The Blue Update #1
|
|
@ -1,4 +1,4 @@
|
||||||
{ mailserver, config, ... }:
|
{ config, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware
|
./hardware
|
||||||
|
|
@ -14,13 +14,11 @@
|
||||||
../../../modules/system/programs/git
|
../../../modules/system/programs/git
|
||||||
../../../modules/system/programs/security
|
../../../modules/system/programs/security
|
||||||
../../../modules/system/services/common
|
../../../modules/system/services/common
|
||||||
|
../../../modules/system/services/server/mailserver/simplenix
|
||||||
|
|
||||||
# Misc
|
# Misc
|
||||||
../../../overlays
|
../../../overlays
|
||||||
../../../variables
|
../../../variables
|
||||||
|
|
||||||
# Imports
|
|
||||||
mailserver.nixosModule
|
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "bomberman";
|
networking.hostName = "bomberman";
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,7 @@
|
||||||
../../../modules/system/programs/security
|
../../../modules/system/programs/security
|
||||||
../../../modules/system/services/common
|
../../../modules/system/services/common
|
||||||
../../../modules/system/services/server
|
../../../modules/system/services/server
|
||||||
|
../../../modules/system/services/server/mailserver/roundcube
|
||||||
|
|
||||||
# Misc
|
# Misc
|
||||||
../../../overlays
|
../../../overlays
|
||||||
|
|
|
||||||
|
|
@ -1,49 +1,7 @@
|
||||||
{ pkgs, config, ... }:
|
{ ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./nginx
|
./simplenix
|
||||||
./roundcube
|
./roundcube
|
||||||
];
|
];
|
||||||
|
|
||||||
mailserver = rec {
|
|
||||||
enable = true;
|
|
||||||
openFirewall = false;
|
|
||||||
domains = [ "${config.secrets.jimDomain}" ];
|
|
||||||
fqdn = "mx.${config.secrets.jimDomain}";
|
|
||||||
certificateScheme = "acme-nginx";
|
|
||||||
localDnsResolver = false;
|
|
||||||
redis.port = 1515;
|
|
||||||
|
|
||||||
# Dmarc info
|
|
||||||
dmarcReporting = {
|
|
||||||
enable = true;
|
|
||||||
domain = "${config.secrets.jimDomain}";
|
|
||||||
localpart = "noreply";
|
|
||||||
organizationName = "Jimbo's Files";
|
|
||||||
};
|
|
||||||
|
|
||||||
# A list of accounts, passwords generated with nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
|
|
||||||
loginAccounts = {
|
|
||||||
"noreply@${config.secrets.jimDomain}" = {
|
|
||||||
hashedPasswordFile = pkgs.writeText "noreply" config.secrets.noreplyMailHash;
|
|
||||||
sendOnly = true;
|
|
||||||
};
|
|
||||||
"jimbo@${config.secrets.jimDomain}" = {
|
|
||||||
hashedPasswordFile = pkgs.writeText "jimbo" config.secrets.jimboMailHash;
|
|
||||||
aliases = [ "james@${config.secrets.jimDomain}" "contact@${config.secrets.jimDomain}" ];
|
|
||||||
};
|
|
||||||
"lunamoonlight@${config.secrets.jimDomain}" = {
|
|
||||||
hashedPasswordFile = pkgs.writeText "luna" config.secrets.lunaMailHash;
|
|
||||||
};
|
|
||||||
"freecorn1854@${config.secrets.jimDomain}" = {
|
|
||||||
hashedPasswordFile = pkgs.writeText "freecorn" config.secrets.freecornMailHash;
|
|
||||||
};
|
|
||||||
"tinyattack09@${config.secrets.jimDomain}" = {
|
|
||||||
hashedPasswordFile = pkgs.writeText "tiny" config.secrets.tinyMailHash;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Assign the correct port
|
|
||||||
services.redis.servers.rspamd.port = 1515;
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,49 @@
|
||||||
|
{ mailserver, pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./nginx
|
||||||
|
mailserver.nixosModule
|
||||||
|
];
|
||||||
|
|
||||||
|
mailserver = rec {
|
||||||
|
enable = true;
|
||||||
|
openFirewall = false;
|
||||||
|
domains = [ "${config.secrets.jimDomain}" ];
|
||||||
|
fqdn = "mx.${config.secrets.jimDomain}";
|
||||||
|
certificateScheme = "acme-nginx";
|
||||||
|
localDnsResolver = false;
|
||||||
|
redis.port = 1515;
|
||||||
|
|
||||||
|
# Dmarc info
|
||||||
|
dmarcReporting = {
|
||||||
|
enable = true;
|
||||||
|
domain = "${config.secrets.jimDomain}";
|
||||||
|
localpart = "noreply";
|
||||||
|
organizationName = "Jimbo's Files";
|
||||||
|
};
|
||||||
|
|
||||||
|
# A list of accounts, passwords generated with nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
|
||||||
|
loginAccounts = {
|
||||||
|
"noreply@${config.secrets.jimDomain}" = {
|
||||||
|
hashedPasswordFile = pkgs.writeText "noreply" config.secrets.noreplyMailHash;
|
||||||
|
sendOnly = true;
|
||||||
|
};
|
||||||
|
"jimbo@${config.secrets.jimDomain}" = {
|
||||||
|
hashedPasswordFile = pkgs.writeText "jimbo" config.secrets.jimboMailHash;
|
||||||
|
aliases = [ "james@${config.secrets.jimDomain}" "contact@${config.secrets.jimDomain}" ];
|
||||||
|
};
|
||||||
|
"lunamoonlight@${config.secrets.jimDomain}" = {
|
||||||
|
hashedPasswordFile = pkgs.writeText "luna" config.secrets.lunaMailHash;
|
||||||
|
};
|
||||||
|
"freecorn1854@${config.secrets.jimDomain}" = {
|
||||||
|
hashedPasswordFile = pkgs.writeText "freecorn" config.secrets.freecornMailHash;
|
||||||
|
};
|
||||||
|
"tinyattack09@${config.secrets.jimDomain}" = {
|
||||||
|
hashedPasswordFile = pkgs.writeText "tiny" config.secrets.tinyMailHash;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Assign the correct port
|
||||||
|
services.redis.servers.rspamd.port = 1515;
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue