feat: change domain

Update vars via generator ddns-updater-conf for machine moritz-server

machines/moritz-server/ddns.nix

@@ -1,14 +1,7 @@
-{
-  config,
-  pkgs,
-  inputs,
-  ...
-}: {
+{config, ...}: {
   services.ddns-updater = {
     enable = true;
-    package = inputs.stable.legacyPackages.${pkgs.system}.ddns-updater;
     environment = {
-      # LOG_LEVEL = "debug";
       CONFIG_FILEPATH = config.clan.core.vars.generators.ddns-updater-conf.files."config.json".path;
     };
   };

machines/moritz-server/mail-server.nix

@@ -10,8 +10,8 @@
   ];
   mailserver = {
     enable = true;
-    fqdn = "mail.moritz.foo";
-    domains = ["moritz.foo"];
+    fqdn = "mail.moritz.place";
+    domains = ["moritz.place"];
 
     fullTextSearch = {
       enable = true;
@@ -22,16 +22,16 @@
     };
 
     loginAccounts = {
-      "main@moritz.foo" = {
+      "main@moritz.place" = {
         hashedPasswordFile = config.clan.core.vars.generators.mail-server.files.main-password-hash.path;
-        aliases = ["@moritz.foo"];
+        aliases = ["@moritz.place"];
       };
     };
 
     # Use Let's Encrypt certificates. Note that this needs to set up a stripped
     # down nginx and opens port 80.
     certificateScheme = "acme";
-    acmeCertificateName = "any.moritz.foo";
+    acmeCertificateName = "any.moritz.place";
   };
 
   clan.core.vars.generators.mail-server = {
@@ -59,7 +59,7 @@
 
   services.roundcube = {
     enable = true;
-    hostName = "webmail.moritz.foo";
+    hostName = "webmail.moritz.place";
     dicts = with pkgs.aspellDicts; [en de];
     extraConfig = ''
       # starttls needed for authentication, so the fqdn required to match
@@ -69,8 +69,8 @@
       $config['smtp_pass'] = "%p";
     '';
   };
-  services.nginx.virtualHosts."webmail.moritz.foo".enableACME = false;
-  services.nginx.virtualHosts."webmail.moritz.foo".useACMEHost = "any.moritz.foo";
+  services.nginx.virtualHosts."webmail.moritz.place".enableACME = false;
+  services.nginx.virtualHosts."webmail.moritz.place".useACMEHost = "any.moritz.place";
 
   services.borgbackup.jobs = {
     mailDirectory = {

machines/moritz-server/reverse-proxy.nix

@@ -59,9 +59,9 @@
           proxyPass = "http://192.168.0.6";
         };
       };
-      "www.moritz.foo" = {
+      "www.moritz.place" = {
         forceSSL = true;
-        useACMEHost = "any.moritz.foo";
+        useACMEHost = "any.moritz.place";
         locations."/" = {
           extraConfig = ''
             add_header Content-Type text/html;
@@ -69,17 +69,17 @@
           return = "200 '<html><body>Hello World</body></html>'";
         };
       };
-      "moritz.foo" = {
+      "moritz.place" = {
         forceSSL = true;
-        useACMEHost = "moritz.foo";
+        useACMEHost = "moritz.place";
         locations."/" = {
-          return = "301 https://www.moritz.foo";
+          return = "301 https://www.moritz.place";
         };
       };
       "_" = {
         forceSSL = true;
         default = true;
-        useACMEHost = "any.moritz.foo";
+        useACMEHost = "any.moritz.place";
         locations."/" = {
           return = "404 'Not found!'";
         };
@@ -96,7 +96,7 @@
 
       map $ssl_preread_server_name $name {
           hostnames;
-          .moritz.foo self;
+          .moritz.place self;
           .moritzboeh.me diskstation;
       }
 
@@ -112,13 +112,13 @@
     acceptTerms = true;
     defaults.email = "acme@moritzboeh.me";
     defaults.dnsResolver = "1.1.1.1:53";
-    certs."moritz.foo" = {
+    certs."moritz.place" = {
       dnsProvider = "cloudflare";
       group = "nginx";
       environmentFile = config.clan.core.vars.generators.acme.files.vars.path;
     };
-    certs."any.moritz.foo" = {
-      domain = "*.moritz.foo";
+    certs."any.moritz.place" = {
+      domain = "*.moritz.place";
       dnsProvider = "cloudflare";
       group = "nginx";
       environmentFile = config.clan.core.vars.generators.acme.files.vars.path;

