Compare commits
4 commits
5fda53d31d
...
1749a74e76
| Author | SHA1 | Date | |
|---|---|---|---|
| 1749a74e76 | |||
| 01efc1f257 | |||
| fe67961c11 | |||
| 4f8f33c1b1 |
6 changed files with 34 additions and 41 deletions
|
|
@ -1,14 +1,7 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
{config, ...}: {
|
||||
services.ddns-updater = {
|
||||
enable = true;
|
||||
package = inputs.stable.legacyPackages.${pkgs.system}.ddns-updater;
|
||||
environment = {
|
||||
# LOG_LEVEL = "debug";
|
||||
CONFIG_FILEPATH = config.clan.core.vars.generators.ddns-updater-conf.files."config.json".path;
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@
|
|||
];
|
||||
mailserver = {
|
||||
enable = true;
|
||||
fqdn = "mail.moritz.foo";
|
||||
domains = ["moritz.foo"];
|
||||
fqdn = "mail.moritz.place";
|
||||
domains = ["moritz.place"];
|
||||
|
||||
fullTextSearch = {
|
||||
enable = true;
|
||||
|
|
@ -22,16 +22,16 @@
|
|||
};
|
||||
|
||||
loginAccounts = {
|
||||
"main@moritz.foo" = {
|
||||
"main@moritz.place" = {
|
||||
hashedPasswordFile = config.clan.core.vars.generators.mail-server.files.main-password-hash.path;
|
||||
aliases = ["@moritz.foo"];
|
||||
aliases = ["@moritz.place"];
|
||||
};
|
||||
};
|
||||
|
||||
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
||||
# down nginx and opens port 80.
|
||||
certificateScheme = "acme";
|
||||
acmeCertificateName = "any.moritz.foo";
|
||||
acmeCertificateName = "any.moritz.place";
|
||||
};
|
||||
|
||||
clan.core.vars.generators.mail-server = {
|
||||
|
|
@ -59,7 +59,7 @@
|
|||
|
||||
services.roundcube = {
|
||||
enable = true;
|
||||
hostName = "webmail.moritz.foo";
|
||||
hostName = "webmail.moritz.place";
|
||||
dicts = with pkgs.aspellDicts; [en de];
|
||||
extraConfig = ''
|
||||
# starttls needed for authentication, so the fqdn required to match
|
||||
|
|
@ -69,8 +69,8 @@
|
|||
$config['smtp_pass'] = "%p";
|
||||
'';
|
||||
};
|
||||
services.nginx.virtualHosts."webmail.moritz.foo".enableACME = false;
|
||||
services.nginx.virtualHosts."webmail.moritz.foo".useACMEHost = "any.moritz.foo";
|
||||
services.nginx.virtualHosts."webmail.moritz.place".enableACME = false;
|
||||
services.nginx.virtualHosts."webmail.moritz.place".useACMEHost = "any.moritz.place";
|
||||
|
||||
services.borgbackup.jobs = {
|
||||
mailDirectory = {
|
||||
|
|
|
|||
|
|
@ -59,9 +59,9 @@
|
|||
proxyPass = "http://192.168.0.6";
|
||||
};
|
||||
};
|
||||
"www.moritz.foo" = {
|
||||
"www.moritz.place" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "any.moritz.foo";
|
||||
useACMEHost = "any.moritz.place";
|
||||
locations."/" = {
|
||||
extraConfig = ''
|
||||
add_header Content-Type text/html;
|
||||
|
|
@ -69,17 +69,17 @@
|
|||
return = "200 '<html><body>Hello World</body></html>'";
