added docs

2022-09-25 23:49:26 +02:00 · 2022-09-25 23:49:26 +02:00 · bab72ead7a
commit bab72ead7a
parent f43695ce0c
15 changed files with 120 additions and 630 deletions
--- a/nixos/hosts/README.md
+++ b/nixos/hosts/README.md
@ -0,0 +1,2 @@
+# NixOS Hosts
+Each folder here is a seperate geographical location, with `thalassa` being for roaming devices like laptops
--- a/nixos/hosts/olympus/mailserver/configuration.nix
+++ b/nixos/hosts/olympus/mailserver/configuration.nix
@ -32,18 +32,29 @@ let vs = config.vault-secrets.secrets; in
  mailserver = {
    enable = true;
    fqdn = "mail.0x76.dev";
-    domains = [ "0x76.dev" ];
+    domains = [ "0x76.dev" "meowy.tech" ];
    certificateScheme = 3;

    loginAccounts = {
      "v@0x76.dev" = {
        hashedPasswordFile = "${vs.mailserver}/v@0x76.dev";
+        aliases = [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ];
      };
      "keycloak@0x76.dev" = {
        hashedPasswordFile = "${vs.mailserver}/keycloak@0x76.dev";
+        sendOnly = true;
      };
      "gitea@0x76.dev" = {
        hashedPasswordFile = "${vs.mailserver}/gitea@0x76.dev";
+        sendOnly = true;
+      };
+      "matrix@meowy.tech" = {
+        hashedPasswordFile = "${vs.mailserver}/matrix@meowy.tech";
+        sendOnly = true;
+      };
+      "outline@0x76.dev" = {
+        hashedPasswordFile = "${vs.mailserver}/outline@0x76.dev";
+        sendOnly = true;
      };
    };

@ -68,8 +79,8 @@ let vs = config.vault-secrets.secrets; in
    package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
    plugins = [
      "archive"
-      "enigma"
-      "markasjunk"
+      # "enigma"
+      # "markasjunk"
      "persistent_login"
    ];
    # this is the url of the vhost, not necessarily the same as the fqdn of
--- a/nixos/hosts/olympus/outline/configuration.nix
+++ b/nixos/hosts/olympus/outline/configuration.nix
@ -51,5 +51,14 @@ let vs = config.vault-secrets.secrets; in
      authUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/auth";
      clientSecretFile = "${vs.outline}/keycloakClientSecret";
    };
+    smtp = rec {
+      username = "outline@0x76.dev";
+      fromEmail = username;
+      replyEmail = username;
+      secure = true;
+      port = 465;
+      host = "mail.0x76.dev";
+      passwordFile = "${vs.outline}/mailPassword";
+    };
  };
 }
--- a/nixos/hosts/olympus/synapse/configuration.nix
+++ b/nixos/hosts/olympus/synapse/configuration.nix
@ -41,58 +41,56 @@ in
    '';
  };

-  services.matrix-synapse =
-    let
-      extraConfig = builtins.toFile "extraConfig.yaml" ''
-        registration_requires_token: true
-      '';
-    in
-    {
-      enable = true;
-      withJemalloc = true;
+  services.matrix-synapse = {
+    enable = true;
+    withJemalloc = true;

-      extraConfigFiles = [
-        "${vs.synapse}/macaroon_secret_key"
-        "${vs.synapse}/registration_shared_secret"
-        "${vs.synapse}/form_secret"
-        "${vs.synapse}/turn_shared_secret"
-        extraConfig
-      ];
+    extraConfigFiles = [
+      "${vs.synapse}/macaroon_secret_key"
+      "${vs.synapse}/registration_shared_secret"
+      "${vs.synapse}/form_secret"
+      "${vs.synapse}/turn_shared_secret"
+      "${vs.synapse}/email_password" # Also contains the rest of the email config
+    ];

-      settings =
-        {
-          server_name = "meowy.tech";
-          enable_registration = true;
-          public_baseurl = "https://chat.meowy.tech";
-          enable_metrics = true;
-          # max_upload_size = "100m";
-          listeners = [
-            {
-              inherit port;
-              bind_addresses = [ "0.0.0.0" ];
-              type = "http";
-              tls = false;
-              x_forwarded = true;
-              resources = [
-                {
-                  names = [ "client" "federation" ];
-                  compress = true;
-                }
-              ];
-            }
-            {
-              port = metricsPort;
-              bind_addresses = [ "0.0.0.0" ];
-              type = "metrics";
-              tls = false;
-              resources = [
-                {
-                  names = [ "metrics" ];
-                  compress = false;
-                }
-              ];
-            }
-          ];
+    settings =
+      {
+        server_name = "meowy.tech";
+        enable_registration = true;
+        public_baseurl = "https://chat.meowy.tech";
+        enable_metrics = true;
+        max_upload_size = "100M";
+        registration_requires_token = true;
+        media_retention = {
+          remote_media_lifetime = "90d";
        };
-    };
+        listeners = [
+          {
+            inherit port;
+            bind_addresses = [ "0.0.0.0" ];
+            type = "http";
+            tls = false;
+            x_forwarded = true;
+            resources = [
+              {
+                names = [ "client" "federation" ];
+                compress = true;
+              }
+            ];
+          }
+          {
+            port = metricsPort;
+            bind_addresses = [ "0.0.0.0" ];
+            type = "metrics";
+            tls = false;
+            resources = [
+              {
+                names = [ "metrics" ];
+                compress = false;
+              }
+            ];
+          }
+        ];
+      };
+  };
 }
--- a/nixos/hosts/thalassa/null/README.md
+++ b/nixos/hosts/thalassa/null/README.md
@ -1,2 +1,10 @@
 # null
-This folder contains the NixOS configuration for my laptop, with hostname `null`.
+This folder contains the NixOS configuration for my laptop, with hostname `null`.
+
+## Information
+* OS: NixOS
+* WM: hyprland
+* Terminal: foot
+* Shell: zsh
+* Theme: Captuccin Pink Dark
+* Launcher: wofi