Compare commits

..

7 commits

7 changed files with 39 additions and 49 deletions

View file

@ -180,11 +180,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1709204054, "lastModified": 1709485962,
"narHash": "sha256-U1idK0JHs1XOfSI1APYuXi4AEADf+B+ZU4Wifc0pBHk=", "narHash": "sha256-rmFB4uE10+LJbcVE4ePgiuHOBlUIjQOeZt4VQVJTU8M=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "2f3367769a93b226c467551315e9e270c3f78b15", "rev": "d579633ff9915a8f4058d5c439281097e92380a8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -200,11 +200,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1706522977, "lastModified": 1709110024,
"narHash": "sha256-Tq69CQ+uutfY477w8uCRyF/2V0Wh/+zHzM3qwcVmqsk=", "narHash": "sha256-5gJQgQAYZPvT5vzSrR2yHD4wGCQNO7Pds618MMGUTD8=",
"owner": "rouven0", "owner": "rouven0",
"repo": "TruckSimulatorBot-images", "repo": "TruckSimulatorBot-images",
"rev": "d54a772d48a329a402433cc90502700a6699008e", "rev": "05f98442b21c771c90699b55eed8f1e1c0dd50cd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -281,11 +281,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1708830466, "lastModified": 1709435391,
"narHash": "sha256-nGKe3Y1/jkLR2eh1aRSVBtKadMBNv8kOnB52UXqRy6A=", "narHash": "sha256-s4itTkIVxn5lYeTzwkbAgl99atnjdZv1idI1118vdzA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "f070c7eeec3bde8c8c8baa9c02b6d3d5e114d73b", "rev": "93554c04c2f1c02f4a383538e8848d511c3129e9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -296,11 +296,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1709150264, "lastModified": 1709237383,
"narHash": "sha256-HofykKuisObPUfj0E9CJVfaMhawXkYx3G8UIFR/XQ38=", "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9099616b93301d5cf84274b184a3a5ec69e94e08", "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -347,11 +347,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1698315015, "lastModified": 1709373109,
"narHash": "sha256-RWYymaHHx6pi4HRLfJJTF3u4Im22uUtVZDUvTbP0Qrc=", "narHash": "sha256-2f0am1RlTxz8UKNwftzNjJLhgShoW2I5SofA7FwC4Nw=",
"owner": "rouven0", "owner": "rouven0",
"repo": "pfersel", "repo": "pfersel",
"rev": "40292aa59ed9f6630dc39405f318842a9c8e7cb3", "rev": "b4d086d43545f5d1735f863eb3aa1e81ca6272ba",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -398,11 +398,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1706780558, "lastModified": 1709309729,
"narHash": "sha256-tZRNaZKENRzd83oLgqgG/G2A+7FgsISFhgblGjFM244=", "narHash": "sha256-W6RjXe2/LGFnNGfY9ML4YCDasmqksUWKoMRVPHkIguM=",
"owner": "rouven0", "owner": "rouven0",
"repo": "purge", "repo": "purge",
"rev": "3875053bd588aeee14849c50c60f6a33ac784da3", "rev": "0d083d35316101755d2ecb9bba32fefc42df914d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -488,11 +488,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1708375524, "lastModified": 1709309746,
"narHash": "sha256-6XxKJhGupxakfrz8GBJJ/l9RvLs3tt9wuj3c8MZoSuo=", "narHash": "sha256-janCP2IoaBQIYQVn/LSYXncheCQ2l7u8E7V2XgHz2G8=",
"owner": "rouven0", "owner": "rouven0",
"repo": "TruckSimulatorBot", "repo": "TruckSimulatorBot",
"rev": "6b33532486100f83fc9c7f2da3d1b54ea4fe5986", "rev": "6a6bd63946a031ac020a9463cddb3a99de9385fd",
"type": "github" "type": "github"
}, },
"original": { "original": {