modules/moritz/profiles/personal_mail.nix

@@ -47,13 +47,13 @@ in {
         imapnotify.enable = true;
         imapnotify.boxes = ["Inbox"];
         imapnotify.onNotify = "${lib.getExe' pkgs.systemd "systemctl"} start --user mbsync.service";
-        address = "main@moritz.foo";
-        userName = "main@moritz.foo";
+        address = "main@moritz.place";
+        userName = "main@moritz.place";
         aerc.enable = true;
         # gpg.signByDefault = true;
         # gpg.key = "0xE4F362A3F5C338A0";
-        imap.host = "mail.moritz.foo";
-        smtp.host = "mail.moritz.foo";
+        imap.host = "mail.moritz.place";
+        smtp.host = "mail.moritz.place";
         realName = "Moritz Böhme";
         mbsync.enable = true;
         mbsync.create = "both";

vars/per-machine/moritz-server/acme/vars/secret

@@ -1,19 +1,19 @@
 {
-	"data": "ENC[AES256_GCM,data:nXGv5y5uiqtGFTEz2m0J0uY61xC+rHV+rygJi7IEM9IYjBSdl1BBuvStNMhBJQ+6pKzJrj+H4eplEA==,iv:kz93P9IDxwRlF7eJAoJ/f90H7+FWYW9KeCsUYvwpB/w=,tag:zZphQDNof82LRTWUgJPDlw==,type:str]",
+	"data": "ENC[AES256_GCM,data:qvAEVjaoFsq5wv1q5jK6U8/Ru+z54iXEu739bh9qUrecmzpMxGzUqlqLf98GNpi0BlV3H/ilk8EUCg==,iv:TlOiXXILJuPPzEBu0oPmjbOQhh2Ukq1THMhApNCA8wE=,tag:0eNBRIAWmS+6zT/mjqbLtQ==,type:str]",
 	"sops": {
 		"age": [
 			{
 				"recipient": "age12jlzcjwwhtgws4ku4nemwknsps3a6um74kdpxfv9pzvgdlhufp8q08c0j7",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5cUxHVUY3N2NBNUFhTjVQ\nL2Q0YjVBNlY0WnovUUpzZmp2Q1h4WGFaMUI0Cm5nZlJocGs2VkNoZzVMc245bXVD\nQ1l1QzNHZHFKMjQ2UzlzYjhLbkNVQWsKLS0tIEVya3dpOTlRNDRIRVdOSTN0V3dS\nVWVMN0JBdmh0d25NNHBDVEQyeFpTMEkKY2BE6JZ+4IAfUl1FamH3W9EfXwfCFi+U\nbg1UJpMqw6pii+XbnLb3WUYZck6JRtyDLvdEPdoI+wTFD08463p83g==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIR3g5TEdHN2ZES1QrMk5l\nNWZGd0ZnVFI0a3V6dm85YllWK2d0OUQwbkI0CnFGQTUvRUZDZHZiOVBKcHFDZ3Ew\nQTlvVUVyTGRlaG9IblY0V1R5Nmw3aE0KLS0tIGxqS3N5K0pabjdTWUZZVXRPRnRI\nWVZMVWh1NlNLMklQdkd0YjJCUnV4Y2MK6reAXxRRz+JI40enqoOFkzaYp82T+yfY\nRMKbzbZgYFKU3SWu0eGAMatmP6BpjEx0/A/jXlCV4oX6CuQbjw6bIQ==\n-----END AGE ENCRYPTED FILE-----\n"
 			},
 			{
 				"recipient": "age1wwlwwv9gscl9z6k59z6pp8hcay7vehvqp6y5f85pjyd9seqe8s0q5dkmr4",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtbGxvK2lFSnFLM2RoSG9K\nekZ5VjdmYmwyUWtFK241WVF6YjhWZEZJdGxZCnpXMnp6YndvdlF2RzJManVXbjZV\nR3g3KytUUU9kdmIxRU5LSVZPaHYwMlkKLS0tIDhmejhEcit2YmVrNFp5eFgrbDls\nV2pNZUg3U293Z0hMRytyRExQRmE0aUkKNqaT6R5IDw6I9IXGsKcUsem04XQSTmCU\nW8iAehs524XzGE4+6SERDM1qrfKno1vJpmS2qG8/s1HicycjmMfQRw==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuV0hzdTd2cmVrL2NlU2hq\neG1MQ1dzdWl2blRrYUZ3SDJEd0hGQlhaV3dZCm9zNExTeWxWUU5Xam5IenZybURn\nTFBQSWJ1R0xtMEhJNmRPcnFGMnRLWlUKLS0tIDZxcWRrN3M5amFYWUdHNDRpVXN6\nRTdqREhCcy9XUXRzbWlzbHpXRjE2NW8KDnEqvG1pMSK8twokBGXiBpxM5I+V7ETT\nyCX3k2iuGmfLtM9IekCtNttHMm758vkrBpZ3rPdhplsspsN+1wEUSQ==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
-		"lastmodified": "2025-05-14T11:49:53Z",
-		"mac": "ENC[AES256_GCM,data:9faPbY2mUIp/A1oDqan4cpadJah30PpGZ2feFPohCn9Gy/xYYjqhqEwIpjvwf+MRCvqdC6n4jvOT8AVUHiwrtr19/In2CWpPMrFsw08nCzO9L9TJAfDnqYLdqtdHF3DgEFIzy0wi5iSRe5/lo79GW8uMdS7ULf4T26WKfGzsk6o=,iv:w2OXdQH1mB+NvAJedYmtkDU2m0HywnCEP1MMhHh8lW8=,tag:XYitYG0iDpPbWjShOW+icg==,type:str]",
+		"lastmodified": "2025-05-15T16:07:47Z",
+		"mac": "ENC[AES256_GCM,data:IFLqkYlsnUgje1GcgOOt10jW2AXozHghuTFsQS+IIx/Xk1Ciu7O6LMgmduqwD/0OEdh1+uCGzbvoh9Cgdtyx3gzPra5YkXHZf60DZrcQ0nUCOskYfFxsQlB5DN4xes/5UknUCwBxJ9wpOcrjHYNJQh20urOZ0FD1uvRUbi8DmMA=,iv:uIs5ImIp6vL/rON77BV65bSlSUyuT93tF+Wao3hhb/o=,tag:YCVatgDRRIrYQVZMOC0HNg==,type:str]",
 		"unencrypted_suffix": "_unencrypted",
-		"version": "3.10.1"
+		"version": "3.10.2"
 	}
 }

