Add pushing to hrz allowlist

nixos/modules/mailman.nix

@@ -2,6 +2,7 @@
 {
   config,
   lib,
+  pkgs,
   ...
 }: let
   inherit
@@ -79,15 +80,16 @@ in {
       description = "Post the mail addresses used by mailman to the HRZ allow list";
       script = ''
         # Parse addresses
-        awk '{print $1}' /var/lib/mailman/data/postfix_lmtp | grep -v '#' | grep "\S" > addresses
+        cut -d '@' -f 1 /var/lib/mailman/data/postfix_lmtp | grep -v '#' | grep "\S" > /tmp/addresses
         # Post addresses to HRZ
-        curl https://www-cgi.hrz.tu-darmstadt.de/mail/whitelist-update.php -F emaildomain=lists.mathebau.de -F password=$(cat /run/secrets/allowlistPass) -F emailliste=@addresses -F meldungen=voll
+        ${pkgs.curl}/bin/curl https://www-cgi.hrz.tu-darmstadt.de/mail/whitelist-update.php -F emaildomain=lists.mathebau.de -F password=$(cat /run/secrets/allowlistPass) -F emailliste=@/tmp/addresses -F meldungen=voll
         # Cleanup
-        rm addresses
+        rm /tmp/addresses
       '';
       serviceConfig = {
         Type = "oneshot";
         User = "mailman";
+        PrivateTmp = true;
       };
     };
     sops.secrets.allowlistPass = {