|
||||
};
|
||||
};
|
||||
"moritz.foo" = {
|
||||
"moritz.place" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "moritz.foo";
|
||||
useACMEHost = "moritz.place";
|
||||
locations."/" = {
|
||||
return = "301 https://www.moritz.foo";
|
||||
return = "301 https://www.moritz.place";
|
||||
};
|
||||
};
|
||||
"_" = {
|
||||
forceSSL = true;
|
||||
default = true;
|
||||
useACMEHost = "any.moritz.foo";
|
||||
useACMEHost = "any.moritz.place";
|
||||
locations."/" = {
|
||||
return = "404 'Not found!'";
|
||||
};
|
||||
|
|
@ -96,7 +96,7 @@
|
|||
|
||||
map $ssl_preread_server_name $name {
|
||||
hostnames;
|
||||
.moritz.foo self;
|
||||
.moritz.place self;
|
||||
.moritzboeh.me diskstation;
|
||||
}
|
||||
|
||||
|
|
@ -112,13 +112,13 @@
|
|||
acceptTerms = true;
|
||||
defaults.email = "acme@moritzboeh.me";
|
||||
defaults.dnsResolver = "1.1.1.1:53";
|
||||
certs."moritz.foo" = {
|
||||
certs."moritz.place" = {
|
||||
dnsProvider = "cloudflare";
|
||||
group = "nginx";
|
||||
environmentFile = config.clan.core.vars.generators.acme.files.vars.path;
|
||||
};
|
||||
certs."any.moritz.foo" = {
|
||||
domain = "*.moritz.foo";
|
||||
certs."any.moritz.place" = {
|
||||
domain = "*.moritz.place";
|
||||
dnsProvider = "cloudflare";
|
||||
group = "nginx";
|
||||
environmentFile = config.clan.core.vars.generators.acme.files.vars.path;
|
||||
|
|
|
|||
|
|
@ -47,13 +47,13 @@ in {
|
|||
imapnotify.enable = true;
|
||||
imapnotify.boxes = ["Inbox"];
|
||||
imapnotify.onNotify = "${lib.getExe' pkgs.systemd "systemctl"} start --user mbsync.service";
|
||||
address = "main@moritz.foo";
|
||||
userName = "main@moritz.foo";
|
||||
address = "main@moritz.place";
|
||||
userName = "main@moritz.place";
|
||||
aerc.enable = true;
|
||||
# gpg.signByDefault = true;
|
||||
# gpg.key = "0xE4F362A3F5C338A0";
|
||||
imap.host = "mail.moritz.foo";
|
||||
smtp.host = "mail.moritz.foo";
|
||||
imap.host = "mail.moritz.place";
|
||||
smtp.host = "mail.moritz.place";
|
||||
realName = "Moritz Böhme";
|
||||
mbsync.enable = true;
|
||||
mbsync.create = "both";
|
||||
|
|
|
|||
|
|
@ -1,19 +1,19 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:nXGv5y5uiqtGFTEz2m0J0uY61xC+rHV+rygJi7IEM9IYjBSdl1BBuvStNMhBJQ+6pKzJrj+H4eplEA==,iv:kz93P9IDxwRlF7eJAoJ/f90H7+FWYW9KeCsUYvwpB/w=,tag:zZphQDNof82LRTWUgJPDlw==,type:str]",
|
||||