vars/per-machine/moritz-server/ddns-updater-conf/config.json/secret

@@ -1,18 +1,18 @@
 {
-	"data": "ENC[AES256_GCM,data:MHXQQ3wglo2QGn15SE9nxOlLmn/UMxSWBzxGt1IdeN9o0MfpG6gNYpErKaOfaZXtJSqFkMEf0rY5uCzhufet/l7htDTrIFNpw1mXfJnJJq/baMcFK+6Fg3gr/ozo9qPj4a4Pl7CqC8iEBnnVHFkAp9rAkguuGYRgEE0wq4SCnJI5QkCh4AHrzNRz6WSantip1X8MhmsekCyoKg3JbkcaP94uEo/ttfRd4dm7talk5Nah2SIdVAicCbm5O1BQ1yatSL7zVuCi6IWPrkMvaJle4sjGDv18zj4gkMVQ+987MvC3DZ4HSXJIS+k5nlGPdXKjl3uEo+Lo/M9kMi/YTezuaHMlwIJ5s0p2Q18nBT8iNd1Q9Lgd7G4GrJZkpdT/9Vld,iv:HYLtql782z3xkwDBiBBq1b+Yo86MWcBflvd5SdK+GWA=,tag:RXGY/wGZNUYzmxcSATtqjg==,type:str]",
+	"data": "ENC[AES256_GCM,data:AXWG7+qXfmCuLG3nReEY3Uc5xKrBAZgl6HeilYEpzA5w70lP0bXgvdq28WTXoXsYnapg6jPAlcOm7xdpMoOX6CnVOOysj8INS131bg9FrLpi37Ffq7WwsJIm0KqzOCgoehpgVOAL+V+hMlz1jnFmKOnUsNsOcUuQfXM/pzdCRl1+IWT6Io/z+e6WTM5qkBE6g9/Ou2krh/Tws/WMgUZ/NVYxTweT/RyVt5euCmDeNcf193N3a6yhdcYv4UlRMRSRraDgXyg9bqeDy81C+OtZi3SA4zMJbrf+UInqYFsZ0+wHojMG3CCMMaUt49W4JS0L/woycywJGPlbyNLJYJIE9pzDrLl0JXv1q27Zp0F9tFyugmiRtjQ15mP8M4D5e9rGvxA=,iv:ClKXoPIA1P6jaDausqNrJPW460Ausjkxmw/iIURwqOQ=,tag:cPy2ygegiGUoPzTtVTaXqg==,type:str]",
 	"sops": {
 		"age": [
 			{
 				"recipient": "age12jlzcjwwhtgws4ku4nemwknsps3a6um74kdpxfv9pzvgdlhufp8q08c0j7",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0S2d4K25EV0lOYUJoTGt4\naU9SZW9neklKbUZuZzNLSlZyK1NRSnhkR3pZCmxvUVN2cFYydkc4QTZRVnV5T1VD\nS09MUWJDdnJjejRQdGxMU0VPeklyNEEKLS0tIDlNTHNaZHlvVlRIS1RHTjVIalFs\nUitZK2VyeThVTG5HQW55L2Z4TkdBalUKY3s+DfVR6tpztpLpXoH4tVOiVI7wmKiC\n/N9OwUMVG3Lv4HjE5EuVR6EqmjzQ1um709lUF2cdXIS6+e6tXhD9dA==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHRksvZDBGYkpDcFlOZjJW\nNTNYbWJUdU9mUEp2STVJbTIwWmFVYWdRa0hzCkY5eUs0aTk2OXpQOU5uMnhyWlFT\nQlNPU3JlZ0NzZ214eWk2ODBURXA4VTQKLS0tIDcxaE5pTllUaWhPMGhhdS9JcnZv\nN3MrOFloOEM3Wjg0N2tMSU1Hc3UwVkUKky8Atit63JiHP+aHbP8eJCa31/xL5L4D\nfBqdX+t6oJrye2RvideVn0ecZoczFyxhSTNNXqvXBTXIaho9XnA33A==\n-----END AGE ENCRYPTED FILE-----\n"
