v/infrastructure
1
0
Fork 0
Code Issues 13 Pull requests 1 Projects Releases Packages Activity Actions

gay

Browse source
This commit is contained in:
Vivian 2024-12-21 12:49:44 +01:00
parent 902bbb659e
commit e9fbd21380
2 changed files with 51 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
nixos/hosts/olympus/mailserver/configuration.nix
View file

@ -3,8 +3,10 @@
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }: { config, pkgs, ... }:
let vs = config.vault-secrets.secrets; let
in { vs = config.vault-secrets.secrets;
in
{
imports = [ ]; imports = [ ];
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
@ -15,19 +17,31 @@ in {
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment? system.stateVersion = "22.11"; # Did you read the comment?
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [
80
443
];
# needed as the mailserver configures its down DNS resolver # needed as the mailserver configures its down DNS resolver
networking.extraHosts = '' networking.extraHosts = ''
10.42.42.6 vault.olympus 10.42.42.6 vault.olympus
''; '';
vault-secrets.secrets.mailserver = { services = [ "dovecot2" "postfix" ]; }; vault-secrets.secrets.mailserver = {
services = [
"dovecot2"
"postfix"
];
};
mailserver = { mailserver = {
enable = true; enable = true;
fqdn = "mail.0x76.dev"; fqdn = "mail.0x76.dev";
domains = [ "0x76.dev" "meowy.tech" "xirion.net" ]; domains = [
"0x76.dev"
"meowy.tech"
"xirion.net"
];
certificateScheme = "acme-nginx"; certificateScheme = "acme-nginx";
enableManageSieve = true; enableManageSieve = true;
@ -44,7 +58,10 @@ in {
# People # People
"v@0x76.dev" = { "v@0x76.dev" = {
hashedPasswordFile = "${vs.mailserver}/v@0x76.dev"; hashedPasswordFile = "${vs.mailserver}/v@0x76.dev";
catchAll = [ "xirion.net" "0x76.dev" ]; catchAll = [
"xirion.net"
"0x76.dev"
];
aliases = [ aliases = [
"postmaster@0x76.dev" "postmaster@0x76.dev"
"abuse@0x76.dev" "abuse@0x76.dev"
@ -102,15 +119,28 @@ in {
autoIndexExclude = [ "\\Junk" ]; autoIndexExclude = [ "\\Junk" ];
}; };
}; };
services = {
postfix.relayHost = "smtp.ziggozakelijk.nl"; services = {
postfix.relayPort = 587; postfix = {
relayHost = "smtp.ziggozakelijk.nl";
relayPort = 587;
};
rspamd = {
overrides."whitelist.conf".text = ''
whitelist_from {
fckn.gay = true;
}
'';
};
roundcube = { roundcube = {
enable = true; enable = true;
package = pkgs.roundcube.withPlugins package = pkgs.roundcube.withPlugins (plugins: [
(plugins: [ plugins.persistent_login pkgs.v.roundcube-swipe ]); plugins.persistent_login
pkgs.v.roundcube-swipe
]);
plugins = [ plugins = [
"archive" "archive"
"managesieve" "managesieve"
@ -144,7 +174,9 @@ in {
''; '';
}; };
nginx = { enable = true; }; nginx = {
enable = true;
};
}; };
security.acme.acceptTerms = true; security.acme.acceptTerms = true;

11
nixos/hosts/olympus/nginx/configuration.nix
View file

@ -82,11 +82,13 @@ in
forceSSL = true; forceSSL = true;
root = "${website}"; root = "${website}";
};
# locations."/".extraConfig = '' "vivian.is.fckn.gay" = {
# add_header Content-Type 'text/html; charset=UTF-8'; enableACME = true;
# return 200 '<h1>Under Construction</h1>'; forceSSL = true;
# '';
root = "${website}";
}; };
"immich.0x76.dev" = { "immich.0x76.dev" = {
@ -186,6 +188,7 @@ in
# homeserverList = [ "chat.meowy.tech" ]; # homeserverList = [ "chat.meowy.tech" ];
# }; # };
# }; # };
# }; # };
"admin.chat.meowy.tech" = { "admin.chat.meowy.tech" = {
enableACME = true; enableACME = true;