summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2022-11-01 11:09:48 +0100
committertv <tv@krebsco.de>2022-11-01 11:09:48 +0100
commita5c08e96997d5fbbee41341b54c8b89ea48d423c (patch)
tree192b6acc05bbd6e05bb2ffb066980fab6141a603
parente5bb7bf7d1f02e0c141ca213c8967bdee8f7736f (diff)
security-workarounds: let exim run with gnutls
-rw-r--r--krebs/2configs/security-workarounds.nix16
1 files changed, 16 insertions, 0 deletions
diff --git a/krebs/2configs/security-workarounds.nix b/krebs/2configs/security-workarounds.nix
index c0d5bec9a..76ef71f7b 100644
--- a/krebs/2configs/security-workarounds.nix
+++ b/krebs/2configs/security-workarounds.nix
@@ -1,4 +1,20 @@
{ config, lib, pkgs, ... }:
{
+ nixpkgs.overlays = [
+ (self: super: {
+ exim =
+ super.exim.overrideAttrs (old: {
+ buildInputs = old.buildInputs ++ [ self.gnutls ];
+ preBuild = /* sh */ ''
+ ${old.preBuild}
+ sed -Ei '
+ s:^USE_OPENSSL=.*:# &:
+ s:^# (USE_GNUTLS)=.*:\1=yes:
+ s:^# (USE_GNUTLS_PC=.*):\1:
+ ' Local/Makefile
+ '';
+ });
+ })
+ ];
services.nginx.package = lib.mkDefault (pkgs.nginxStable.override { openssl = pkgs.libressl; });
}