Creating a mail server!

This commit is contained in:
Lillian Violet 2023-11-24 15:35:17 +01:00
parent 6e80075dee
commit e3e4c565c7
3 changed files with 41 additions and 2 deletions

View file

@ -17,6 +17,7 @@
# ./nvim.nix # ./nvim.nix
./hardware-configuration.nix ./hardware-configuration.nix
./nextcloud.nix ./nextcloud.nix
./mail-server.nix
]; ];
boot.tmp.cleanOnBoot = true; boot.tmp.cleanOnBoot = true;
@ -58,6 +59,8 @@
sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name; sops.secrets."nextclouddb".owner = config.users.users.nextcloud.name;
sops.secrets."local.json".mode = "0440"; sops.secrets."local.json".mode = "0440";
sops.secrets."local.json".owner = config.users.users.onlyoffice.name; sops.secrets."local.json".owner = config.users.users.onlyoffice.name;
sops.secrets."mailpass".mode = "0440";
sops.secrets."mailpass".owner = config.users.users."no-reply@nextcloud.gladtherescake.eu".name;
nix = { nix = {
gc = { gc = {

View file

@ -0,0 +1,35 @@
{
inputs,
outputs,
config,
pkgs,
...
}: {
imports = [
(builtins.fetchTarball {
# Pick a release version you are interested in and set its hash, e.g.
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.3.0/nixos-mailserver-v2.3.0.tar.gz";
# To get the sha256 of the nixos-mailserver tarball, we can use the nix-prefetch-url command:
# release="nixos-23.05"; nix-prefetch-url "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz" --unpack
sha256 = "0lpz08qviccvpfws2nm83n7m2r8add2wvfg9bljx9yxx8107r919";
})
];
mailserver = {
enable = true;
fqdn = "mail.gladtherescake.eu";
domains = ["nextcloud.gladtherescake.eu"];
loginAccounts = {
"no-reply@nextcloud.gladtherescake.eu" = {
hashedPasswordFile = config.sops.secrets."mailpass".path;
aliases = ["postmaster@nextcloud.gladtherescake.eu" "abuse@nextcloud.gladtherescake.eu" "security@nextcloud.gladtherescake.eu"];
};
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80.
certificateScheme = "acme-nginx";
};
security.acme.acceptTerms = true;
security.acme.defaults.email = "security@nextcloud.gladtherescake.eu";
};
}

