From 37bd62f95013d40c5e4ccb0ec5529c6264615483 Mon Sep 17 00:00:00 2001
From: niten <niten@fudo.org>
Date: Sun, 1 Oct 2023 22:47:24 -0700
Subject: [PATCH] Start all secrets on boot

---
 lib/fudo/mail/postfix.nix | 4 ++--
 lib/fudo/mail/rspamd.nix  | 8 ++++----
 lib/fudo/secrets.nix      | 4 ++--
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/lib/fudo/mail/postfix.nix b/lib/fudo/mail/postfix.nix
index ec72abd..2184a7f 100644
--- a/lib/fudo/mail/postfix.nix
+++ b/lib/fudo/mail/postfix.nix
@@ -15,8 +15,8 @@ let
 
   make-user-aliases = entries:
     concatStringsSep "\n" (mapAttrsToList (user: aliases:
-      concatStringsSep "\n"
-      (map (alias: "${alias}  ${user}@${cfg.domain}") aliases)) entries);
+      concatStringsSep "\n" (map (alias: "${alias}  ${user}") aliases))
+      entries);
 
   make-alias-users = domains: entries:
     concatStringsSep "\n" (flatten (mapAttrsToList (alias: users:
diff --git a/lib/fudo/mail/rspamd.nix b/lib/fudo/mail/rspamd.nix
index 3edf906..2d26e74 100644
--- a/lib/fudo/mail/rspamd.nix
+++ b/lib/fudo/mail/rspamd.nix
@@ -1,8 +1,7 @@
 { config, pkgs, lib, ... }:
 
 with lib;
-let
-  cfg = config.fudo.mail-server;
+let cfg = config.fudo.mail-server;
 
 in {
   config = mkIf cfg.enable {
@@ -73,7 +72,7 @@ in {
             mode = "0666";
           }
         ];
-        includes = [];
+        includes = [ ];
       };
     };
 
@@ -87,6 +86,7 @@ in {
       requires = [ "rspamd.service" ];
     };
 
-    users.extraUsers.${config.services.postfix.user}.extraGroups = [ config.services.rspamd.group ];
+    users.extraUsers.${config.services.postfix.user}.extraGroups =
+      [ config.services.rspamd.group ];
   };
 }
diff --git a/lib/fudo/secrets.nix b/lib/fudo/secrets.nix
index 788d01f..e79c9c1 100644
--- a/lib/fudo/secrets.nix
+++ b/lib/fudo/secrets.nix
@@ -39,8 +39,8 @@ let
     { source-file, target-file, user, group, permissions, ... }: {
       description =
         "decrypt secret ${secret-name} at ${target-host}:${target-file}.";
-      wantedBy = [ cfg.secret-target ];
-      before = [ cfg.secret-target ];
+      wantedBy = [ cfg.secret-target "multi-user.target" ];
+      before = [ cfg.secret-target "multi-user.target" ];
       serviceConfig = {
         Type = "simple";
         RemainAfterExit = true;