mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2024-11-15 21:33:11 +01:00
37 lines
831 B
Nix
37 lines
831 B
Nix
{ config, lib, ... }:
|
|
{
|
|
# required for elasticsearch
|
|
nixpkgs.config.allowUnfree = true;
|
|
age.secrets.dmarc = {
|
|
file = ../../../../secrets/falkenstein/dmarc.age;
|
|
};
|
|
users.users.dmarc = {
|
|
description = "DMARC Report recipient";
|
|
isNormalUser = true;
|
|
};
|
|
networking.firewall.allowedTCPPorts = [ 9200 ];
|
|
services.elasticsearch.listenAddress = "0.0.0.0";
|
|
services.parsedmarc = {
|
|
enable = true;
|
|
provision = {
|
|
grafana = {
|
|
dashboard = false;
|
|
datasource = false;
|
|
};
|
|
localMail.enable = false;
|
|
elasticsearch = true;
|
|
geoIp = false;
|
|
};
|
|
settings = {
|
|
imap = {
|
|
user = "dmarc@rfive.de";
|
|
port = 993;
|
|
host = "mail.rfive.de";
|
|
password = {
|
|
_secret = config.age.secrets.dmarc.path;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|