diff options
| author | Soispha <soispha@vhack.eu> | 2023-05-20 12:30:21 +0200 |
|---|---|---|
| committer | Soispha <soispha@vhack.eu> | 2023-05-20 12:30:21 +0200 |
| commit | bb4af299f04604b68e39a907380ed22ef5bd0986 (patch) | |
| tree | 64f9772a5213866773b566c4c3fa77dc3c380a40 /system | |
| parent | Build(git-crypt): Add (diff) | |
| download | nixos-server-bb4af299f04604b68e39a907380ed22ef5bd0986.tar.gz nixos-server-bb4af299f04604b68e39a907380ed22ef5bd0986.zip | |
Refactor(system/mail): Hide user emails
Diffstat (limited to 'system')
| -rw-r--r-- | system/mail/default.nix | 66 | ||||
| -rw-r--r-- | system/mail/users.nix | bin | 0 -> 486 bytes |
2 files changed, 28 insertions, 38 deletions
diff --git a/system/mail/default.nix b/system/mail/default.nix index b1da088..1aa2073 100644 --- a/system/mail/default.nix +++ b/system/mail/default.nix @@ -1,50 +1,40 @@ # vim: ts=2 -{...}: let +{lib, ...}: let all_admins = [ "sils@vhack.eu" "soispha@vhack.eu" "nightingale@vhack.eu" ]; -in { - enable = true; - fqdn = "server1.vhack.eu"; - domains = ["vhack.eu"]; + users = import ./users.nix {}; +in + lib.recursiveUpdate { + enable = true; + fqdn = "server1.vhack.eu"; - useFsLayout = true; + useFsLayout = true; - loginAccounts = { - "sils@vhack.eu" = { - hashedPassword = "$2b$05$RW/Svgk7iGxvP5W7ZwUZ1e.a3fj4fteevb2MtfFYYD0d1DQ17y9Fm"; + extraVirtualAliases = { + "abuse@vhack.eu" = all_admins; + "postmaster@vhack.eu" = all_admins; + "admin@vhack.eu" = all_admins; }; - "soispha@vhack.eu" = { - hashedPassword = "$2b$05$XX36sJuHNbTFvi8DFldscOeQBHahluSkiUqD9QGzQaET7NJusSuQW"; - }; - "nightingale@vhack.eu" = { - hashedPassword = "$2b$05$THIS_PASSWORD_HASH_IS_NOT_REAL,_PLEASE_CHANGE_IT_..._"; # TODO change - }; - }; - - extraVirtualAliases = { - "abuse@vhack.eu" = all_admins; - "postmaster@vhack.eu" = all_admins; - "admin@vhack.eu" = all_admins; - }; - mailDirectory = "/srv/mail/vmail"; - dkimKeyDirectory = "/srv/mail/dkim"; - sieveDirectory = "/srv/mail/sieve"; - backup.snapshotRoot = "/srv/mail/backup"; + mailDirectory = "/srv/mail/vmail"; + dkimKeyDirectory = "/srv/mail/dkim"; + sieveDirectory = "/srv/mail/sieve"; + backup.snapshotRoot = "/srv/mail/backup"; - enableImap = false; - enableImapSsl = true; - enablePop3 = false; - enablePop3Ssl = true; - # SMTP - enableSubmission = false; - enableSubmissionSsl = true; - openFirewall = true; + enableImap = false; + enableImapSsl = true; + enablePop3 = false; + enablePop3Ssl = true; + # SMTP + enableSubmission = false; + enableSubmissionSsl = true; + openFirewall = true; - keyFile = "/var/lib/acme/server1.vhack.eu/key.pem"; - certificateScheme = 1; - certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem"; -} + keyFile = "/var/lib/acme/server1.vhack.eu/key.pem"; + certificateScheme = 1; + certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem"; + } + users diff --git a/system/mail/users.nix b/system/mail/users.nix new file mode 100644 index 0000000..f3264a1 --- /dev/null +++ b/system/mail/users.nix Binary files differ |