rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-04-25 16:08:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

parsedmarc: init

Browse source
This commit is contained in:
Rouven Seifert 2024-05-31 23:01:59 +02:00
parent d9a60f39a6
commit 5089f62112
5 changed files with 40 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/falkenstein/modules/monitoring/default.nix
View file

@ -3,6 +3,9 @@
age.secrets."maxmind" = {
file = ../../../../secrets/shared/maxmind.age;
};
imports = [
./dmarc.nix
];
users.users."promtail".extraGroups = [ "caddy" "systemd-journal" ];
services.prometheus = {
exporters = {

33
hosts/falkenstein/modules/monitoring/dmarc.nix
View file

@ -1,10 +1,35 @@
{ ... }:
{ config, ... }:
{
age.secrets.dmarc = {
file = ../../../../secrets/falkenstein/dmarc.age;
};
users.users.dmarc = {
description = "DMARC Report recipient";
isNormalUser = true;
};
# services.parsedmarc = {
# enable = true;
# };
networking.firewall.allowedTCPPorts = [ config.services.elasticsearch.tcp_port ];
services.parsedmarc = {
enable = true;
provision = {
grafana = {
dashboard = false;
datasource = false;
};
localMail.enable = false;
elasticsearch = false;
geoIp = false;
};
settings = {
imap = {
user = "dmarc@rfive.de";
port = 993;
host = "mail.rfive.de";
password = {
_secret = config.age.secrets.dmarc.path;
};
};
opensearch.hosts = "localhost:9200";
};
};
services.opensearch.enable = true;
}