l domsen: fixes & domains
This commit is contained in:
parent
fe89b7544e
commit
794590866b
@ -96,6 +96,7 @@ in {
|
|||||||
file_uploads = on
|
file_uploads = on
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
systemd.services.nextcloud-setup.after = [ "secret-nextcloud_pw.service" ];
|
||||||
krebs.secret.files.nextcloud_pw = {
|
krebs.secret.files.nextcloud_pw = {
|
||||||
path = "/run/nextcloud.pw";
|
path = "/run/nextcloud.pw";
|
||||||
owner.name = "nextcloud";
|
owner.name = "nextcloud";
|
||||||
@ -121,18 +122,17 @@ in {
|
|||||||
# MAIL STUFF
|
# MAIL STUFF
|
||||||
# TODO: make into its own module
|
# TODO: make into its own module
|
||||||
|
|
||||||
# workaround for android 7
|
|
||||||
security.acme.certs."lassul.us".keyType = "rsa4096";
|
|
||||||
|
|
||||||
services.roundcube = {
|
services.roundcube = {
|
||||||
enable = true;
|
enable = true;
|
||||||
hostName = "mail.lassul.us";
|
hostName = "mail.lassul.us";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
$config['smtp_port'] = 25;
|
$config['smtp_debug'] = true;
|
||||||
|
$config['smtp_host'] = "localhost:25";
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
services.dovecot2 = {
|
services.dovecot2 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
showPAMFailure = true;
|
||||||
mailLocation = "maildir:~/Mail";
|
mailLocation = "maildir:~/Mail";
|
||||||
sslServerCert = "/var/lib/acme/lassul.us/fullchain.pem";
|
sslServerCert = "/var/lib/acme/lassul.us/fullchain.pem";
|
||||||
sslServerKey = "/var/lib/acme/lassul.us/key.pem";
|
sslServerKey = "/var/lib/acme/lassul.us/key.pem";
|
||||||
@ -142,6 +142,17 @@ in {
|
|||||||
{ predicate = "-p tcp --dport imaps"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport imaps"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
(pkgs.writers.writeDashBin "debug_exim" ''
|
||||||
|
set -ef
|
||||||
|
export PATH="${lib.makeBinPath [ pkgs.coreutils ]}"
|
||||||
|
echo "$@" >> /tmp/xxx
|
||||||
|
/run/wrappers/bin/shadow_verify_arg "${config.lass.usershadow.pattern}" "$2" "$3" 2>>/tmp/xxx1
|
||||||
|
echo "ok" >> /tmp/yyy
|
||||||
|
exit 23
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
|
||||||
krebs.exim-smarthost = {
|
krebs.exim-smarthost = {
|
||||||
authenticators.PLAIN = ''
|
authenticators.PLAIN = ''
|
||||||
driver = plaintext
|
driver = plaintext
|
||||||
@ -153,6 +164,7 @@ in {
|
|||||||
public_name = LOGIN
|
public_name = LOGIN
|
||||||
server_prompts = "Username:: : Password::"
|
server_prompts = "Username:: : Password::"
|
||||||
server_condition = ''${run{/run/wrappers/bin/shadow_verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}}
|
server_condition = ''${run{/run/wrappers/bin/shadow_verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}}
|
||||||
|
# server_condition = ''${run{/run/current-system/sw/bin/debug_exim ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}}
|
||||||
'';
|
'';
|
||||||
internet-aliases = [
|
internet-aliases = [
|
||||||
{ from = "dma@ubikmedia.de"; to = "domsen"; }
|
{ from = "dma@ubikmedia.de"; to = "domsen"; }
|
||||||
@ -180,14 +192,13 @@ in {
|
|||||||
"alewis.de"
|
"alewis.de"
|
||||||
"jarugadesign.de"
|
"jarugadesign.de"
|
||||||
"beesmooth.ch"
|
"beesmooth.ch"
|
||||||
|
"event-extra.de"
|
||||||
];
|
];
|
||||||
dkim = [
|
dkim = [
|
||||||
{ domain = "ubikmedia.eu"; }
|
{ domain = "ubikmedia.eu"; }
|
||||||
{ domain = "apanowicz.de"; }
|
{ domain = "apanowicz.de"; }
|
||||||
{ domain = "beesmooth.ch"; }
|
{ domain = "beesmooth.ch"; }
|
||||||
];
|
];
|
||||||
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
|
|
||||||
ssl_key = "/var/lib/acme/lassul.us/key.pem";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.UBIK-SFTP = {
|
users.users.UBIK-SFTP = {
|
||||||
|
Loading…
Reference in New Issue
Block a user