View file

@ -1,6 +1,7 @@
nextcloudadmin: ENC[AES256_GCM,data:LqgutUXs1msmFUNa+4JI1BEq0R8=,iv:sLP52reqsJfUNQnA9MbtbcZjGeluHDaO3dlHpWCLU4M=,tag:ChG/hZIMcmc0wt2AWOBNCA==,type:str] nextcloudadmin: ENC[AES256_GCM,data:LqgutUXs1msmFUNa+4JI1BEq0R8=,iv:sLP52reqsJfUNQnA9MbtbcZjGeluHDaO3dlHpWCLU4M=,tag:ChG/hZIMcmc0wt2AWOBNCA==,type:str]
nextclouddb: ENC[AES256_GCM,data:EFwVtVD4KnEiZ5SM+1XW0U0mR/I2IXcRYXhQTgwv788=,iv:blHbNqI/Gq4tUQuqKWgrX9tYj6XKLRrWl1LFN+cn71M=,tag:H/7vobp5OwPbqsapvw7mUw==,type:str] nextclouddb: ENC[AES256_GCM,data:EFwVtVD4KnEiZ5SM+1XW0U0mR/I2IXcRYXhQTgwv788=,iv:blHbNqI/Gq4tUQuqKWgrX9tYj6XKLRrWl1LFN+cn71M=,tag:H/7vobp5OwPbqsapvw7mUw==,type:str]
local.json: ENC[AES256_GCM,data:EWMZTvnP9DmJKZq3mejvlSc8e2BZxcREn+XB1tAM5NLS0G2fdWJThkkgRz2owdAiZV2BLc/yqr4DqJzDIXiOxWWBGAbqRFH5kPw2mAdkAcW76F8tUNQSBtQXM+Gu3W3EwjQwNiwVlb1jB0BNWU4TJfZGfdk2Vt0R7ggTJhRIAwQiXC1VtMWmlAOyRIaiMzaY4ktEMJT/nxF8koZV79kiCFcAGHzoYynW16y2QkaxFca/4bTvBJCAMBuK0lLF9xeipyGZUgxPV/OAQkrQGAqHcrHL+FmQiFEIuLUBzTDQp57kV1EKKCevRUcPCX/NhQGgLYVgDrsLTb1ftB30yHjWUap+JttKXBk2HElnQVEdS37zADyQ8tYrD+2l2CLrBGctVpg6K61OP44=,iv:VbJgmvIN1/FjQJl58KBsDNTyUWtIAYbBB0iPe6I0+hE=,tag:if16JgRVPeC+m8vFeYhKtA==,type:str] local.json: ENC[AES256_GCM,data:EWMZTvnP9DmJKZq3mejvlSc8e2BZxcREn+XB1tAM5NLS0G2fdWJThkkgRz2owdAiZV2BLc/yqr4DqJzDIXiOxWWBGAbqRFH5kPw2mAdkAcW76F8tUNQSBtQXM+Gu3W3EwjQwNiwVlb1jB0BNWU4TJfZGfdk2Vt0R7ggTJhRIAwQiXC1VtMWmlAOyRIaiMzaY4ktEMJT/nxF8koZV79kiCFcAGHzoYynW16y2QkaxFca/4bTvBJCAMBuK0lLF9xeipyGZUgxPV/OAQkrQGAqHcrHL+FmQiFEIuLUBzTDQp57kV1EKKCevRUcPCX/NhQGgLYVgDrsLTb1ftB30yHjWUap+JttKXBk2HElnQVEdS37zADyQ8tYrD+2l2CLrBGctVpg6K61OP44=,iv:VbJgmvIN1/FjQJl58KBsDNTyUWtIAYbBB0iPe6I0+hE=,tag:if16JgRVPeC+m8vFeYhKtA==,type:str]
mailpass: ENC[AES256_GCM,data:UVrc1RUV0xJFPiZ8J4refglR0p35gUd21EvvTSoeXHVE9/xC0biKmjdPu8cBmimNPmKJMvZRf8wOz+/x,iv:zIYI9JY/bfUc3nNPNopKMbh09B6KUotMUAmNDzVUBN8=,tag:53N8WlQ5CDlrp/KIEQiHgQ==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -16,8 +17,8 @@ sops:
KzNBMCtUaS9sU21Xc1JUd1FSR29tSkEKyqaDM/WUWjK2l+ahE6sIFYsQ6Qtkf7yz KzNBMCtUaS9sU21Xc1JUd1FSR29tSkEKyqaDM/WUWjK2l+ahE6sIFYsQ6Qtkf7yz
NWFTzsDZBmm9kpSIjchf+PuBuoRHeEKbEH8jnMlYB3J8boEnUnXMlw== NWFTzsDZBmm9kpSIjchf+PuBuoRHeEKbEH8jnMlYB3J8boEnUnXMlw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-11-23T19:03:04Z" lastmodified: "2023-11-24T14:30:34Z"
mac: ENC[AES256_GCM,data:SaC8fw76/O1C4ahiFmpDpF19X8jXUVAs+i86dDSkHLllRxUXsVujW4NUsX0aq2OOSAFZE5QVy/Aq7Os3MsEBNezd0YxCgVpzKOj/6YUUEoNDhZGvd2n1a3ULoqlWNBhmRd42MvEWVoTWPJHlv34fkoYD+NRD1jF3QLwANBGcVqA=,iv:x1AoAMdt6+M/+mLatWpLWBTPyaRS2/pYSj250DkZWdU=,tag:HHF/zb8VWIaj8Q9T4NFwAw==,type:str] mac: ENC[AES256_GCM,data:Tl4eqh2SUEcgfOynbLoclpJKhMHkkaeV3bvkYB4dc3tv9hEWuX5HR1iI67+HVImdLcJ1zTyWkNSl+89MOWkSB85Rb643uCa5myDFQ30PHWN2ubPVoY3XzucW0nzBllZZsH6lPakNXwHTLkcf1etnWzL+/sXnYff2S/WPqTAdkwU=,iv:aWlA7jfBGStCELf/6ij2aT7EAwRp/RQP5Sw4WMPqbtE=,tag:bvSiyFrqPP0uB71zQTH08Q==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1