etc."maddy/filters/receive.toml".text = "${std.serde.toTOML secrets.maddy.receiveFilter}"; security.acme.certs."osterei.ctu.cx".reloadServices = [ "maddy.service" ]; @@ -107,32 +151,8 @@ in { compression zstd imap_filter { - command ${writePythonScriptBin "mailbox-filter.py" (ps: [ ps.toml ]) '' - from email.header import Header, decode_header, make_header - import sys, toml, re - - try: - account_name = sys.argv[1] - sender = sys.argv[2] - recipient = sys.argv[3] - subject = make_header(decode_header(sys.argv[4])) - - config= toml.load('/etc/maddy/filters/mailbox/' + account_name + '.toml') - - for type in [ 'recipient', 'subject', 'sender' ]: - if type not in config: - continue - - for key, value in config[type].items(): - if(re.search(str("^" + key + "$"), str(eval(type)))): - print(value.replace(",", "\n")) - sys.exit(0) - - except: - sys.exit(0) - ''} {account_name} {sender} {original_rcpt_to} {subject} + command ${mailboxFilterScript} {account_name} {sender} {original_rcpt_to} {subject} } - } # ---------------------------------------------------------------------------- @@ -146,34 +166,7 @@ in { spf { permerr_action ignore } - command ${writePythonScriptBin "receive-filter.py" (ps: [ ps.toml ]) '' - import sys, toml - - try: - sender = sys.argv[1] - recipient = sys.argv[2] - config = toml.load('/etc/maddy/filters/receive.toml') - - for type in [ 'recipient', 'sender' ]: - if type not in config: - continue - - if 'reject' in config[type]: - if(eval(type) in config[type]['reject']): - sys.exit(10) - - if('quarantine' in config[type]): - if(eval(type) in config[type]['quarantine']): - sys.exit(20) - - except SystemExit as e: - sys.exit(e) - - except: - pass - - sys.exit(0) - ''} {sender} {rcpts} { + command ${receiveFilterScript} {sender} {rcpts} { run_on rcpt code 1 ignore
diff --git a/nix/sources.json b/nix/sources.json @@ -47,6 +47,18 @@ "url": "https://github.com/nmattia/niv/archive/82e5cd1ad3c387863f0545d7591512e76ab0fc41.tar.gz", "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" }, + "nix-std": { + "branch": "master", + "description": "no-nixpkgs standard library for the nix expression language", + "homepage": null, + "owner": "chessai", + "repo": "nix-std", + "rev": "9500903a19ef2720469578de0e10ce9e66623bdf", + "sha256": "16ilywyx73dmp5vmw471hs7qcvbbgwh7djxpk3mqh37c4d2nnw7s", + "type": "tarball", + "url": "https://github.com/chessai/nix-std/archive/9500903a19ef2720469578de0e10ce9e66623bdf.tar.gz", + "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" + }, "nixpkgs": { "branch": "release-22.05", "description": "Nix Packages collection",