From 96dca2d50f26f74e2550771a41f375c5fdca3bcf Mon Sep 17 00:00:00 2001 From: Ivan Dimitrov Date: Sat, 12 Aug 2023 17:26:12 +0300 Subject: [PATCH] mailserver flake --- flake.lock | 118 ++++++++++++++++++++++++++++++++++++- flake.nix | 39 +++++++----- sys/mailserver/default.nix | 20 +++++++ sys/mailserver/ivan.passwd | 1 + 4 files changed, 162 insertions(+), 16 deletions(-) create mode 100644 sys/mailserver/default.nix create mode 100644 sys/mailserver/ivan.passwd diff --git a/flake.lock b/flake.lock index d7ce111..fa78fdc 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,21 @@ { "nodes": { + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, "doom-emacs": { "flake": false, "locked": { @@ -162,6 +178,22 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -290,6 +322,36 @@ "type": "indirect" } }, + "nixpkgs-22_11": { + "locked": { + "lastModified": 1669558522, + "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-22.11", + "type": "indirect" + } + }, + "nixpkgs-23_05": { + "locked": { + "lastModified": 1684782344, + "narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "8966c43feba2c701ed624302b6a935f97bcbdf88", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1691368598, @@ -305,6 +367,21 @@ "type": "indirect" } }, + "nixpkgs_3": { + "locked": { + "lastModified": 1670751203, + "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, "nose": { "flake": false, "locked": { @@ -421,7 +498,8 @@ "inputs": { "home-manager": "home-manager", "nix-doom-emacs": "nix-doom-emacs", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_2", + "simple-nixos-mailserver": "simple-nixos-mailserver" } }, "rotate-text": { @@ -440,6 +518,29 @@ "type": "github" } }, + "simple-nixos-mailserver": { + "inputs": { + "blobs": "blobs", + "flake-compat": "flake-compat_2", + "nixpkgs": "nixpkgs_3", + "nixpkgs-22_11": "nixpkgs-22_11", + "nixpkgs-23_05": "nixpkgs-23_05", + "utils": "utils" + }, + "locked": { + "lastModified": 1689976554, + "narHash": "sha256-uWJq3sIhkqfzPmfB2RWd5XFVooGFfSuJH9ER/r302xQ=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "c63f6e7b053c18325194ff0e274dba44e8d2271e", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, "sln-mode": { "flake": false, "locked": { @@ -487,6 +588,21 @@ "type": "github" } }, + "utils": { + "locked": { + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "ws-butler": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index 8ba9f81..d82ade6 100644 --- a/flake.nix +++ b/flake.nix @@ -6,23 +6,32 @@ inputs.nixpkgs.follows = "nixpkgs"; }; nix-doom-emacs.url = "github:nix-community/nix-doom-emacs"; + simple-nixos-mailserver.url = + "gitlab:simple-nixos-mailserver/nixos-mailserver"; }; - outputs = { self, nixpkgs, home-manager, nix-doom-emacs, ... }: { - nixosConfigurations = { - laptop = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./sys/laptop - ]; + outputs = { self, nixpkgs, home-manager, nix-doom-emacs + , simple-nixos-mailserver, ... }: { + nixosConfigurations = { + laptop = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./sys/laptop ]; + }; + mailserver = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + (nixpkgs + + "/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix") + ./sys/mailserver + simple-nixos-mailserver.nixosModule + ]; + }; + }; + homeConfigurations = { + ivand = home-manager.lib.homeManagerConfiguration { + modules = [ ./home/laptop nix-doom-emacs.hmModule ]; + pkgs = import nixpkgs { system = "x86_64-linux"; }; + }; }; }; - homeConfigurations = { - ivand = home-manager.lib.homeManagerConfiguration { - modules = [ ./home/laptop nix-doom-emacs.hmModule ]; - pkgs = import nixpkgs { system = "x86_64-linux"; }; - }; - }; - }; } - diff --git a/sys/mailserver/default.nix b/sys/mailserver/default.nix new file mode 100644 index 0000000..e10be03 --- /dev/null +++ b/sys/mailserver/default.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: { + mailserver = { + enable = true; + fqdn = "mail.idimitrov.dev"; + domains = [ "idimitrov.dev" ]; + + loginAccounts = { + "ivan@idimitrov.dev" = { + hashedPasswordFile = ./ivan.passwd; + aliases = [ "admin@idimitrov.dev" ]; + }; + "security@idimitrov.dev" = { hashedPasswordFile = ./ivan.passwd; }; + }; + + certificateScheme = "acme-nginx"; + }; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "security@idimitrov.dev"; +} diff --git a/sys/mailserver/ivan.passwd b/sys/mailserver/ivan.passwd new file mode 100644 index 0000000..704e647 --- /dev/null +++ b/sys/mailserver/ivan.passwd @@ -0,0 +1 @@ +$2b$05$6Hs2OGVrY/swb5eAaRV0AOqmdWqlkdShIvd2SoIQHbxtirQyxnU3e