feat: introduce treefmt and fmt all
This commit is contained in:
parent
80250b0179
commit
27c6c4f9fa
237 changed files with 5440 additions and 5214 deletions
|
|
@ -6,198 +6,206 @@
|
|||
imapsPort ? 993,
|
||||
sievePort ? 4190,
|
||||
autoStart ? false,
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
inherit specialArgs;
|
||||
config = {
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
repoFlake,
|
||||
...
|
||||
}: {
|
||||
system.stateVersion = "22.05"; # Did you read the comment?
|
||||
config =
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
repoFlake,
|
||||
...
|
||||
}:
|
||||
{
|
||||
system.stateVersion = "22.05"; # Did you read the comment?
|
||||
|
||||
imports = [
|
||||
../profiles/containers/configuration.nix
|
||||
imports = [
|
||||
../profiles/containers/configuration.nix
|
||||
|
||||
repoFlake.inputs.sops-nix.nixosModules.sops
|
||||
../profiles/common/user.nix
|
||||
];
|
||||
repoFlake.inputs.sops-nix.nixosModules.sops
|
||||
../profiles/common/user.nix
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
imapsPort
|
||||
sievePort
|
||||
];
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
imapsPort
|
||||
sievePort
|
||||
];
|
||||
|
||||
# FIXME: find out how to use the `defaultSopsFile` so i don't have to specify each secret separately
|
||||
# sops.defaultSopsFile = ./mailserver_secrets.yaml;
|
||||
# FIXME: find out how to use the `defaultSopsFile` so i don't have to specify each secret separately
|
||||
# sops.defaultSopsFile = ./mailserver_secrets.yaml;
|
||||
|
||||
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
||||
sops.secrets.email_mailStefanjunkerDe = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.steveej.name;
|
||||
};
|
||||
sops.secrets.email_mailStefanjunkerDeHetzner = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.steveej.name;
|
||||
};
|
||||
sops.secrets.email_schtifATwebDe = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.steveej.name;
|
||||
};
|
||||
sops.secrets.email_dovecot_steveej = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.dovecot2.name;
|
||||
};
|
||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
sops.secrets.email_mailStefanjunkerDe = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.steveej.name;
|
||||
};
|
||||
sops.secrets.email_mailStefanjunkerDeHetzner = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.steveej.name;
|
||||
};
|
||||
sops.secrets.email_schtifATwebDe = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.steveej.name;
|
||||
};
|
||||
sops.secrets.email_dovecot_steveej = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.dovecot2.name;
|
||||
};
|
||||
|
||||
# TODO: switch to something other than ddclient as it's no longer maintained
|
||||
# TODO: switch to something other than ddclient as it's no longer maintained
|
||||
|
||||
# TODO: switch to a let's encrypt certificate
|
||||
sops.secrets.dovecotSslServerCert = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.dovecot2.name;
|
||||
};
|
||||
sops.secrets.dovecotSslServerKey = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.dovecot2.name;
|
||||
};
|
||||
services.dovecot2 = {
|
||||
enable = true;
|
||||
# TODO: switch to a let's encrypt certificate
|
||||
sops.secrets.dovecotSslServerCert = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.dovecot2.name;
|
||||
};
|
||||
sops.secrets.dovecotSslServerKey = {
|
||||
sopsFile = ./mailserver_secrets.yaml;
|
||||
owner = config.users.users.dovecot2.name;
|
||||
};
|
||||
services.dovecot2 = {
|
||||
enable = true;
|
||||
|
||||
modules = [pkgs.dovecot_pigeonhole];
|
||||
protocols = ["sieve"];
|
||||
modules = [ pkgs.dovecot_pigeonhole ];
|
||||
protocols = [ "sieve" ];
|
||||
|
||||
enableImap = true;
|
||||
enableLmtp = true;
|
||||
enablePAM = true;
|
||||
showPAMFailure = true;
|
||||
mailLocation = "maildir:~/.maildir";
|
||||
