WTF is the deal with this selector thing

2023-09-28 22:00:55 -07:00 · 2023-09-28 22:00:55 -07:00 · 409d0e6207
commit 409d0e6207
parent e3fc492961
1 changed files with 7 additions and 8 deletions
--- a/dkim.nix
+++ b/dkim.nix
@ -6,18 +6,18 @@ let
  ensureDomainDkimCert = keyDir: domain:
    let
-      dkimKey = "${keyDir}/${domain}.mail.key";
+      dkimKey = "${keyDir}/${domain}.${cfg.selector}.key";
-      dkimTxt = "${keyDir}/${domain}.mail.txt";
+      dkimTxt = "${keyDir}/${domain}.${cfg.selector}.txt";
    in ''
      if [ ! -f "${dkimKey}" ] || [ ! -f ${dkimTxt} ]; then
        OUT=$(${pkgs.coreutils}/bin/mktemp -d -t dkim-XXXXXXXXXX)
        opendkim-genkey \
-          --selector=mail \
+          --selector=${cfg.selector} \
          --domain=${domain} \
          --bits="${toString cfg.key-bits}" \
          --directory=$OUT
-        mv $OUT/mail.private ${dkimKey}
+        mv $OUT/${cfg.selector}.private ${dkimKey}
-        mv $OUT/mail.txt ${dkimTxt}
+        mv $OUT/${cfg.selector}.txt ${dkimTxt}
      fi
    '';
@ -26,7 +26,7 @@ let
  makeKeyTable = keyDir: domains:
    pkgs.writeTextDir "key.table" (concatStrings (map (dom: ''
-      ${dom} ${dom}:mail:${keyDir}/${dom}.mail.key
+      ${dom} ${dom}:${cfg.selector}:${keyDir}/${dom}.${cfg.selector}.key
    '') domains));
  makeSigningTable = domains:
@ -84,12 +84,11 @@ in {
    networking.firewall = {
      enable = true;
      allowedTCPPorts = [ cfg.port ];
      allowedUDPPorts = [ cfg.port ];
    };
    services.opendkim = {
      enable = true;
-      selector = cfg.selector;
+      # selector = cfg.selector;
      domains = let domainString = concatStringsSep "," cfg.domains;
      in "csl:${domainString}";
      configFile = let