rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-04-29 18:08:29 +02:00
Code Issues Projects Releases Packages Wiki Activity

better up purge and mail secrets

Browse source
This commit is contained in:
Rouven Seifert 2023-07-20 21:35:12 +02:00
parent 48225f3c36
commit f1f11eee2a
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
12 changed files with 101 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

7
hosts/falkenstein-1/modules/mail/default.nix
View file

@ -6,9 +6,6 @@ let
rspamd-domain = "rspamd.${domain}";
in
{
sops.secrets."mail/rouven".owner = config.users.users.postfix.name;
sops.secrets."rspamd".owner = config.users.users.rspamd.name;
networking.firewall.allowedTCPPorts = [
25 # insecure SMTP
465
@ -160,7 +157,9 @@ in
enable = true;
postfix.enable = true;
locals = {
"worker-controller.inc".source = config.sops.secrets."rspamd".path;
"worker-controller.inc".text = ''
password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy";
'';
"redis.conf".text = ''
read_servers = "127.0.0.1";
write_servers = "127.0.0.1";