sslServerCert = config.sops.secrets.dovecotSslServerCert.path;
|
||||
sslServerKey = config.sops.secrets.dovecotSslServerKey.path;
|
||||
enableImap = true;
|
||||
enableLmtp = true;
|
||||
enablePAM = true;
|
||||
showPAMFailure = true;
|
||||
mailLocation = "maildir:~/.maildir";
|
||||
sslServerCert = config.sops.secrets.dovecotSslServerCert.path;
|
||||
sslServerKey = config.sops.secrets.dovecotSslServerKey.path;
|
||||
|
||||
#configFile = "/etc/dovecot/dovecot2_manual.conf";
|
||||
extraConfig = ''
|
||||
auth_mechanisms = cram-md5 digest-md5
|
||||
auth_verbose = yes
|
||||
#configFile = "/etc/dovecot/dovecot2_manual.conf";
|
||||
extraConfig = ''
|
||||
auth_mechanisms = cram-md5 digest-md5
|
||||
auth_verbose = yes
|
||||
|
||||
passdb {
|
||||
driver = passwd-file
|
||||
args = scheme=CRYPT username_format=%u /etc/dovecot/users
|
||||
}
|
||||
passdb {
|
||||
driver = passwd-file
|
||||
args = scheme=CRYPT username_format=%u /etc/dovecot/users
|
||||
}
|
||||
|
||||
protocol lda {
|
||||
postmaster_address = "mail@stefanjunker.de"
|
||||
mail_plugins = $mail_plugins sieve
|
||||
}
|
||||
protocol lda {
|
||||
postmaster_address = "mail@stefanjunker.de"
|
||||
mail_plugins = $mail_plugins sieve
|
||||
}
|
||||
|
||||
protocol imap {
|
||||
mail_max_userip_connections = 64
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
environment.etc."dovecot/users".source = config.sops.secrets.email_dovecot_steveej.path;
|
||||
|
||||
systemd.services.steveej-getmail-stefanjunker = {
|
||||
enable = true;
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig.User = "steveej";
|
||||
serviceConfig.Group = "dovecot2";
|
||||
serviceConfig.RestartSec = 600;
|
||||
serviceConfig.Restart = "always";
|
||||
description = "Getmail service";
|
||||
path = [pkgs.getmail6];
|
||||
script = let
|
||||
rc = pkgs.writeText "mailATstefanjunker.de.getmail.rc" ''
|
||||
[options]
|
||||
verbose = 1
|
||||
read_all = 0
|
||||
delete_after = 30
|
||||
|
||||
[retriever]
|
||||
type = SimpleIMAPSSLRetriever
|
||||
server = ssl0.ovh.net
|
||||
port = 993
|
||||
username = mail@stefanjunker.de
|
||||
password_command = ("${pkgs.coreutils}/bin/cat", "${config.sops.secrets.email_mailStefanjunkerDe.path}")
|
||||
mailboxes = ('INBOX',)
|
||||
|
||||
[destination]
|
||||
type = MDA_external
|
||||
path = ${pkgs.dovecot}/libexec/dovecot/dovecot-lda
|
||||
protocol imap {
|
||||
mail_max_userip_connections = 64
|
||||
}
|
||||
'';
|
||||
in ''
|
||||
getmail --idle=INBOX --rcfile=${rc}
|
||||
'';
|
||||
};
|
||||
|
||||
environment.etc."dovecot/users".source = config.sops.secrets.email_dovecot_steveej.path;
|
||||
|
||||
systemd.services.steveej-getmail-stefanjunker = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.User = "steveej";
|
||||
serviceConfig.Group = "dovecot2";
|
||||
serviceConfig.RestartSec = 600;
|
||||
serviceConfig.Restart = "always";
|
||||
description = "Getmail service";
|
||||
path = [ pkgs.getmail6 ];
|
||||
script =
|
||||
let
|
||||
rc = pkgs.writeText "mailATstefanjunker.de.getmail.rc" ''
|
||||
[options]
|
||||
verbose = 1
|
||||
read_all = 0
|
||||
delete_after = 30
|
||||
|
||||
[retriever]
|
||||
type = SimpleIMAPSSLRetriever
|
||||
server = ssl0.ovh.net
|
||||
port = 993
|
||||
username = mail@stefanjunker.de
|
||||
password_command = ("${pkgs.coreutils}/bin/cat", "${config.sops.secrets.email_mailStefanjunkerDe.path}")
|
||||
mailboxes = ('INBOX',)
|
||||
|
||||
[destination]
|
||||
type = MDA_external
|
||||
path = ${pkgs.dovecot}/libexec/dovecot/dovecot-lda
|
||||
'';
|
||||
in
|
||||
''
|
||||
getmail --idle=INBOX --rcfile=${rc}
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.services.steveej-getmail-stefanjunker-hetzner = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.User = "steveej";
|
||||
serviceConfig.Group = "dovecot2";
|
||||
serviceConfig.RestartSec = 60;
|
||||
