coace/unit
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: coace:136181ec3abd179197c295214bf2dd0611c7d4c2
Branches Tags
coace:master
..
compare: coace:master
Branches Tags
coace:master

5 Commits
136181ec3a ... master

Author SHA1 Message Date
coolneng
634022d717 Add manuela to Wireguard peers 2021-07-31 21:49:57 +01:00
coolneng
b3b590dbf3 Replace deprecated OnCalendar option with startAt 2021-07-30 21:53:58 +01:00
coolneng
7083d475db Update README 2021-07-30 21:41:43 +01:00
coolneng
2cf9053ca9 Revert "Deploy a mail server" 
This reverts commit 6d9a883361.
 2021-07-24 18:01:20 +02:00
coolneng
6d9a883361 Deploy a mail server 2021-06-25 15:09:57 +02:00
5 changed files with 20 additions and 42 deletions
Expand all files Collapse all files

14
README.org
View File

@@ -1,3 +1,17 @@
* Unit * Unit
Declarative configuration for the main server, using [[https://nixos.org][NixOS]] Declarative configuration for the main server, using [[https://nixos.org][NixOS]]
** Modules
The configuration is sliced into different files, per category:
- ZFS pool configuration: hardware-configuration.nix
- Network configuration: networking.nix
- Synchronization and backup services: datasync.nix
- Web services and reverse proxy: webstack.nix
- Smartd: monitoring.nix
- Systemd services and timers: periodic.nix
- Virtual machines: virtualization.nix
All the modules are imported in *configuration.nix*

1
configuration.nix
View File

@@ -108,7 +108,6 @@
./modules/monitoring.nix ./modules/monitoring.nix
./modules/periodic.nix ./modules/periodic.nix
./modules/webstack.nix ./modules/webstack.nix
./modules/email.nix
]; ];
} }

30
modules/email.nix
View File

@@ -1,30 +0,0 @@
{ config, pkgs, ... }:
let release = "nixos-21.05";
in {
imports = [
(builtins.fetchTarball {
url =
"https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz";
sha256 = "1fwhb7a5v9c98nzhf3dyqf3a5ianqh7k50zizj8v5nmj3blxw4pi";
})
];
# Mail server configuration
mailserver = {
enable = true;
fqdn = "mail.coace.duckdns.org";
domains = [ "coace.duckdns.org" ];
loginAccounts = {
"admin@coace.duckdns.org" = {
hashedPasswordFile = "/vault/mail/accounts/admin";
aliases = [ "postmaster@coace.duckdns.org" ];
};
};
localDnsResolver = false;
certificateScheme = 3;
mailDirectory = "/vault/mail/content";
dkimKeyDirectory = "/vault/mail/dkim";
};
}

15
modules/networking.nix
View File

@@ -103,6 +103,11 @@ in {
publicKey = "5DU9ipxJcut2wKrUr3yQux9crzXMSW4ZeKWFLRpUc1I="; publicKey = "5DU9ipxJcut2wKrUr3yQux9crzXMSW4ZeKWFLRpUc1I=";
allowedIPs = [ "10.9.0.4/32" ]; allowedIPs = [ "10.9.0.4/32" ];
} }
# manuela
{
publicKey = "V+DaOya2hLuV6C9BeCkDyFqXpPAFq9jMAeg1dvQw/FI=";
allowedIPs = [ "10.9.0.5/32" ];
}
]; ];
}; };
}; };
@@ -150,16 +155,6 @@ in {
conf-file=/var/lib/dnsmasq/dnsmasq.blacklist.txt conf-file=/var/lib/dnsmasq/dnsmasq.blacklist.txt
address=/coace.duckdns.org/10.0.1.3 address=/coace.duckdns.org/10.0.1.3
# Mail server records
address=/mail.coace.duckdns.org/10.0.1.3
host-record=mail.coace.duckdns.org,10.0.1.3
mx-host=coace.duckdns.org,mail.coace.duckdns.org,10
server=/47.61.216.88.in-addr.arpa/10.0.1.3
ptr-record=47.61.216.88.in-addr.arpa,mail.coace.ducknds.org
ptr-record=47.61.216.88.in-addr.arpa,coace.ducknds.org
txt-record=coace.duckdns.org,"v=spf1 a:mail.coace.duckdns.org -all"
txt-record=mail._domainkey.coace.duckdns.org,"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGGeUul/gHC0VMajW6ReX4LH1oo9s52ath/UsvwMdb5vuA0FSjlTellSeP944MkEUt+EY8d64NRrV06+RipeGKweZNNGRybdefvGW2LlmJX0I6MIA6SD3hRPA1CYoX0boHKMAyjrBAzqZmhAXRZNro2nO1H0hCaHriOSH1ru4CYQIDAQAB"
txt-record=_dmarc.coace.duckdns.org,"v=DMARC1; p=none"
''; '';
}; };

2
modules/periodic.nix
View File

@@ -16,7 +16,7 @@ in {
ls | xargs -P10 -I{} git -C {} pull --rebase ls | xargs -P10 -I{} git -C {} pull --rebase
''; '';
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
OnCalendar = "22:00:00"; startAt = "22:00:00";
}; };
# PostgreSQL daily backups # PostgreSQL daily backups