"data": "ENC[AES256_GCM,data:qvAEVjaoFsq5wv1q5jK6U8/Ru+z54iXEu739bh9qUrecmzpMxGzUqlqLf98GNpi0BlV3H/ilk8EUCg==,iv:TlOiXXILJuPPzEBu0oPmjbOQhh2Ukq1THMhApNCA8wE=,tag:0eNBRIAWmS+6zT/mjqbLtQ==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age12jlzcjwwhtgws4ku4nemwknsps3a6um74kdpxfv9pzvgdlhufp8q08c0j7",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5cUxHVUY3N2NBNUFhTjVQ\nL2Q0YjVBNlY0WnovUUpzZmp2Q1h4WGFaMUI0Cm5nZlJocGs2VkNoZzVMc245bXVD\nQ1l1QzNHZHFKMjQ2UzlzYjhLbkNVQWsKLS0tIEVya3dpOTlRNDRIRVdOSTN0V3dS\nVWVMN0JBdmh0d25NNHBDVEQyeFpTMEkKY2BE6JZ+4IAfUl1FamH3W9EfXwfCFi+U\nbg1UJpMqw6pii+XbnLb3WUYZck6JRtyDLvdEPdoI+wTFD08463p83g==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIR3g5TEdHN2ZES1QrMk5l\nNWZGd0ZnVFI0a3V6dm85YllWK2d0OUQwbkI0CnFGQTUvRUZDZHZiOVBKcHFDZ3Ew\nQTlvVUVyTGRlaG9IblY0V1R5Nmw3aE0KLS0tIGxqS3N5K0pabjdTWUZZVXRPRnRI\nWVZMVWh1NlNLMklQdkd0YjJCUnV4Y2MK6reAXxRRz+JI40enqoOFkzaYp82T+yfY\nRMKbzbZgYFKU3SWu0eGAMatmP6BpjEx0/A/jXlCV4oX6CuQbjw6bIQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1wwlwwv9gscl9z6k59z6pp8hcay7vehvqp6y5f85pjyd9seqe8s0q5dkmr4",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtbGxvK2lFSnFLM2RoSG9K\nekZ5VjdmYmwyUWtFK241WVF6YjhWZEZJdGxZCnpXMnp6YndvdlF2RzJManVXbjZV\nR3g3KytUUU9kdmIxRU5LSVZPaHYwMlkKLS0tIDhmejhEcit2YmVrNFp5eFgrbDls\nV2pNZUg3U293Z0hMRytyRExQRmE0aUkKNqaT6R5IDw6I9IXGsKcUsem04XQSTmCU\nW8iAehs524XzGE4+6SERDM1qrfKno1vJpmS2qG8/s1HicycjmMfQRw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuV0hzdTd2cmVrL2NlU2hq\neG1MQ1dzdWl2blRrYUZ3SDJEd0hGQlhaV3dZCm9zNExTeWxWUU5Xam5IenZybURn\nTFBQSWJ1R0xtMEhJNmRPcnFGMnRLWlUKLS0tIDZxcWRrN3M5amFYWUdHNDRpVXN6\nRTdqREhCcy9XUXRzbWlzbHpXRjE2NW8KDnEqvG1pMSK8twokBGXiBpxM5I+V7ETT\nyCX3k2iuGmfLtM9IekCtNttHMm758vkrBpZ3rPdhplsspsN+1wEUSQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-05-14T11:49:53Z",
|
||||
"mac": "ENC[AES256_GCM,data:9faPbY2mUIp/A1oDqan4cpadJah30PpGZ2feFPohCn9Gy/xYYjqhqEwIpjvwf+MRCvqdC6n4jvOT8AVUHiwrtr19/In2CWpPMrFsw08nCzO9L9TJAfDnqYLdqtdHF3DgEFIzy0wi5iSRe5/lo79GW8uMdS7ULf4T26WKfGzsk6o=,iv:w2OXdQH1mB+NvAJedYmtkDU2m0HywnCEP1MMhHh8lW8=,tag:XYitYG0iDpPbWjShOW+icg==,type:str]",
|
||||
"lastmodified": "2025-05-15T16:07:47Z",
|
||||
"mac": "ENC[AES256_GCM,data:IFLqkYlsnUgje1GcgOOt10jW2AXozHghuTFsQS+IIx/Xk1Ciu7O6LMgmduqwD/0OEdh1+uCGzbvoh9Cgdtyx3gzPra5YkXHZf60DZrcQ0nUCOskYfFxsQlB5DN4xes/5UknUCwBxJ9wpOcrjHYNJQh20urOZ0FD1uvRUbi8DmMA=,iv:uIs5ImIp6vL/rON77BV65bSlSUyuT93tF+Wao3hhb/o=,tag:YCVatgDRRIrYQVZMOC0HNg==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.1"
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,18 +1,18 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:MHXQQ3wglo2QGn15SE9nxOlLmn/UMxSWBzxGt1IdeN9o0MfpG6gNYpErKaOfaZXtJSqFkMEf0rY5uCzhufet/l7htDTrIFNpw1mXfJnJJq/baMcFK+6Fg3gr/ozo9qPj4a4Pl7CqC8iEBnnVHFkAp9rAkguuGYRgEE0wq4SCnJI5QkCh4AHrzNRz6WSantip1X8MhmsekCyoKg3JbkcaP94uEo/ttfRd4dm7talk5Nah2SIdVAicCbm5O1BQ1yatSL7zVuCi6IWPrkMvaJle4sjGDv18zj4gkMVQ+987MvC3DZ4HSXJIS+k5nlGPdXKjl3uEo+Lo/M9kMi/YTezuaHMlwIJ5s0p2Q18nBT8iNd1Q9Lgd7G4GrJZkpdT/9Vld,iv:HYLtql782z3xkwDBiBBq1b+Yo86MWcBflvd5SdK+GWA=,tag:RXGY/wGZNUYzmxcSATtqjg==,type:str]",
|
||||