View file

@ -81,7 +81,6 @@ in
smtpd_sasl_path = "/var/lib/postfix/auth"; smtpd_sasl_path = "/var/lib/postfix/auth";
smtpd_sasl_type = "dovecot"; smtpd_sasl_type = "dovecot";
mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp";
}; };
}; };
@ -203,31 +202,26 @@ in
password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy"; password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy";
''; '';
"redis.conf".text = '' "redis.conf".text = ''
read_servers = "127.0.0.1"; read_servers = "/run/redis-rspamd/redis.sock";
write_servers = "127.0.0.1"; write_servers = "/run/redis-rspamd/redis.sock";
''; '';
"milter_headers.conf".text = '' "milter_headers.conf".text = ''
use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ]; use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ];
''; '';
"dmarc.conf".text = '' "dmarc.conf".text = ''
reporting { reporting {
# Required attributes enabled = true;
enabled = true; # Enable reports in general email = 'reports@${config.networking.domain}';
email = 'reports@${config.networking.domain}'; # Source of DMARC reports domain = '${config.networking.domain}';
domain = '${config.networking.domain}'; # Domain to serve org_name = '${config.networking.domain}';
org_name = '${config.networking.domain}'; # Organisation
from_name = 'DMARC Aggregate Report'; from_name = 'DMARC Aggregate Report';
} }
''; '';
"dkim_signing.conf".text = '' "dkim_signing.conf".text = ''
selector = "rspamd"; selector = "rspamd";
allow_username_mismatch = true; allow_username_mismatch = true;
domain { allow_hdrfrom_mismatch = true;
rfive.de { path = /var/lib/rspamd/dkim/$domain.key;
path = /var/lib/rspamd/dkim/rfive.key;
selector = "rspamd";
}
}
''; '';
}; };
}; };
@ -235,7 +229,6 @@ in
vmOverCommit = true; vmOverCommit = true;
servers.rspamd = { servers.rspamd = {
enable = true; enable = true;
port = 6379;
}; };
}; };
}; };
@ -262,6 +255,7 @@ in
}; };
}; };
}; };
users.users.rspamd.extraGroups = [ "redis-rspamd" ];
systemd = { systemd = {
services.rspamd-dmarc-report = { services.rspamd-dmarc-report = {
description = "rspamd dmarc reporter"; description = "rspamd dmarc reporter";
@ -271,16 +265,7 @@ in
User = "rspamd"; User = "rspamd";
Group = "rspamd"; Group = "rspamd";
}; };
startAt = "daily";
}; };
timers.rspamd-dmarc-report = {
description = "Timer for daily dmarc reports";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Unit = "rspamd-dmarc-report.service";
};
};
}; };
} }

View file

@ -2,7 +2,6 @@
{ {
age.secrets.pfersel = { age.secrets.pfersel = {
file = ../../../../secrets/falkenstein/pfersel.age; file = ../../../../secrets/falkenstein/pfersel.age;
owner = "pfersel";
}; };
services.pfersel = { services.pfersel = {
enable = true; enable = true;

Binary file not shown.

View file

@ -11,11 +11,12 @@
experimental-features = [ "nix-command" "flakes" "repl-flake" ]; experimental-features = [ "nix-command" "flakes" "repl-flake" ];
substituters = [ substituters = [
"https://cache.rfive.de" "https://cache.rfive.de"
"https://cache.ifsr.de" # temp disabled until logging error is resolved
# "https://cache.ifsr.de"
]; ];
trusted-public-keys = [ trusted-public-keys = [
"cache.rfive.de:of5d+o6mfGXQSR3lk6ApfDBr4ampAUaNHux1O/XY3Tw=" "cache.rfive.de:of5d+o6mfGXQSR3lk6ApfDBr4ampAUaNHux1O/XY3Tw="
"cache.ifsr.de:y55KBAMF4YkjIzXwYOKVk9fcQS+CZ9RM1zAAMYQJtsg=" # "cache.ifsr.de:y55KBAMF4YkjIzXwYOKVk9fcQS+CZ9RM1zAAMYQJtsg="
]; ];
}; };
}; };

View file

@ -13,6 +13,10 @@
enableRootSlice = true; enableRootSlice = true;
enableUserSlices = true; enableUserSlices = true;
}; };
watchdog = {
runtimeTime = "30s";
rebootTime = "10m";
};
}; };
} }

View file

@ -29,6 +29,7 @@
tdesktop tdesktop
gajim gajim
gomuks gomuks
profanity
fractal fractal
tuba # mastodon client tuba # mastodon client