mail.idimitrov.dev/mailserver/configuration.nix

{ pkgs, ... }:
{
  time.timeZone = "Europe/Prague";
  system.stateVersion = "23.11";

  fileSystems."/mnt/export1981" = {
    device = "172.16.128.47:/nas/5490";
    fsType = "nfs";
    options = [ "nofail" ];
  };

  nix = {
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
  };

  security = {
    acme = {
      acceptTerms = true;
      defaults.email = "security@idimitrov.dev";
    };
  };

  networking = {
    firewall = {
      enable = true;
      allowedTCPPorts = [ 53 80 443 18081 ];
      allowedUDPPorts = [ 53 51820 18081 ];
    };
    stevenBlackHosts = {
      enable = true;
      blockFakenews = true;
      blockGambling = true;
    };
  };

  users = {
    users.ivand = {
      isNormalUser = true;
      hashedPassword =
        "$2b$05$hPrPcewxj4qjLCRQpKBAu.FKvKZdIVlnyn4uYsWE8lc21Jhvc9jWG";
      extraGroups = [ "wheel" "adm" "mlocate" ];
      openssh.authorizedKeys.keys = [
        ''
          ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyW157tNiQdeoQsoo5AEzhyi6BvPeqEvChCxCHf3hikmFDqb6bvvlKYb9grW+fqE0HzALRwpXvPKnuUwHKPVG8HZ7NC9bT5RPMO0rFviNoxWF2PNDWG0ivPmLrQGKtCPM3aUIhSdUdlJ7ImYl34KBkUIrSmL7WlLJUvh1PtyyuVfrhpFzFxHwYwVCNO33L89lfl5PY/G9qrjlH64urt/6aWqMdHD8bZ4MHBPcnSwLMd7f0nNa0aTAJMabsfmndZhV24y7T1FUWG0dl27Q4rnpnZJWBDD1IyWIX/aN+DD6eVVWa4tRVJs6ycfw48hft0zs9zLn9mU4a2hxQ6VvfwpqZHOO8XqqOSai9Yw9Ba60iVQokQQiL91KidoSF7zD0U0szdEmylANyAntUcJ1kdu496s21IU2hjYfN/3seH5a9hBk8iPHp/eTeVUXFKh27rRWn0gc+rba1LF0BWfTjRYR7e1uvPEau0I61sNsp3lnMULdkgkZ9rap1sRM6ULlaRXM= ivand@nixos
        ''
      ];
    };
    extraGroups = { mlocate = { }; };
  };

  environment = {
    systemPackages = with pkgs; [ nmap coreutils-full fd git vim mlocate busybox bash scripts ];
  };

  services = {
    openssh = {
      enable = true;
      settings = {
        PermitRootLogin = "prohibit-password";
      };
    };
  };
  systemd = {
    timers = {
      bingwp = {
        wantedBy = [ "timers.target" ];
        timerConfig = {
          OnCalendar = "*-*-* 10:00:00";
          Persistent = true;
        };
      };
    };
    services = {
      bingwp = {
        description = "Download bing image of the day";
        script = ''
          ${pkgs.nushell}/bin/nu -c "http get ('https://bing.com' + ((http get https://www.bing.com/HPImageArchive.aspx?format=js&n=1).images.0.url)) | save  ('/var/pic' | path join ( [ (date now | format date '%Y-%m-%d'), '.png' ] | str join ))"
        '';
      };
    };
  };
}
timezone 2024-06-03 09:36:47 +02:00			`{ pkgs, ... }:`
initial commit 2023-09-19 14:22:42 +02:00			`{`
timezone 2024-06-03 09:36:47 +02:00			`time.timeZone = "Europe/Prague";`
roundcube 2023-11-15 15:37:04 +01:00			`system.stateVersion = "23.11";`

add fs 2024-06-26 00:01:18 +02:00			`fileSystems."/mnt/export1981" = {`
			`device = "172.16.128.47:/nas/5490";`
			`fsType = "nfs";`
			`options = [ "nofail" ];`
			`};`

roundcube 2023-11-15 15:37:04 +01:00			`nix = {`
			`extraOptions = ''`
			`experimental-features = nix-command flakes`
			`'';`
			`};`

			`security = {`
			`acme = {`
			`acceptTerms = true;`
			`defaults.email = "security@idimitrov.dev";`
			`};`
			`};`

enable stevenBlackHosts 2024-04-05 11:59:44 +02:00			`networking = {`
			`firewall = {`
			`enable = true;`
allow monero 2024-06-26 00:30:04 +02:00			`allowedTCPPorts = [ 53 80 443 18081 ];`
allow udp monero 2024-06-26 00:33:41 +02:00			`allowedUDPPorts = [ 53 51820 18081 ];`
enable stevenBlackHosts 2024-04-05 11:59:44 +02:00			`};`
			`stevenBlackHosts = {`
			`enable = true;`
			`blockFakenews = true;`
			`blockGambling = true;`
			`};`
wireguard change config 2023-11-18 16:59:08 +01:00			`};`
roundcube 2023-11-15 15:37:04 +01:00
			`users = {`
			`users.ivand = {`
			`isNormalUser = true;`
			`hashedPassword =`
			`"$2b$05$hPrPcewxj4qjLCRQpKBAu.FKvKZdIVlnyn4uYsWE8lc21Jhvc9jWG";`
			`extraGroups = [ "wheel" "adm" "mlocate" ];`
			`openssh.authorizedKeys.keys = [`
			`''`
			ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyW157tNiQdeoQsoo5AEzhyi6BvPeqEvChCxCHf3hikmFDqb6bvvlKYb9grW+fqE0HzALRwpXvPKnuUwHKPVG8HZ7NC9bT5RPMO0rFviNoxWF2PNDWG0ivPmLrQGKtCPM3aUIhSdUdlJ7ImYl34KBkUIrSmL7WlLJUvh1PtyyuVfrhpFzFxHwYwVCNO33L89lfl5PY/G9qrjlH64urt/6aWqMdHD8bZ4MHBPcnSwLMd7f0nNa0aTAJMabsfmndZhV24y7T1FUWG0dl27Q4rnpnZJWBDD1IyWIX/aN+DD6eVVWa4tRVJs6ycfw48hft0zs9zLn9mU4a2hxQ6VvfwpqZHOO8XqqOSai9Yw9Ba60iVQokQQiL91KidoSF7zD0U0szdEmylANyAntUcJ1kdu496s21IU2hjYfN/3seH5a9hBk8iPHp/eTeVUXFKh27rRWn0gc+rba1LF0BWfTjRYR7e1uvPEau0I61sNsp3lnMULdkgkZ9rap1sRM6ULlaRXM= ivand@nixos
			`''`
			`];`
			`};`
			`extraGroups = { mlocate = { }; };`
			`};`

			`environment = {`
wireguard change config 2023-11-18 16:59:08 +01:00			`systemPackages = with pkgs; [ nmap coreutils-full fd git vim mlocate busybox bash scripts ];`
roundcube 2023-11-15 15:37:04 +01:00			`};`

making the config buildable for amazon iso 2023-10-13 15:59:57 +02:00			`services = {`
			`openssh = {`
			`enable = true;`
			`settings = {`
			`PermitRootLogin = "prohibit-password";`
			`};`
			`};`
			`};`
bingwp on server 2024-04-21 22:54:04 +02:00			`systemd = {`
			`timers = {`
			`bingwp = {`
			`wantedBy = [ "timers.target" ];`
			`timerConfig = {`
			`OnCalendar = "--* 10:00:00";`
			`Persistent = true;`
			`};`
			`};`
			`};`
			`services = {`
			`bingwp = {`
			`description = "Download bing image of the day";`
			`script = ''`
			`${pkgs.nushell}/bin/nu -c "http get ('https://bing.com' + ((http get https://www.bing.com/HPImageArchive.aspx?format=js&n=1).images.0.url)) \| save ('/var/pic' \| path join ( [ (date now \| format date '%Y-%m-%d'), '.png' ] \| str join ))"`
			`'';`
			`};`
			`};`
			`};`
initial commit 2023-09-19 14:22:42 +02:00			`}`