mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2024-11-15 05:13:10 +01:00
mailserver fixes
This commit is contained in:
parent
6972c8d5dd
commit
d337c62451
GPG key ID:
B95E8FE6B11C4D09
|
|
@ -5,6 +5,7 @@
|
||||||
[
|
[
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
./modules/mail
|
||||||
./modules/networks
|
./modules/networks
|
||||||
./modules/nginx
|
./modules/nginx
|
||||||
./modules/purge
|
./modules/purge
|
||||||
|
|
@ -38,10 +39,6 @@
|
||||||
htop-vim
|
htop-vim
|
||||||
helix
|
helix
|
||||||
];
|
];
|
||||||
users.users.rouven = {
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [ "wheel" ];
|
|
||||||
};
|
|
||||||
programs.git = {
|
programs.git = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
config = {
|
||||||
|
|
@ -52,7 +49,10 @@
|
||||||
services.qemuGuest.enable = true;
|
services.qemuGuest.enable = true;
|
||||||
|
|
||||||
# Enable the OpenSSH daemon.
|
# Enable the OpenSSH daemon.
|
||||||
services.openssh.enable = true;
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
passwordAuthentication = false;
|
||||||
|
};
|
||||||
users.users.root.openssh.authorizedKeys.keyFiles = [
|
users.users.root.openssh.authorizedKeys.keyFiles = [
|
||||||
#../../keys/ssh/rouven-thinkpad
|
#../../keys/ssh/rouven-thinkpad
|
||||||
../../keys/ssh/rouven-pixel
|
../../keys/ssh/rouven-pixel
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,17 @@
|
||||||
{ ... }:
|
{ ... }:
|
||||||
{
|
{
|
||||||
mailserver = {
|
sops.secrets."mail/rouven".owner = config.users.users.postfix.name;
|
||||||
|
mailserver = rec {
|
||||||
enable = true;
|
enable = true;
|
||||||
fqdn = "mail.rfive.de";
|
fqdn = "mail.rfive.de";
|
||||||
domains = [ "rfive.de" ];
|
domains = [ "rfive.de" ];
|
||||||
|
loginAccounts = {
|
||||||
|
"rouven@rfive.de" = {
|
||||||
|
name = "Rouven Seifert";
|
||||||
|
hashedPasswordFile = config.sops.secrets."mail/rouven".path;
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
certificateScheme = 3;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,11 @@
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
recommendedOptimisation = true;
|
recommendedOptimisation = true;
|
||||||
|
|
||||||
|
virtualHosts."rfive.de" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
security.acme = {
|
security.acme = {
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,7 @@
|
||||||
purge:
|
purge:
|
||||||
environment: ENC[AES256_GCM,data:+QIP6MzKi0a6PJxNuQHOYBNW6rWEcoij1KCKwManSBUxEH3ftG5mZYMtd+OIdL5FPa29qxeHPbSU18MhAcAt9KNykKwjfEa1NqFloYrCF7VDUb7TbD//1TeW8/ni4LdcgimRHEGQhlDiymgZB/5kR1wdse4+9uafoLOZJb05cyN9OFWwEOM/LQHaJq0RLcmEIx7OEs0/jXU2boNcAX1tMpfxoiIj5U0P94K6pj5odeo8SYGB0yflYM0O0hSqGkdSG4GihfvTzg2i8w==,iv:VuzQcs6eQukZJ8dCSuL/1LYr6ir18nJVKcALx0Uzcss=,tag:cBPliz+7je0AhJwffSgHVg==,type:str]
