chvp/nixos-config
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Move to NixOS-managed email

Browse source
This commit is contained in:
Charlotte Van Petegem 2022-03-06 00:09:59 +01:00
parent 7f1769329f
commit d76b03ed7f
No known key found for this signature in database
GPG key ID: 019E764B7184435A
19 changed files with 254 additions and 103 deletions
Download patch file Download diff file Expand all files Collapse all files

99
machines/lasting-integrity/default.nix
View file

@ -5,10 +5,7 @@
time.timeZone = "Europe/Berlin";
networking = {
hostId = "b352adfe";
firewall.allowedTCPPorts = [ 25 143 465 587 993 4190 ];
};
networking.hostId = "b352adfe";
# Machine-specific module settings
chvp = {
@ -35,6 +32,12 @@
fast = true;
location = "192.168.0.1";
}
{
path = "zdata/big-apps/mail";
remotePath = "zdata/recv/lasting-integrity/big-apps/mail";
fast = true;
location = "192.168.0.1";
}
{
path = "zdata/big-apps/nextcloud";
remotePath = "zdata/recv/lasting-integrity/big-apps/nextcloud";
@ -45,69 +48,47 @@
rootDataset = "zroot/local/root";
};
};
development = {
docker.enable = true;
git.enable = true;
};
games = {
particles.server = true;
tetris.server = true;
};
services = {
mail.enable = true;
matrix.enable = true;
nginx = {
extraPostACMEScripts = [
''
cp fullchain.pem /data/root/mailcow/data/assets/ssl/cert.pem
cp key.pem /data/root/mailcow/data/assets/ssl/key.pem
pushd /data/root/mailcow
${pkgs.bash}/bin/bash -c "source mailcow.conf && ${pkgs.docker-compose}/bin/docker-compose restart"
popd
''
];
hosts = [
{
fqdn = "vanpetegem.me";
options = {
locations = let matrixRedirect = {
proxyPass = "http://127.0.0.1:8448";
extraConfig = ''
proxy_read_timeout 600;
client_max_body_size 10M;
proxy_set_header X-Forwarded-Ssl on;
'';
}; in
{
"/_matrix" = matrixRedirect;
"/.well-known/matrix" = matrixRedirect;
"/".return = "307 https://www.vanpetegem.me$request_uri";
};
};
}
{ fqdn = "www.vanpetegem.me"; }
{
fqdn = "cvpetegem.be";
options = {
locations."/".return = "307 https://www.cvpetegem.be$request_uri";
};
}
{ fqdn = "www.cvpetegem.be"; }
{
fqdn = "chvp.be";
options = {
locations."/".return = "307 https://www.chvp.be$request_uri";
};
}
{ fqdn = "www.chvp.be"; }
{
fqdn = "mail.vanpetegem.me";
basicProxy = "http://127.0.0.1:8080";
}
];
};
nginx.hosts = [
{
fqdn = "vanpetegem.me";
options = {
locations = let matrixRedirect = {
proxyPass = "http://127.0.0.1:8448";
extraConfig = ''
proxy_read_timeout 600;
client_max_body_size 10M;
proxy_set_header X-Forwarded-Ssl on;
'';
}; in
{
"/_matrix" = matrixRedirect;
"/.well-known/matrix" = matrixRedirect;
"/".return = "307 https://www.vanpetegem.me$request_uri";
};
};
}
{ fqdn = "www.vanpetegem.me"; }
{
fqdn = "cvpetegem.be";
options.locations."/".return = "307 https://www.cvpetegem.be$request_uri";
}
{ fqdn = "www.cvpetegem.be"; }
{
fqdn = "chvp.be";
options.locations."/".return = "307 https://www.chvp.be$request_uri";
}
{ fqdn = "www.chvp.be"; }
];
nextcloud.enable = true;
syncthing.enable = true;
tunnel.enable = true;
};
};
services.ssmtp.enable = false;
}

4
machines/lasting-integrity/hardware.nix
View file

@ -42,6 +42,10 @@
fsType = "zfs";
neededForBoot = true;
};
"/data/var/vmail" = {
device = "zdata/big-apps/mail";
fsType = "zfs";
};
"/data/var/lib/nextcloud" = {
device = "zdata/big-apps/nextcloud";
fsType = "zfs";