Grimmauld/grimm-nix-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add simple mail server, and it actually works!

Browse source
This commit is contained in:
Grimmauld 2023-12-29 09:23:10 +00:00
parent fe65d25c31
commit 798e10bb07
6 changed files with 156 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
configuration.nix
View file

@ -35,6 +35,7 @@ in {
cloud-utils
parted
visualvm
mkpasswd
linuxPackages.perf
lshw
pciutils

29
email.nix Normal file
View file

@ -0,0 +1,29 @@
{ ... }:
let
root_host = "grimmauld.de";
mail_host = "mail.${root_host}";
in {
security.acme.certs."${root_host}".extraDomainNames = [ mail_host ];
mailserver = {
enable = true;
fqdn = mail_host;
domains = [ root_host ];
# A list of all login accounts. To create the password hashes, use
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
loginAccounts = {
"contact@${root_host}" = {
hashedPasswordFile = ./mailpass/contact;
aliases = ["kontakt@${root_host}"];
};
};
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80.
certificateScheme = "manual";
certificateFile = "/var/lib/acme/${root_host}/fullchain.pem";
keyFile = "/var/lib/acme/${root_host}/key.pem";
};
}

118
flake.lock
View file

@ -21,6 +21,22 @@
"type": "github"
}
},
"blobs": {
"flake": false,
"locked": {
"lastModified": 1604995301,
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"type": "gitlab"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -43,6 +59,22 @@
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -64,6 +96,29 @@
"type": "github"
}
},
"nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_2",
"nixpkgs-22_11": "nixpkgs-22_11",
"nixpkgs-23_05": "nixpkgs-23_05",
"utils": "utils"
},
"locked": {
"lastModified": 1703666786,
"narHash": "sha256-SLPNpM/rI8XPyVJAxMYAe+n6NiYSpuXvdwPILHP4yZI=",
"ref": "refs/heads/master",
"rev": "b5023b36a1f6628865cb42b4353bd2ddde0ea9f4",
"revCount": 575,
"type": "git",
"url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
},
"original": {
"type": "git",
"url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
}
},
"nixos-matrix-modules": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
@ -100,6 +155,36 @@
"type": "github"
}
},
"nixpkgs-22_11": {
"locked": {
"lastModified": 1669558522,
"narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.11",
"type": "indirect"
}
},
"nixpkgs-23_05": {
"locked": {
"lastModified": 1684782344,
"narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1673743903,
@ -116,6 +201,21 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1670751203,
"narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1703438236,
"narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=",
@ -134,8 +234,9 @@
"root": {
"inputs": {
"agenix": "agenix",
"nixos-mailserver": "nixos-mailserver",
"nixos-matrix-modules": "nixos-matrix-modules",
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs_3"
}
},
"systems": {
@ -152,6 +253,21 @@
"repo": "default",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1605370193,
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

8
flake.nix
View file

@ -11,9 +11,13 @@
url = "git+https://github.com/dali99/nixos-matrix-modules?submodules=1";
flake = true;
};
nixos-mailserver = {
url = "git+https://gitlab.com/simple-nixos-mailserver/nixos-mailserver";
flake = true;
};
};
outputs = { nixos-matrix-modules, self, nixpkgs, agenix }: let
outputs = { nixos-mailserver, nixos-matrix-modules, self, nixpkgs, agenix }: let
system = "x86_64-linux";
in {
nixosConfigurations = {
@ -25,7 +29,9 @@
./puffer.nix
./gitea.nix
./letsencrypt.nix
./email.nix
agenix.nixosModules.default
nixos-mailserver.nixosModules.default
nixos-matrix-modules.nixosModules.default
{ environment.systemPackages = [ agenix.packages.${system}.default ]; }
];

4
letsencrypt.nix
View file

@ -1,9 +1,7 @@
{ lib, config, inputs, pkgs, ... }:
let
root_host = "grimmauld.de";
# git add --intent-to-add email.txt ; git update-index --assume-unchanged email.txt
root_email = (builtins.elemAt (lib.strings.match "[[:space:]]*([^[:space:]]+)[[:space:]]*" (builtins.readFile ./email.txt)) 0);
root_email = "contact@${root_host}";
in {
security.acme = {
acceptTerms = true;

1
mailpass/contact Normal file
View file

@ -0,0 +1 @@
$2b$05$WsEwEXHa3kzDdMJdluirn.ExpK5BGJENEf3iH2AAjW6IFUPSpBWVa