|
environment: ENC[AES256_GCM,data:+QIP6MzKi0a6PJxNuQHOYBNW6rWEcoij1KCKwManSBUxEH3ftG5mZYMtd+OIdL5FPa29qxeHPbSU18MhAcAt9KNykKwjfEa1NqFloYrCF7VDUb7TbD//1TeW8/ni4LdcgimRHEGQhlDiymgZB/5kR1wdse4+9uafoLOZJb05cyN9OFWwEOM/LQHaJq0RLcmEIx7OEs0/jXU2boNcAX1tMpfxoiIj5U0P94K6pj5odeo8SYGB0yflYM0O0hSqGkdSG4GihfvTzg2i8w==,iv:VuzQcs6eQukZJ8dCSuL/1LYr6ir18nJVKcALx0Uzcss=,tag:cBPliz+7je0AhJwffSgHVg==,type:str]
|
||||||
|
mail:
|
||||||
|
rouven: ENC[AES256_GCM,data:aUUH36pDczOufIgDKWz3obcQOloKBpydZfXMUDHGrsJ3h8O0kZYFmq389L86PJ2YISTd7Jv8PfUYPdLi3e80UggKh7SdtP/bBw==,iv:XgZNmCR+XZhjMxV6H2mtepqt4YUADG+45m9P8jdLVNY=,tag:p2RNQ7uBNctJqm69kXxTug==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
|
@ -15,8 +17,8 @@ sops:
|
||||||
NGlZbU8rcWJRbGE5OEFHdUNqZ2xUS2sK/r7qJHfTP0REcM2PYM95XT0onnCYXzam
|
NGlZbU8rcWJRbGE5OEFHdUNqZ2xUS2sK/r7qJHfTP0REcM2PYM95XT0onnCYXzam
|
||||||
20BgfynX3PJE2QVcgl8rr7ssuKxESi+tY/1VB0l8Tryxe6hr/p5IVg==
|
20BgfynX3PJE2QVcgl8rr7ssuKxESi+tY/1VB0l8Tryxe6hr/p5IVg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-04-12T15:47:08Z"
|
lastmodified: "2023-05-24T14:31:20Z"
|
||||||
mac: ENC[AES256_GCM,data:PjfDBSXMzeCY+1I2iqMEOcCsYZ49x7j/xbfyUg/gm1B6iBfOZHLk6hBxR2y2ZTH60TMv21b6ymxa+HseXjtuVYkIfJlf0wz3R+xxEtGAIzuT9jhfoBj+0Xq4n53f5zZQBFlpYbsJjxD/e4ER9q+gEIlMKILN/AITe0xXDrCXvaY=,iv:mdX+1Echz6qW9ZtKBF79NEgPEcwkTEDU9W7OXGFasg4=,tag:c3nHdpZCxc2Nt1gd+zJ+Ww==,type:str]
|
mac: ENC[AES256_GCM,data:5nqafjSaGX6mU+V2BiKiM2hW3eGKBx8594epZM84N03xlOd0vyBQfGB7e0F4lvL0xyHyeJpqmTAiedPoqmHS/9bwe2y9CsmVdhhICEnLofHBkf2ckCZlPsyvWqvjokNVJ7zyz2xWDI+CnmPphTY0tMoJclzi5cLqnecB/hmizFY=,iv:40eNtolJgTIh06IVLNMbbr3ktbJuF8i5CBWy0JOkJxA=,tag:QCnMT8w7Ejdy1QssQnuolQ==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2023-04-12T15:47:07Z"
|
- created_at: "2023-04-12T15:47:07Z"
|
||||||
enc: |-
|
enc: |-
|
||||||
|
|
|
||||||
|
|
@ -38,66 +38,66 @@ in
|
||||||
msmtp.enable = true;
|
msmtp.enable = true;
|
||||||
};
|
};
|
||||||
accounts.email.accounts = {
|
accounts.email.accounts = {
|
||||||
# "rouven@rfive.de" = rec {
|
"rouven@rfive.de" = rec {
|
||||||
# address = "rouven@rfive.de";
|
address = "rouven@rfive.de";
|
||||||
# gpg.key = gpg-default-key;
|
gpg.key = gpg-default-key;
|
||||||
# realName = "Rouven Seifert";
|
realName = "Rouven Seifert";
|
||||||
# userName = address;
|
userName = "rouven";
|
||||||
# passwordCommand = "${pkgs.coreutils}/bin/cat $XDG_RUNTIME_DIR/secrets/email/rfive";
|
passwordCommand = "${pkgs.coreutils}/bin/cat $XDG_RUNTIME_DIR/secrets/email/rfive";
|
||||||
# imap = {
|
imap = {
|
||||||
# host = "pro1.mail.ovh.net";
|
host = "mail.rfive.de";
|
||||||
# port = 993;
|
port = 993;
|
||||||
# };
|
};
|
||||||
# smtp = {
|
smtp = {
|
||||||
