diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index e203e62..90c9232 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -1183,9 +1183,9 @@ in after = [ "sockets.service" ]; serviceConfig = { Restart = "on-failure"; - User = "hydra-queue-runner"; # TODO needs new user both here and there + User = "hydra-queue-runner"; # TODO needs new user here Group = "hydra"; - ExecStart = "${pkgs.openssh}/bin/ssh -N -D 127.0.0.1:1587 zolaupd@5.78.86.156"; + ExecStart = "${pkgs.openssh}/bin/ssh -N -D 127.0.0.1:1587 ssh_tunnel@5.78.86.156"; }; }; @@ -1193,10 +1193,6 @@ in m-labs-intl.com socks: * : ''; - environment.etc."tsocks.conf".text = '' - server = 127.0.0.1 - server_port = 1587 - ''; systemd.services.postfix-rebuild-sender-relay = { description = "Postfix Rebuild Sender Dependent Relayhost Maps"; serviceConfig = { @@ -1214,6 +1210,19 @@ in enablePop3Ssl = true; certificateScheme = "acme-nginx"; } // (import /etc/nixos/secret/email_settings.nix); + ssh_proxy_conf = builtins.toFile "proxychains.conf" '' + strict_chain + tcp_read_time_out 15000 + tcp_connect_time_out 8000 + localnet 192.168.1.0/255.255.255.0 + localnet 127.0.0.0/255.0.0.0 + localnet ::1/128 + localnet 94.190.212.123/255.255.255.255 + localnet 202.77.7.238/255.255.255.255 + localnet 2001:470:18:390::2/255.255.255.255 + [ProxyList] + socks5 127.0.0.1 1587 + ''; services.postfix = { config = { sender_dependent_relayhost_maps = "hash:/etc/postfix/sender_relay"; @@ -1222,7 +1231,7 @@ in masterConfig.socks = { type = "unix"; command = "pipe"; - args = "flags=R user=nobody argv=${pkgs.tsocks}/bin/tsocks ${pkgs.postfix}/bin/sendmail -oi -f $sender $recipient"; + args = "flags=R user=nobody argv=${pkgs.proxychains-ng}/bin/proxychains4 -f ${config.ssh_proxy_conf} ${pkgs.postfix}/bin/sendmail -oi -f $sender $recipient"; }; }; };