 			},
 			{
 				"recipient": "age1wwlwwv9gscl9z6k59z6pp8hcay7vehvqp6y5f85pjyd9seqe8s0q5dkmr4",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvYWM4a2thUjR5T3U3aGxN\nSjV5eUdwZVNBbWIxcGFyWFBvS25ybXNmZUdZCk9vRFAvSWx1SVpNR2NqbU95M29U\nY2RwTUtsQ0s5NEJTTy9GalBpMisvYTgKLS0tIG8rR01ubzZubk9UTFdtc0dNQTJp\nM1lpSEI1VTE2Y2RYblNWSWFmRGZ2b1EKdHVAc9qGXw5reK8wEplciJG8drGNYSMh\n4eI7l9U4mbKTD8N0iCc8I/qI/V/NUEoK97WfKR3eEqFgUPG+5RTx1g==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvem1EK3BiWDZEc2JZbGUz\nOEZGcnFhcnE2ak9YWk1ZSmg5aDFMalkzWnljCnREd3d2OWFrMVZQYVFnZjNlWFBH\naXhLZnp3UUNpajArd3EzTWtzNm9zTU0KLS0tIFhPZmNjR01wRkF4MFVNUCt3aGRx\nSzJOV2txaEZoMmhFc2JpY1hLeXpMVzgKuo3ZRbm/vfbalCXW/BlpDVfOGchYjfHH\n/NCZuHrYz2+28h8CNS0rgGodpVbFvhkZpWT8U2Z0X8bNzwAYvoyMRQ==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
-		"lastmodified": "2025-05-14T15:50:58Z",
-		"mac": "ENC[AES256_GCM,data:/4S7NCfwHQcBIFmz4NbUjIbF1n7SnBobcaN4g/RTEhDWxBbKIs4xsbNQLhS80n0esxYR8h+gmxv5rpxgwhqBsk89qTKmaWn2B1BCzjKx5jSEiY0El73/ci/ltHRaJzTbGdDFWA+G0L30KQk/gwcxOGlj/BzYiWW54V3me0JPJOc=,iv:zVmd388h9pK62M6JvBS0CriazSSBSRbFBzje0ThHDgw=,tag:NNvFA/ardkpDMrJH+J0LYw==,type:str]",
+		"lastmodified": "2025-05-15T15:45:56Z",
+		"mac": "ENC[AES256_GCM,data:eGg16ca0XI3ReoTqMLlg/vwZ3S3SbXdJ6imDuInQyq7EMIKTjKOAr1M1vYJt/zB0mB+o183j5KqanBlx0K6DIf8gwWpmSMZZmTXIHG2XkZv1Hbk0OWhlopzIxIJepQoNsQC8LYQ1ieMzzyvlmkKgCRPaQVn9/PbI/ALzsID3hz0=,iv:AJ9oiAtfN1Q28uJ+bJ0A2fNZjPTGjfFMSMBvESciOEg=,tag:l8Pnxpjfh0RpVscVeAQR4A==,type:str]",
 		"unencrypted_suffix": "_unencrypted",
 		"version": "3.10.2"
 	}