serviceConfig.Restart = "always";
|
||||
description = "Getmail service";
|
||||
path = [ pkgs.getmail6 ];
|
||||
script =
|
||||
let
|
||||
rc = pkgs.writeText "mailATstefanjunker.de.getmail.rc" ''
|
||||
[options]
|
||||
verbose = 2
|
||||
read_all = 0
|
||||
delete_after = 30
|
||||
|
||||
[retriever]
|
||||
type = SimpleIMAPSSLRetriever
|
||||
server = mail.your-server.de
|
||||
port = 993
|
||||
username = mail@stefanjunker.de
|
||||
password_command = ("${pkgs.coreutils}/bin/cat", "${config.sops.secrets.email_mailStefanjunkerDeHetzner.path}")
|
||||
mailboxes = ('INBOX',)
|
||||
|
||||
[destination]
|
||||
type = MDA_external
|
||||
path = ${pkgs.dovecot}/libexec/dovecot/dovecot-lda
|
||||
'';
|
||||
in
|
||||
''
|
||||
getmail --rcfile=${rc} --idle=INBOX
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.services.steveej-getmail-webde = {
|
||||
enable = true;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.User = "steveej";
|
||||
serviceConfig.Group = "dovecot2";
|
||||
description = "Getmail service";
|
||||
path = [ pkgs.getmail6 ];
|
||||
serviceConfig.RestartSec = 1000;
|
||||
serviceConfig.Restart = "always";
|
||||
script =
|
||||
let
|
||||
rc = pkgs.writeText "schtifATweb.de.getmail.rc" ''
|
||||
[options]
|
||||
verbose = 1
|
||||
read_all = 0
|
||||
delete_after = 30
|
||||
|
||||
[retriever]
|
||||
type = SimpleIMAPSSLRetriever
|
||||
server = imap.web.de
|
||||
port = 993
|
||||
username = schtif
|
||||
password_command = ("${pkgs.coreutils}/bin/cat", "${config.sops.secrets.email_schtifATwebDe.path}")
|
||||
mailboxes = ('INBOX',)
|
||||
|
||||
[destination]
|
||||
type = Maildir
|
||||
path = ~/.maildir/
|
||||
'';
|
||||
in
|
||||
''
|
||||
getmail --rcfile=${rc} --idle=INBOX
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.steveej-getmail-stefanjunker-hetzner = {
|
||||
enable = true;
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig.User = "steveej";
|
||||
serviceConfig.Group = "dovecot2";
|
||||
serviceConfig.RestartSec = 60;
|
||||
serviceConfig.Restart = "always";
|
||||
description = "Getmail service";
|
||||
path = [pkgs.getmail6];
|
||||
script = let
|
||||
rc = pkgs.writeText "mailATstefanjunker.de.getmail.rc" ''
|
||||
[options]
|
||||
verbose = 2
|
||||
read_all = 0
|
||||
delete_after = 30
|
||||
|
||||
[retriever]
|
||||
type = SimpleIMAPSSLRetriever
|
||||
server = mail.your-server.de
|
||||
port = 993
|
||||
username = mail@stefanjunker.de
|
||||
password_command = ("${pkgs.coreutils}/bin/cat", "${config.sops.secrets.email_mailStefanjunkerDeHetzner.path}")
|
||||
mailboxes = ('INBOX',)
|
||||
|
||||
[destination]
|
||||
type = MDA_external
|
||||
path = ${pkgs.dovecot}/libexec/dovecot/dovecot-lda
|
||||
'';
|
||||
in ''
|
||||
getmail --rcfile=${rc} --idle=INBOX
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.services.steveej-getmail-webde = {
|
||||
enable = true;
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig.User = "steveej";
|
||||
serviceConfig.Group = "dovecot2";
|
||||
description = "Getmail service";
|
||||
path = [pkgs.getmail6];
|
||||
serviceConfig.RestartSec = 1000;
|
||||
serviceConfig.Restart = "always";
|
||||
script = let
|
||||
rc = pkgs.writeText "schtifATweb.de.getmail.rc" ''
|
||||
[options]
|
||||
verbose = 1
|
||||
read_all = 0
|
||||
delete_after = 30
|
||||
|
||||
[retriever]
|
||||
type = SimpleIMAPSSLRetriever
|
||||
server = imap.web.de
|
||||
port = 993
|
||||
username = schtif
|
||||
password_command = ("${pkgs.coreutils}/bin/cat", "${config.sops.secrets.email_schtifATwebDe.path}")
|
||||
mailboxes = ('INBOX',)
|
||||
|
||||
[destination]
|
||||
type = Maildir
|
||||
path = ~/.maildir/
|
||||
'';
|
||||
in ''
|
||||
getmail --rcfile=${rc} --idle=INBOX
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
inherit autoStart;
|
||||
|
||||
bindMounts = {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue