From eb6eebde166112397e8711a16a8618a52ecbcaca Mon Sep 17 00:00:00 2001 From: Azat Bahawi Date: Wed, 22 Mar 2023 15:20:22 +0300 Subject: 2023-03-22 --- nixosConfigurations/eonwe/default.nix | 1 - nixosConfigurations/manwe/default.nix | 58 ++++++++++++++++---------------- nixosConfigurations/manwe/mailserver.nix | 8 +++++ 3 files changed, 37 insertions(+), 30 deletions(-) (limited to 'nixosConfigurations') diff --git a/nixosConfigurations/eonwe/default.nix b/nixosConfigurations/eonwe/default.nix index b5a5fc4..4c29013 100644 --- a/nixosConfigurations/eonwe/default.nix +++ b/nixosConfigurations/eonwe/default.nix @@ -25,7 +25,6 @@ with lib; { libvirtd.enable = true; qutebrowser.enable = true; mpd.enable = true; - nullmailer.enable = true; }; hm = { diff --git a/nixosConfigurations/manwe/default.nix b/nixosConfigurations/manwe/default.nix index a47cd88..a3c16b0 100644 --- a/nixosConfigurations/manwe/default.nix +++ b/nixosConfigurations/manwe/default.nix @@ -1,6 +1,5 @@ { config, - inputs, lib, ... }: @@ -44,36 +43,37 @@ with lib; { domain = my.domain.azahi; }; vaultwarden.enable = true; + ntfy.enable = true; }; - # To play old LAN games with the boys. - secrets."wireguard-private-key-70".file = "${inputs.self}/secrets/wireguard-private-key-70"; - networking = mkIf config.nixfiles.modules.wireguard.server.enable { - wireguard.interfaces.wg70 = { - ips = ["10.70.0.1/16"]; - listenPort = 7070; - privateKeyFile = config.secrets."wireguard-private-key-70".path; - peers = [ - { - publicKey = "@PUBLIC_KEY@"; - allowedIPs = ["10.70.1.1/32"]; - } - { - publicKey = "@PUBLIC_KEY@"; - allowedIPs = ["10.70.1.2/32"]; - } - { - publicKey = "@PUBLIC_KEY@"; - allowedIPs = ["10.70.1.3/32"]; - } - { - publicKey = "@PUBLIC_KEY@"; - allowedIPs = ["10.70.1.4/32"]; - } - ]; - }; - firewall.allowedUDPPorts = [7070]; - }; + # A VPN to play old LAN games with the boys. + # secrets."wireguard-private-key-70".file = "${inputs.self}/secrets/wireguard-private-key-70"; + # networking = mkIf config.nixfiles.modules.wireguard.server.enable { + # wireguard.interfaces.wg70 = { + # ips = ["10.70.0.1/16"]; + # listenPort = 7070; + # privateKeyFile = config.secrets."wireguard-private-key-70".path; + # peers = [ + # { + # publicKey = "@PUBLIC_KEY@"; + # allowedIPs = ["10.70.1.1/32"]; + # } + # { + # publicKey = "@PUBLIC_KEY@"; + # allowedIPs = ["10.70.1.2/32"]; + # } + # { + # publicKey = "@PUBLIC_KEY@"; + # allowedIPs = ["10.70.1.3/32"]; + # } + # { + # publicKey = "@PUBLIC_KEY@"; + # allowedIPs = ["10.70.1.4/32"]; + # } + # ]; + # }; + # firewall.allowedUDPPorts = [7070]; + # }; boot = { loader.grub = { diff --git a/nixosConfigurations/manwe/mailserver.nix b/nixosConfigurations/manwe/mailserver.nix index e8d1781..b59f0a8 100644 --- a/nixosConfigurations/manwe/mailserver.nix +++ b/nixosConfigurations/manwe/mailserver.nix @@ -7,6 +7,8 @@ with lib; { imports = [inputs.simple-nixos-mailserver.nixosModule]; + nixfiles.modules.redis.enable = true; + secrets = { dkim-key-azahi-cc = { file = "${inputs.self}/secrets/dkim-key-azahi-cc"; @@ -52,6 +54,12 @@ with lib; { lmtpSaveToDetailMailbox = "no"; + redis = with config.services.redis.servers.default; { + address = bind; + inherit port; + password = requirePass; + }; + loginAccounts = with my.domain; { "azahi@${shire}" = { hashedPassword = "@HASHED_PASSWORD@"; -- cgit 1.4.1