"data": "ENC[AES256_GCM,data:AXWG7+qXfmCuLG3nReEY3Uc5xKrBAZgl6HeilYEpzA5w70lP0bXgvdq28WTXoXsYnapg6jPAlcOm7xdpMoOX6CnVOOysj8INS131bg9FrLpi37Ffq7WwsJIm0KqzOCgoehpgVOAL+V+hMlz1jnFmKOnUsNsOcUuQfXM/pzdCRl1+IWT6Io/z+e6WTM5qkBE6g9/Ou2krh/Tws/WMgUZ/NVYxTweT/RyVt5euCmDeNcf193N3a6yhdcYv4UlRMRSRraDgXyg9bqeDy81C+OtZi3SA4zMJbrf+UInqYFsZ0+wHojMG3CCMMaUt49W4JS0L/woycywJGPlbyNLJYJIE9pzDrLl0JXv1q27Zp0F9tFyugmiRtjQ15mP8M4D5e9rGvxA=,iv:ClKXoPIA1P6jaDausqNrJPW460Ausjkxmw/iIURwqOQ=,tag:cPy2ygegiGUoPzTtVTaXqg==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age12jlzcjwwhtgws4ku4nemwknsps3a6um74kdpxfv9pzvgdlhufp8q08c0j7",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0S2d4K25EV0lOYUJoTGt4\naU9SZW9neklKbUZuZzNLSlZyK1NRSnhkR3pZCmxvUVN2cFYydkc4QTZRVnV5T1VD\nS09MUWJDdnJjejRQdGxMU0VPeklyNEEKLS0tIDlNTHNaZHlvVlRIS1RHTjVIalFs\nUitZK2VyeThVTG5HQW55L2Z4TkdBalUKY3s+DfVR6tpztpLpXoH4tVOiVI7wmKiC\n/N9OwUMVG3Lv4HjE5EuVR6EqmjzQ1um709lUF2cdXIS6+e6tXhD9dA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHRksvZDBGYkpDcFlOZjJW\nNTNYbWJUdU9mUEp2STVJbTIwWmFVYWdRa0hzCkY5eUs0aTk2OXpQOU5uMnhyWlFT\nQlNPU3JlZ0NzZ214eWk2ODBURXA4VTQKLS0tIDcxaE5pTllUaWhPMGhhdS9JcnZv\nN3MrOFloOEM3Wjg0N2tMSU1Hc3UwVkUKky8Atit63JiHP+aHbP8eJCa31/xL5L4D\nfBqdX+t6oJrye2RvideVn0ecZoczFyxhSTNNXqvXBTXIaho9XnA33A==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1wwlwwv9gscl9z6k59z6pp8hcay7vehvqp6y5f85pjyd9seqe8s0q5dkmr4",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvYWM4a2thUjR5T3U3aGxN\nSjV5eUdwZVNBbWIxcGFyWFBvS25ybXNmZUdZCk9vRFAvSWx1SVpNR2NqbU95M29U\nY2RwTUtsQ0s5NEJTTy9GalBpMisvYTgKLS0tIG8rR01ubzZubk9UTFdtc0dNQTJp\nM1lpSEI1VTE2Y2RYblNWSWFmRGZ2b1EKdHVAc9qGXw5reK8wEplciJG8drGNYSMh\n4eI7l9U4mbKTD8N0iCc8I/qI/V/NUEoK97WfKR3eEqFgUPG+5RTx1g==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvem1EK3BiWDZEc2JZbGUz\nOEZGcnFhcnE2ak9YWk1ZSmg5aDFMalkzWnljCnREd3d2OWFrMVZQYVFnZjNlWFBH\naXhLZnp3UUNpajArd3EzTWtzNm9zTU0KLS0tIFhPZmNjR01wRkF4MFVNUCt3aGRx\nSzJOV2txaEZoMmhFc2JpY1hLeXpMVzgKuo3ZRbm/vfbalCXW/BlpDVfOGchYjfHH\n/NCZuHrYz2+28h8CNS0rgGodpVbFvhkZpWT8U2Z0X8bNzwAYvoyMRQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-05-14T15:50:58Z",
|
||||
"mac": "ENC[AES256_GCM,data:/4S7NCfwHQcBIFmz4NbUjIbF1n7SnBobcaN4g/RTEhDWxBbKIs4xsbNQLhS80n0esxYR8h+gmxv5rpxgwhqBsk89qTKmaWn2B1BCzjKx5jSEiY0El73/ci/ltHRaJzTbGdDFWA+G0L30KQk/gwcxOGlj/BzYiWW54V3me0JPJOc=,iv:zVmd388h9pK62M6JvBS0CriazSSBSRbFBzje0ThHDgw=,tag:NNvFA/ardkpDMrJH+J0LYw==,type:str]",
|
||||
"lastmodified": "2025-05-15T15:45:56Z",
|
||||
"mac": "ENC[AES256_GCM,data:eGg16ca0XI3ReoTqMLlg/vwZ3S3SbXdJ6imDuInQyq7EMIKTjKOAr1M1vYJt/zB0mB+o183j5KqanBlx0K6DIf8gwWpmSMZZmTXIHG2XkZv1Hbk0OWhlopzIxIJepQoNsQC8LYQ1ieMzzyvlmkKgCRPaQVn9/PbI/ALzsID3hz0=,iv:AJ9oiAtfN1Q28uJ+bJ0A2fNZjPTGjfFMSMBvESciOEg=,tag:l8Pnxpjfh0RpVscVeAQR4A==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue