update

2024-02-01 17:51:04 +02:00 · 2024-02-01 17:51:04 +02:00 · b530b0a0c9
commit b530b0a0c9
parent 5b7821e01f
3 changed files with 38 additions and 37 deletions
--- a/flake.lock
+++ b/flake.lock
@ -207,11 +207,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1704842529,
-        "narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=",
+        "lastModified": 1706683685,
+        "narHash": "sha256-FtPPshEpxH/ewBOsdKBNhlsL2MLEFv1hEnQ19f/bFsQ=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5",
+        "rev": "5ad9903c16126a7d949101687af0aa589b1d7d3d",
        "type": "github"
      },
      "original": {
@ -219,28 +219,13 @@
        "type": "indirect"
      }
    },
-    "nixpkgs-22_11": {
-      "locked": {
-        "lastModified": 1669558522,
-        "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "ref": "nixos-22.11",
-        "type": "indirect"
-      }
-    },
    "nixpkgs-23_05": {
      "locked": {
-        "lastModified": 1684782344,
-        "narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
+        "lastModified": 1704290814,
+        "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
+        "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
        "type": "github"
      },
      "original": {
@ -249,6 +234,21 @@
        "type": "indirect"
      }
    },
+    "nixpkgs-23_11": {
+      "locked": {
+        "lastModified": 1706098335,
+        "narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-23.11",
+        "type": "indirect"
+      }
+    },
    "nixvim": {
      "inputs": {
        "flake-parts": "flake-parts",
@ -322,16 +322,16 @@
        "nixpkgs": [
          "nixpkgs"
        ],
-        "nixpkgs-22_11": "nixpkgs-22_11",
        "nixpkgs-23_05": "nixpkgs-23_05",
+        "nixpkgs-23_11": "nixpkgs-23_11",
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1703666786,
-        "narHash": "sha256-SLPNpM/rI8XPyVJAxMYAe+n6NiYSpuXvdwPILHP4yZI=",
+        "lastModified": 1706219574,
+        "narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=",
        "owner": "simple-nixos-mailserver",
        "repo": "nixos-mailserver",
-        "rev": "b5023b36a1f6628865cb42b4353bd2ddde0ea9f4",
+        "rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
        "type": "gitlab"
      },
      "original": {
@ -387,11 +387,11 @@
    },
    "vpsadminos": {
      "locked": {
-        "lastModified": 1704805549,
-        "narHash": "sha256-qsTfv50DiW6ii4zDmxvg67eBzGNanBqz//z8K2+kiGQ=",
+        "lastModified": 1706035822,
+        "narHash": "sha256-nGpoHvn/w24VjJtRdsRvxKOSEowUXEqGxsqaFmMgl/s=",
        "owner": "vpsfreecz",
        "repo": "vpsadminos",
-        "rev": "4e77ea7ff7da2f294b56914b0ad0c14f0a51794c",
+        "rev": "b2db597146d9c7717da874712290cf9559086157",
        "type": "github"
      },
      "original": {
--- a/mailserver/mailserver/default.nix
+++ b/mailserver/mailserver/default.nix
@ -16,4 +16,5 @@
    certificateScheme = "acme-nginx";
    hierarchySeparator = "/";
  };
+  services.dovecot2.sieve.extensions = [ "fileinto" ];
 }
--- a/mailserver/nginx/default.nix
+++ b/mailserver/nginx/default.nix
@ -1,4 +1,11 @@
 { pkgs, ... }:
+let
+  webshiteConfig = ''
+    add_header 'Referrer-Policy' 'origin-when-cross-origin';
+    add_header X-Content-Type-Options nosniff;
+    add_header Onion-Location http://sxfx23zafag4lixkb4s6zwih7ga5jnzfgtgykcerd354bvb6u7alnkid.onion;
+  '';
+in
 {
  services = {
    nginx = {
@ -8,15 +15,6 @@
      recommendedProxySettings = true;
      recommendedTlsSettings = true;
      sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
-      appendHttpConfig = ''
-        map $scheme $hsts_header {
-            https   "max-age=31536000; includeSubdomains; preload";
-        }
-        add_header Strict-Transport-Security $hsts_header;
-        add_header 'Referrer-Policy' 'origin-when-cross-origin';
-        add_header X-Content-Type-Options nosniff;
-        add_header Onion-Location http://sxfx23zafag4lixkb4s6zwih7ga5jnzfgtgykcerd354bvb6u7alnkid.onion;
-      '';
      virtualHosts = {
        "idimitrov.dev" = {
          enableACME = true;
@ -24,6 +22,7 @@
          locations."/" = {
            proxyPass = "http://127.0.0.1:3000";
          };
+          extraConfig = webshiteConfig;
        };
        "www.idimitrov.dev" = {
          enableACME = true;
@ -31,6 +30,7 @@
          locations."/" = {
            proxyPass = "http://127.0.0.1:3000";
          };
+          extraConfig = webshiteConfig;
        };
        "src.idimitrov.dev" = {
          enableACME = true;