diff options
Diffstat (limited to '')
| -rw-r--r-- | flake.lock | 37 | ||||
| -rw-r--r-- | flake.nix | 4 | ||||
| -rw-r--r-- | system/default.nix | 1 | ||||
| -rw-r--r-- | system/mail/default.nix | 40 | ||||
| -rw-r--r-- | system/mail/users.nix | bin | 486 -> 0 bytes | |||
| -rw-r--r-- | system/services/default.nix | 1 | ||||
| -rw-r--r-- | system/services/mail/default.nix | 43 | ||||
| -rw-r--r-- | system/services/mail/users.nix | 16 |
8 files changed, 61 insertions, 81 deletions
diff --git a/flake.lock b/flake.lock index 2a58f6f..0aab10b 100644 --- a/flake.lock +++ b/flake.lock @@ -16,26 +16,6 @@ "type": "gitlab" } }, - "disko": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1687968164, - "narHash": "sha256-L9jr2zCB6NIaBE3towusjGBigsnE2pMID8wBGkYbTS4=", - "owner": "nix-community", - "repo": "disko", - "rev": "8002e7cb899bc2a02a2ebfb7f999fcd7c18b92a1", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -72,21 +52,6 @@ "type": "github" } }, - "impermanence": { - "locked": { - "lastModified": 1684264534, - "narHash": "sha256-K0zr+ry3FwIo3rN2U/VWAkCJSgBslBisvfRIPwMbuCQ=", - "owner": "nix-community", - "repo": "impermanence", - "rev": "89253fb1518063556edd5e54509c30ac3089d5e6", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "impermanence", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1688287271, @@ -135,9 +100,7 @@ }, "root": { "inputs": { - "disko": "disko", "flake-utils": "flake-utils", - "impermanence": "impermanence", "nixpkgs": "nixpkgs", "simple-nixos-mailserver": "simple-nixos-mailserver", "systems": "systems" diff --git a/flake.nix b/flake.nix index 3af5b41..eff0f44 100644 --- a/flake.nix +++ b/flake.nix @@ -33,9 +33,6 @@ modules = [ ./hosts/server1/configuration.nix simple-nixos-mailserver.nixosModule - { - mailserver = import ./system/mail {inherit (pkgs) lib;}; - } ]; }; devShells."${system}" = { @@ -54,3 +51,4 @@ }; } # vim: ts=2 + diff --git a/system/default.nix b/system/default.nix index 4992d65..4b52b79 100644 --- a/system/default.nix +++ b/system/default.nix @@ -1,7 +1,6 @@ {...}: { imports = [ ./file_system_layouts - ./mail ./packages ./services ./users diff --git a/system/mail/default.nix b/system/mail/default.nix deleted file mode 100644 index 1086f6e..0000000 --- a/system/mail/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -# vim: ts=2 -{lib, ...}: let - all_admins = [ - "sils@vhack.eu" - "soispha@vhack.eu" - "nightingale@vhack.eu" - ]; - users = import ./users.nix {}; -in - lib.recursiveUpdate { - enable = true; - fqdn = "server1.vhack.eu"; - - useFsLayout = true; - - extraVirtualAliases = { - "abuse@vhack.eu" = all_admins; - "postmaster@vhack.eu" = all_admins; - "admin@vhack.eu" = all_admins; - }; - - mailDirectory = "/srv/mail/vmail"; - dkimKeyDirectory = "/srv/mail/dkim"; - sieveDirectory = "/srv/mail/sieve"; - backup.snapshotRoot = "/srv/mail/backup"; - - enableImap = false; - enableImapSsl = true; - enablePop3 = false; - enablePop3Ssl = true; - # SMTP - enableSubmission = false; - enableSubmissionSsl = true; - openFirewall = true; - - keyFile = "/var/lib/acme/server1.vhack.eu/key.pem"; - certificateScheme = "acme"; - certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem"; - } - users diff --git a/system/mail/users.nix b/system/mail/users.nix deleted file mode 100644 index f3264a1..0000000 --- a/system/mail/users.nix +++ /dev/null Binary files differdiff --git a/system/services/default.nix b/system/services/default.nix index bbd3957..3633dbe 100644 --- a/system/services/default.nix +++ b/system/services/default.nix @@ -2,6 +2,7 @@ imports = [ ./fail2ban ./keycloak + ./mail ./minecraft ./nginx ./nix diff --git a/system/services/mail/default.nix b/system/services/mail/default.nix new file mode 100644 index 0000000..5bfdb8c --- /dev/null +++ b/system/services/mail/default.nix @@ -0,0 +1,43 @@ +{lib, ...}: let + all_admins = [ + "sils@vhack.eu" + "soispha@vhack.eu" + "nightingale@vhack.eu" + ]; + users = import ./users.nix {}; +in { + mailserver = + lib.recursiveUpdate { + enable = true; + fqdn = "server1.vhack.eu"; + + useFsLayout = true; + + extraVirtualAliases = { + "abuse@vhack.eu" = all_admins; + "postmaster@vhack.eu" = all_admins; + "admin@vhack.eu" = all_admins; + }; + + mailDirectory = "/srv/mail/vmail"; + dkimKeyDirectory = "/srv/mail/dkim"; + sieveDirectory = "/srv/mail/sieve"; + backup.snapshotRoot = "/srv/mail/backup"; + + enableImap = false; + enableImapSsl = true; + enablePop3 = false; + enablePop3Ssl = true; + # SMTP + enableSubmission = false; + enableSubmissionSsl = true; + openFirewall = true; + + keyFile = "/var/lib/acme/server1.vhack.eu/key.pem"; + certificateScheme = "acme"; + certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem"; + } + users; +} +# vim: ts=2 + diff --git a/system/services/mail/users.nix b/system/services/mail/users.nix new file mode 100644 index 0000000..47b80fb --- /dev/null +++ b/system/services/mail/users.nix @@ -0,0 +1,16 @@ +{...}: { + # vhack.eu {{{ + domains = ["vhack.eu"]; + loginAccounts = { + "sils@vhack.eu" = { + hashedPassword = "$2b$05$RW/Svgk7iGxvP5W7ZwUZ1e.a3fj4fteevb2MtfFYYD0d1DQ17y9Fm"; + }; + "soispha@vhack.eu" = { + hashedPassword = "$2b$05$XX36sJuHNbTFvi8DFldscOeQBHahluSkiUqD9QGzQaET7NJusSuQW"; + }; + "nightingale@vhack.eu" = { + hashedPassword = "$2b$05$THIS_PASSWORD_HASH_IS_NOT_REAL,_PLEASE_CHANGE_IT_..._"; # TODO change + }; + }; + #}}} +} |