infra/mail.dumpstack.io
1
0
Fork 0
Code Releases Activity

Use SNM from branch 20.03 and switch NixOS state to 20.03

Browse Source
This commit is contained in:
dump_stack() 2020-05-30 10:00:53 +00:00
parent b7b2785836
commit 226c73e3f5
Signed by: dump_stack
GPG Key ID: BE44DA8C062D87DC
2 changed files with 19 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -1,10 +1,7 @@
# mail.dumpstack.io # mail.dumpstack.io
Note: Note:
1. Comment out fetchTarball and mailserver for initial installation, 1. Some cloud providers disallow outbound SMTP by default. Check it if
because of [this bug](https://github.com/NixOS/nix/issues/2405).
2. Some cloud providers disallow outbound SMTP by default. Check it if
there'll be issues with outgoing emails. there'll be issues with outgoing emails.
## Installation ## Installation

31
configuration.nix
View File

@ -1,14 +1,13 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
secrets = import ./secrets.nix; secrets = import ./secrets.nix;
domain = "dumpstack.io";
branch = "20.03";
in { in {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
# check https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/tags
# for new releases
(builtins.fetchTarball { (builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.3.0/nixos-mailserver-v2.3.0.tar.gz"; url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${branch}/nixos-mailserver-nixos-${branch}.tar.gz";
sha256 = "0lpz08qviccvpfws2nm83n7m2r8add2wvfg9bljx9yxx8107r919";
}) })
]; ];
@ -20,7 +19,7 @@ in {
boot.loader.grub.version = 2; boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/vda"; boot.loader.grub.device = "/dev/vda";
networking.hostName = "mail.dumpstack.io"; networking.hostName = "mail.${domain}";
networking.firewall.allowedTCPPorts = [ 443 ]; networking.firewall.allowedTCPPorts = [ 443 ];
@ -28,29 +27,35 @@ in {
htop htop
]; ];
security.acme.acceptTerms = true;
security.acme.certs."mail.${domain}".email = "letsencrypt@${domain}";
mailserver = { mailserver = {
enable = true; enable = true;
fqdn = "mail.dumpstack.io"; fqdn = "mail.${domain}";
domains = [ "dumpstack.io" ]; domains = [ "${domain}" ];
loginAccounts = { loginAccounts = {
"root@dumpstack.io" = { "root@${domain}" = {
hashedPassword = "${secrets.mailHashedPassword}"; hashedPassword = "${secrets.mailHashedPassword}";
aliases = secrets.aliases; aliases = secrets.aliases;
catchAll = [ "dumpstack.io" ]; catchAll = [ "${domain}" ];
}; };
}; };
certificateScheme = 3; # Let's Encrypt certificateScheme = 3; # Let's Encrypt
enableImapSsl = true; enableImapSsl = true;
rebootAfterKernelUpgrade.enable = true;
}; };
time.timeZone = "UTC"; time.timeZone = "UTC";
services.openssh.enable = true; services.openssh.enable = true;
system.autoUpgrade.enable = true; system.autoUpgrade = {
system.stateVersion = "19.09"; enable = true;
allowReboot = true;
};
# read release notes carefully before changing it
system.stateVersion = "20.03";
nix = { nix = {
optimise.automatic = true; optimise.automatic = true;