Browse Source

Use SNM from branch 20.03 and switch NixOS state to 20.03

master
dump_stack() 1 year ago
parent
commit
226c73e3f5
Signed by: Mikhail Klementev <blame@dumpstack.io> GPG Key ID: BE44DA8C062D87DC
2 changed files with 19 additions and 17 deletions
  1. 1
    4
      README.md
  2. 18
    13
      configuration.nix

+ 1
- 4
README.md View File

@@ -1,10 +1,7 @@
# mail.dumpstack.io

Note:
1. Comment out fetchTarball and mailserver for initial installation,
because of [this bug](https://github.com/NixOS/nix/issues/2405).

2. Some cloud providers disallow outbound SMTP by default. Check it if
1. Some cloud providers disallow outbound SMTP by default. Check it if
there'll be issues with outgoing emails.

## Installation

+ 18
- 13
configuration.nix View File

@@ -1,14 +1,13 @@
{ config, pkgs, ... }:
let
secrets = import ./secrets.nix;
domain = "dumpstack.io";
branch = "20.03";
in {
imports = [
./hardware-configuration.nix
# check https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/tags
# for new releases
(builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.3.0/nixos-mailserver-v2.3.0.tar.gz";
sha256 = "0lpz08qviccvpfws2nm83n7m2r8add2wvfg9bljx9yxx8107r919";
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${branch}/nixos-mailserver-nixos-${branch}.tar.gz";
})
];

@@ -20,7 +19,7 @@ in {
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/vda";

networking.hostName = "mail.dumpstack.io";
networking.hostName = "mail.${domain}";

networking.firewall.allowedTCPPorts = [ 443 ];

@@ -28,29 +27,35 @@ in {
htop
];

security.acme.acceptTerms = true;
security.acme.certs."mail.${domain}".email = "letsencrypt@${domain}";

mailserver = {
enable = true;
fqdn = "mail.dumpstack.io";
domains = [ "dumpstack.io" ];
fqdn = "mail.${domain}";
domains = [ "${domain}" ];
loginAccounts = {
"root@dumpstack.io" = {
"root@${domain}" = {
hashedPassword = "${secrets.mailHashedPassword}";
aliases = secrets.aliases;
catchAll = [ "dumpstack.io" ];
catchAll = [ "${domain}" ];
};
};

certificateScheme = 3; # Let's Encrypt
enableImapSsl = true;

rebootAfterKernelUpgrade.enable = true;
};

time.timeZone = "UTC";
services.openssh.enable = true;

system.autoUpgrade.enable = true;
system.stateVersion = "19.09";
system.autoUpgrade = {
enable = true;
allowReboot = true;
};

# read release notes carefully before changing it
system.stateVersion = "20.03";

nix = {
optimise.automatic = true;

Loading…
Cancel
Save