add simple mail server, and it actually works!

2023-12-29 09:23:10 +00:00 · 2023-12-29 09:23:10 +00:00 · 798e10bb07
commit 798e10bb07
parent fe65d25c31
6 changed files with 156 additions and 5 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -35,6 +35,7 @@ in {
    cloud-utils
    parted
    visualvm
    mkpasswd
    linuxPackages.perf
    lshw
    pciutils
--- a/email.nix
+++ b/email.nix
@ -0,0 +1,29 @@
 { ... }: 
 let
  root_host = "grimmauld.de";
  mail_host = "mail.${root_host}";
 in {
  security.acme.certs."${root_host}".extraDomainNames = [ mail_host ];
  mailserver = {
    enable = true;
    fqdn = mail_host;
    domains = [ root_host ];
    # A list of all login accounts. To create the password hashes, use
    # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
    loginAccounts = {
      "contact@${root_host}" = {
        hashedPasswordFile = ./mailpass/contact;
        aliases = ["kontakt@${root_host}"];
      };
    };
    # Use Let's Encrypt certificates. Note that this needs to set up a stripped
    # down nginx and opens port 80.
    certificateScheme = "manual";
    certificateFile = "/var/lib/acme/${root_host}/fullchain.pem";
    keyFile = "/var/lib/acme/${root_host}/key.pem";
  };
 }
--- a/flake.lock
+++ b/flake.lock
@ -21,6 +21,22 @@
        "type": "github"
      }
    },
    "blobs": {
      "flake": false,
      "locked": {
        "lastModified": 1604995301,
        "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
        "owner": "simple-nixos-mailserver",
        "repo": "blobs",
        "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
        "type": "gitlab"
      },
      "original": {
        "owner": "simple-nixos-mailserver",
        "repo": "blobs",
        "type": "gitlab"
      }
    },
    "darwin": {
      "inputs": {
        "nixpkgs": [
@ -43,6 +59,22 @@
        "type": "github"
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
        "lastModified": 1668681692,
        "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
        "owner": "edolstra",
        "repo": "flake-compat",
        "rev": "009399224d5e398d03b22badca40a37ac85412a1",
        "type": "github"
      },
      "original": {
        "owner": "edolstra",
        "repo": "flake-compat",
        "type": "github"
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
@ -64,6 +96,29 @@
        "type": "github"
      }
    },
    "nixos-mailserver": {
      "inputs": {
        "blobs": "blobs",
        "flake-compat": "flake-compat",
        "nixpkgs": "nixpkgs_2",
        "nixpkgs-22_11": "nixpkgs-22_11",
        "nixpkgs-23_05": "nixpkgs-23_05",
        "utils": "utils"
      },
      "locked": {
        "lastModified": 1703666786,
        "narHash": "sha256-SLPNpM/rI8XPyVJAxMYAe+n6NiYSpuXvdwPILHP4yZI=",
        "ref": "refs/heads/master",
        "rev": "b5023b36a1f6628865cb42b4353bd2ddde0ea9f4",
        "revCount": 575,
        "type": "git",
        "url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
      },
      "original": {
        "type": "git",
        "url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
      }
    },
    "nixos-matrix-modules": {
      "inputs": {
        "nixpkgs-lib": "nixpkgs-lib"
@ -100,6 +155,36 @@
        "type": "github"
      }
    },
    "nixpkgs-22_11": {
      "locked": {
        "lastModified": 1669558522,
        "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
        "ref": "nixos-22.11",
        "type": "indirect"
      }
    },
    "nixpkgs-23_05": {
      "locked": {
        "lastModified": 1684782344,
        "narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
        "ref": "nixos-23.05",
        "type": "indirect"
      }
    },
    "nixpkgs-lib": {
      "locked": {
        "lastModified": 1673743903,
@ -116,6 +201,21 @@
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1670751203,
        "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
        "ref": "nixos-unstable",
        "type": "indirect"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1703438236,
        "narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=",
@ -134,8 +234,9 @@
    "root": {
      "inputs": {
        "agenix": "agenix",
        "nixos-mailserver": "nixos-mailserver",
        "nixos-matrix-modules": "nixos-matrix-modules",
-        "nixpkgs": "nixpkgs_2"
+        "nixpkgs": "nixpkgs_3"
      }
    },
    "systems": {
@ -152,6 +253,21 @@
        "repo": "default",
        "type": "github"
      }
    },
    "utils": {
      "locked": {
        "lastModified": 1605370193,
        "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "5021eac20303a61fafe17224c087f5519baed54d",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -11,9 +11,13 @@
      url = "git+https://github.com/dali99/nixos-matrix-modules?submodules=1";
      flake = true;
    };
    nixos-mailserver = {
      url = "git+https://gitlab.com/simple-nixos-mailserver/nixos-mailserver";
      flake = true;
    };
  };
-  outputs = { nixos-matrix-modules, self, nixpkgs, agenix }: let
+  outputs = { nixos-mailserver, nixos-matrix-modules, self, nixpkgs, agenix }: let
    system = "x86_64-linux";
  in {
    nixosConfigurations = {
@ -25,7 +29,9 @@
          ./puffer.nix
          ./gitea.nix
          ./letsencrypt.nix
          ./email.nix
          agenix.nixosModules.default
          nixos-mailserver.nixosModules.default
          nixos-matrix-modules.nixosModules.default
          { environment.systemPackages = [ agenix.packages.${system}.default ]; }
        ];
--- a/letsencrypt.nix
+++ b/letsencrypt.nix
@ -1,9 +1,7 @@
 { lib, config, inputs, pkgs, ... }:
 let
  root_host = "grimmauld.de";
-
+  root_email = "contact@${root_host}";
  # git add --intent-to-add email.txt ; git update-index --assume-unchanged email.txt
  root_email = (builtins.elemAt (lib.strings.match "[[:space:]]*([^[:space:]]+)[[:space:]]*" (builtins.readFile ./email.txt)) 0);
 in {
  security.acme = {
    acceptTerms = true;
--- a/mailpass/contact
+++ b/mailpass/contact
@ -0,0 +1 @@
 $2b$05$WsEwEXHa3kzDdMJdluirn.ExpK5BGJENEf3iH2AAjW6IFUPSpBWVa
		`@ -0,0 +1 @@`
							`$2b$05$WsEwEXHa3kzDdMJdluirn.ExpK5BGJENEf3iH2AAjW6IFUPSpBWVa`