mail.dumpstack.io/configuration.nix

{ config, pkgs, ... }:
let
  secrets = import ./secrets.nix;
  hostname = "mail-dumpstack-io";
  domain = "dumpstack.io";
  branch = "20.09";
in {
  imports = [
    ./hardware-configuration.nix
    (builtins.fetchTarball {
      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${branch}/nixos-mailserver-nixos-${branch}.tar.gz";
    })
  ];

  users.extraUsers.root = {
    openssh.authorizedKeys.keys = [ secrets.pubkey ];
  };

  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/vda";

  networking.hostName = hostname;

  networking.firewall.allowedTCPPorts = [ 443 ];

  environment.systemPackages = with pkgs; [
    htop vim
  ];

  security.acme.acceptTerms = true;
  security.acme.certs."mail.${domain}".email = "letsencrypt@${domain}";

  mailserver = {
    enable = true;
    fqdn = "mail.${domain}";
    domains = [ "${domain}" ];
    loginAccounts = {
        "root@${domain}" = {
            hashedPassword = "${secrets.mailHashedPassword}";
            aliases = secrets.aliases;
            catchAll = [ "${domain}" ];
        };
    };

    certificateScheme = 3;      # Let's Encrypt
    enableImapSsl = true;
  };

  time.timeZone = "UTC";
  services.openssh.enable = true;

  system.autoUpgrade = {
    enable = true;
    allowReboot = true;
  };

  # read release notes carefully before changing it
  system.stateVersion = "20.09";

  nix = {
    optimise.automatic = true;
    gc = {
      automatic = true;
      options = "--delete-older-than 7d";
    };
  };
}
Initial 2019-02-02 19:07:01 +00:00			`{ config, pkgs, ... }:`
			`let`
			`secrets = import ./secrets.nix;`
Use SNM from branch 20.09 and switch NixOS state to 20.09 2021-02-01 23:17:24 +00:00			`hostname = "mail-dumpstack-io";`
Use SNM from branch 20.03 and switch NixOS state to 20.03 2020-05-30 10:00:53 +00:00			`domain = "dumpstack.io";`
Use SNM from branch 20.09 and switch NixOS state to 20.09 2021-02-01 23:17:24 +00:00			`branch = "20.09";`
Initial 2019-02-02 19:07:01 +00:00			`in {`
			`imports = [`
			`./hardware-configuration.nix`
			`(builtins.fetchTarball {`
Use SNM from branch 20.03 and switch NixOS state to 20.03 2020-05-30 10:00:53 +00:00			`url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${branch}/nixos-mailserver-nixos-${branch}.tar.gz";`
Initial 2019-02-02 19:07:01 +00:00			`})`
			`];`

			`users.extraUsers.root = {`
			`openssh.authorizedKeys.keys = [ secrets.pubkey ];`
			`};`

			`boot.loader.grub.enable = true;`
			`boot.loader.grub.version = 2;`
			`boot.loader.grub.device = "/dev/vda";`

Use SNM from branch 20.09 and switch NixOS state to 20.09 2021-02-01 23:17:24 +00:00			`networking.hostName = hostname;`
Initial 2019-02-02 19:07:01 +00:00
			`networking.firewall.allowedTCPPorts = [ 443 ];`

			`environment.systemPackages = with pkgs; [`
Add vim 2021-02-01 23:17:41 +00:00			`htop vim`
Initial 2019-02-02 19:07:01 +00:00			`];`

Use SNM from branch 20.03 and switch NixOS state to 20.03 2020-05-30 10:00:53 +00:00			`security.acme.acceptTerms = true;`
			`security.acme.certs."mail.${domain}".email = "letsencrypt@${domain}";`

Initial 2019-02-02 19:07:01 +00:00			`mailserver = {`
			`enable = true;`
Use SNM from branch 20.03 and switch NixOS state to 20.03 2020-05-30 10:00:53 +00:00			`fqdn = "mail.${domain}";`
			`domains = [ "${domain}" ];`
Initial 2019-02-02 19:07:01 +00:00			`loginAccounts = {`
Use SNM from branch 20.03 and switch NixOS state to 20.03 2020-05-30 10:00:53 +00:00			`"root@${domain}" = {`
Initial 2019-02-02 19:07:01 +00:00			`hashedPassword = "${secrets.mailHashedPassword}";`
			`aliases = secrets.aliases;`
Use SNM from branch 20.03 and switch NixOS state to 20.03 2020-05-30 10:00:53 +00:00			`catchAll = [ "${domain}" ];`
Initial 2019-02-02 19:07:01 +00:00			`};`
			`};`

			`certificateScheme = 3; # Let's Encrypt`
			`enableImapSsl = true;`
			`};`

			`time.timeZone = "UTC";`
			`services.openssh.enable = true;`

Use SNM from branch 20.03 and switch NixOS state to 20.03 2020-05-30 10:00:53 +00:00			`system.autoUpgrade = {`
			`enable = true;`
			`allowReboot = true;`
			`};`

			`# read release notes carefully before changing it`
Use SNM from branch 20.09 and switch NixOS state to 20.09 2021-02-01 23:17:24 +00:00			`system.stateVersion = "20.09";`
Auto garbage collect 2019-04-12 17:25:46 +00:00
Auto optimize storage 2019-04-12 17:42:03 +00:00			`nix = {`
			`optimise.automatic = true;`
			`gc = {`
			`automatic = true;`
			`options = "--delete-older-than 7d";`
			`};`
			`};`
Initial 2019-02-02 19:07:01 +00:00			`}`