diff options
Diffstat (limited to 'system')
| -rw-r--r-- | system/default.nix | 1 | ||||
| -rw-r--r-- | system/mail/default.nix | 40 | ||||
| -rw-r--r-- | system/mail/users.nix | bin | 486 -> 0 bytes | |||
| -rw-r--r-- | system/services/default.nix | 1 | ||||
| -rw-r--r-- | system/services/mail/default.nix | 43 | ||||
| -rw-r--r-- | system/services/mail/users.nix | 16 |
6 files changed, 60 insertions, 41 deletions
diff --git a/system/default.nix b/system/default.nix index 4992d65..4b52b79 100644 --- a/system/default.nix +++ b/system/default.nix @@ -1,7 +1,6 @@ {...}: { imports = [ ./file_system_layouts - ./mail ./packages ./services ./users diff --git a/system/mail/default.nix b/system/mail/default.nix deleted file mode 100644 index 1086f6e..0000000 --- a/system/mail/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -# vim: ts=2 -{lib, ...}: let - all_admins = [ - "sils@vhack.eu" - "soispha@vhack.eu" - "nightingale@vhack.eu" - ]; - users = import ./users.nix {}; -in - lib.recursiveUpdate { - enable = true; - fqdn = "server1.vhack.eu"; - - useFsLayout = true; - - extraVirtualAliases = { - "abuse@vhack.eu" = all_admins; - "postmaster@vhack.eu" = all_admins; - "admin@vhack.eu" = all_admins; - }; - - mailDirectory = "/srv/mail/vmail"; - dkimKeyDirectory = "/srv/mail/dkim"; - sieveDirectory = "/srv/mail/sieve"; - backup.snapshotRoot = "/srv/mail/backup"; - - enableImap = false; - enableImapSsl = true; - enablePop3 = false; - enablePop3Ssl = true; - # SMTP - enableSubmission = false; - enableSubmissionSsl = true; - openFirewall = true; - - keyFile = "/var/lib/acme/server1.vhack.eu/key.pem"; - certificateScheme = "acme"; - certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem"; - } - users diff --git a/system/mail/users.nix b/system/mail/users.nix deleted file mode 100644 index f3264a1..0000000 --- a/system/mail/users.nix +++ /dev/null Binary files differdiff --git a/system/services/default.nix b/system/services/default.nix index bbd3957..3633dbe 100644 --- a/system/services/default.nix +++ b/system/services/default.nix @@ -2,6 +2,7 @@ imports = [ ./fail2ban ./keycloak + ./mail ./minecraft ./nginx ./nix diff --git a/system/services/mail/default.nix b/system/services/mail/default.nix new file mode 100644 index 0000000..5bfdb8c --- /dev/null +++ b/system/services/mail/default.nix @@ -0,0 +1,43 @@ +{lib, ...}: let + all_admins = [ + "sils@vhack.eu" + "soispha@vhack.eu" + "nightingale@vhack.eu" + ]; + users = import ./users.nix {}; +in { + mailserver = + lib.recursiveUpdate { + enable = true; + fqdn = "server1.vhack.eu"; + + useFsLayout = true; + + extraVirtualAliases = { + "abuse@vhack.eu" = all_admins; + "postmaster@vhack.eu" = all_admins; + "admin@vhack.eu" = all_admins; + }; + + mailDirectory = "/srv/mail/vmail"; + dkimKeyDirectory = "/srv/mail/dkim"; + sieveDirectory = "/srv/mail/sieve"; + backup.snapshotRoot = "/srv/mail/backup"; + + enableImap = false; + enableImapSsl = true; + enablePop3 = false; + enablePop3Ssl = true; + # SMTP + enableSubmission = false; + enableSubmissionSsl = true; + openFirewall = true; + + keyFile = "/var/lib/acme/server1.vhack.eu/key.pem"; + certificateScheme = "acme"; + certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem"; + } + users; +} +# vim: ts=2 + diff --git a/system/services/mail/users.nix b/system/services/mail/users.nix new file mode 100644 index 0000000..47b80fb --- /dev/null +++ b/system/services/mail/users.nix @@ -0,0 +1,16 @@ +{...}: { + # vhack.eu {{{ + domains = ["vhack.eu"]; + loginAccounts = { + "sils@vhack.eu" = { + hashedPassword = "$2b$05$RW/Svgk7iGxvP5W7ZwUZ1e.a3fj4fteevb2MtfFYYD0d1DQ17y9Fm"; + }; + "soispha@vhack.eu" = { + hashedPassword = "$2b$05$XX36sJuHNbTFvi8DFldscOeQBHahluSkiUqD9QGzQaET7NJusSuQW"; + }; + "nightingale@vhack.eu" = { + hashedPassword = "$2b$05$THIS_PASSWORD_HASH_IS_NOT_REAL,_PLEASE_CHANGE_IT_..._"; # TODO change + }; + }; + #}}} +} |