# host = "pro1.mail.ovh.net";
|
host = "mail.rfive.de";
|
||||||
# port = 587;
|
port = 587;
|
||||||
# tls.useStartTls = true;
|
tls.useStartTls = true;
|
||||||
# };
|
};
|
||||||
# msmtp.enable = true;
|
msmtp.enable = true;
|
||||||
# mbsync = {
|
mbsync = {
|
||||||
# enable = true;
|
enable = true;
|
||||||
# create = "maildir";
|
create = "maildir";
|
||||||
# expunge = "both";
|
expunge = "both";
|
||||||
# groups.rfive = {
|
groups.rfive = {
|
||||||
# channels.inbox = {
|
channels.inbox = {
|
||||||
# nearPattern = "INBOX";
|
nearPattern = "INBOX";
|
||||||
# farPattern = "INBOX";
|
farPattern = "INBOX";
|
||||||
# extraConfig.Create = "near";
|
extraConfig.Create = "near";
|
||||||
# };
|
};
|
||||||
# channels.trash = {
|
channels.trash = {
|
||||||
# nearPattern = "Trash";
|
nearPattern = "Trash";
|
||||||
# farPattern = "Gel&APY-schte Elemente";
|
farPattern = "Trash";
|
||||||
# extraConfig.Create = "near";
|
extraConfig.Create = "near";
|
||||||
# };
|
};
|
||||||
# channels.sent = {
|
channels.sent = {
|
||||||
# nearPattern = "Sent";
|
nearPattern = "Sent";
|
||||||
# farPattern = "Gesendete Elemente";
|
farPattern = "Sent";
|
||||||
# extraConfig.Create = "near";
|
extraConfig.Create = "near";
|
||||||
# };
|
};
|
||||||
# channels.junk = {
|
channels.junk = {
|
||||||
# nearPattern = "Junk";
|
nearPattern = "Junk";
|
||||||
# farPattern = "Junk-E-Mail";
|
farPattern = "Junk";
|
||||||
# extraConfig.Create = "near";
|
extraConfig.Create = "near";
|
||||||
# };
|
};
|
||||||
# channels.drafts = {
|
channels.drafts = {
|
||||||
# nearPattern = "Drafts";
|
nearPattern = "Drafts";
|
||||||
# farPattern = "Entw&APw-rfe";
|
farPattern = "Drafts";
|
||||||
# extraConfig.Create = "near";
|
extraConfig.Create = "near";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# extraConfig = {
|
extraConfig = {
|
||||||
# account = {
|
account = {
|
||||||
# AuthMechs = "Login";
|
AuthMechs = "Login";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# neomutt = let c = mbsync.groups.rfive.channels; in
|
neomutt = let c = mbsync.groups.rfive.channels; in
|
||||||
# {
|
{
|
||||||
# enable = true;
|
enable = true;
|
||||||
# mailboxName = " rfive.de";
|
mailboxName = " rfive.de";
|
||||||
# extraMailboxes = lib.lists.forEach [ c.sent c.trash c.junk c.drafts ] (x: x.nearPattern);
|
extraMailboxes = lib.lists.forEach [ c.sent c.trash c.junk c.drafts ] (x: x.nearPattern);
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
"TU-Dresden" = rec {
|
"TU-Dresden" = rec {
|
||||||
address = "rouven.seifert@mailbox.tu-dresden.de";
|
address = "rouven.seifert@mailbox.tu-dresden.de";
|
||||||
gpg.key = gpg-default-key;
|
gpg.key = gpg-default-key;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue