Fachschaft/nixConfig
5
2
Fork 2
Code Issues 11 Pull requests 1 Projects Wiki Activity

Compare commits

base: Fachschaft:19351ef31652e0c4184a4e948bd097df28c8670f
Branches Tags
Fachschaft:main
Fachschaft:nyarlathtop
..
compare: Fachschaft:6271e04c1058880628605af7a5b610ecd46ff5a1
Branches Tags
Fachschaft:main
Fachschaft:nyarlathtop

13 commits
19351ef316 ... 6271e04c10

Author SHA1 Message Date
Gonne
6271e04c10 Hack around sieve execution for multiple recipients. 2025-03-05 21:00:55 +01:00
Gonne
f30bd67374 Only set original sender for MAIL FROM 2025-03-05 21:00:55 +01:00
Gonne
f18bf4429a Alias file update 2025-03-05 21:00:55 +01:00
Gonne
20e5bae2ee Group config parameters 2025-03-05 21:00:55 +01:00
Gonne
547ed4bc58 Enable DKIM signing 2025-03-05 21:00:55 +01:00
Gonne
c978dd1b5d Filter out catch-all addresses of the form "@domain.tld" from the allowlist that are not intended for HRZ 2025-03-05 21:00:55 +01:00
Gonne
83adc2e6e3 Set sender and increase redirect limit for our alias file 2025-03-05 21:00:55 +01:00
Gonne
4893287acd Accept mail from our badly configured VMs 2025-03-05 21:00:55 +01:00
Gonne
b0e91c0d39 Add mathebau.de to certificate 2025-03-05 21:00:55 +01:00
Gonne
2d8c0bbf52 Rename config option after update beyond version 0.11.2 2025-03-05 21:00:55 +01:00
Gonne
cbcc0d2b2d Disable matheball.de forwards and submission to mail allowlist until we actually handle it 2025-03-05 21:00:55 +01:00
Gonne
1ea6db1232 Allow unpacking stalwart's webadmin interface 2025-03-05 21:00:55 +01:00
Gonne
e90cc92c14 Delete directive proxy_interface 
This directive is supposed to prevent mail delivery loops that would be caused by portforwarding to itself.
Behind this ip address, however, there is our general mail vm and not immediately the mailinglist setup.
 2025-03-05 21:00:55 +01:00
12 changed files with 9 additions and 9 deletions
Show stats Expand all files Collapse all files

0
nixos/machines/bragi/backupKey.secrets.yaml → nixos/machines/bragi/backupKey.yaml
View file

2
nixos/machines/bragi/configuration.nix
View file

@ -14,7 +14,7 @@
system.stateVersion = "23.11"; system.stateVersion = "23.11";
sops.secrets.backupKey = { sops.secrets.backupKey = {
sopsFile = ./backupKey.secrets.yaml; sopsFile = ./backupKey.yaml;
owner = config.users.users.fsaccount.name; owner = config.users.users.fsaccount.name;
inherit (config.users.users.fsaccount) group; inherit (config.users.users.fsaccount) group;
mode = "0400"; mode = "0400";

0
nixos/machines/lobon/allowlistPass.secrets.yaml → nixos/machines/lobon/allowlistPass.yaml
View file

0
nixos/machines/lobon/backupKey.secrets.yaml → nixos/machines/lobon/backupKey.yaml
View file

4
nixos/machines/lobon/configuration.nix
View file

@ -21,13 +21,13 @@
sops.secrets = { sops.secrets = {
allowlistPass = { allowlistPass = {
sopsFile = ./allowlistPass.secrets.yaml; sopsFile = ./allowlistPass.yaml;
owner = "mailman"; owner = "mailman";
group = "mailman"; group = "mailman";
mode = "0400"; mode = "0400";
}; };
backupKey = { backupKey = {
sopsFile = ./backupKey.secrets.yaml; sopsFile = ./backupKey.yaml;
owner = "root"; owner = "root";
group = "root"; group = "root";
mode = "0400"; mode = "0400";

0
nixos/machines/nyarlathotep/allowlistPass.secrets.yaml → nixos/machines/nyarlathotep/allowlistPass.yaml
View file

0
nixos/machines/nyarlathotep/backupKey.secrets.yaml → nixos/machines/nyarlathotep/backupKey.yaml
View file

12
nixos/machines/nyarlathotep/configuration.nix
View file

@ -45,7 +45,7 @@
sops.secrets = let sops.secrets = let
allowlistSops = { allowlistSops = {
sopsFile = ./allowlistPass.secrets.yaml; sopsFile = ./allowlistPass.yaml;
owner = "stalwart-mail"; owner = "stalwart-mail";
group = "stalwart-mail"; group = "stalwart-mail";
mode = "0400"; mode = "0400";
@ -58,19 +58,19 @@
"allowlistPass/koma" = allowlistSops; "allowlistPass/koma" = allowlistSops;
# Virtual alias file # Virtual alias file
"mathebau.aliases" = { "mathebau.aliases" = {
sopsFile = ./mathebau.aliases.secrets.yaml; sopsFile = ./mathebau.aliases.yaml;
owner = "stalwart-mail"; owner = "stalwart-mail";
group = "stalwart-mail"; group = "stalwart-mail";
mode = "0440"; mode = "0440";
}; };
"mathechor.aliases" = { "mathechor.aliases" = {
sopsFile = ./mathechor.aliases.secrets.yaml; sopsFile = ./mathechor.aliases.yaml;
owner = "stalwart-mail"; owner = "stalwart-mail";
group = "stalwart-mail"; group = "stalwart-mail";
mode = "0440"; mode = "0440";
}; };
"koma.aliases" = { "koma.aliases" = {
sopsFile = ./koma.aliases.secrets.yaml; sopsFile = ./koma.aliases.yaml;
owner = "stalwart-mail"; owner = "stalwart-mail";
group = "stalwart-mail"; group = "stalwart-mail";
mode = "0440"; mode = "0440";
@ -89,13 +89,13 @@
}; };
# password for https://stalw.art/docs/auth/authorization/administrator/#fallback-administrator encoded to be supplied in the basic auth header # password for https://stalw.art/docs/auth/authorization/administrator/#fallback-administrator encoded to be supplied in the basic auth header
stalwartAdmin = { stalwartAdmin = {
sopsFile = ./stalwartAdmin.secrets.yaml; sopsFile = ./stalwartAdmin.yaml;
owner = "stalwart-mail"; owner = "stalwart-mail";
group = "stalwart-mail"; group = "stalwart-mail";
mode = "0400"; mode = "0400";
}; };
backupKey = { backupKey = {
sopsFile = ./backupKey.secrets.yaml; sopsFile = ./backupKey.yaml;
owner = "root"; owner = "root";
group = "root"; group = "root";
mode = "0400"; mode = "0400";

0
nixos/machines/nyarlathotep/koma.aliases.secrets.yaml → nixos/machines/nyarlathotep/koma.aliases.yaml
View file

0
nixos/machines/nyarlathotep/mathebau.aliases.secrets.yaml → nixos/machines/nyarlathotep/mathebau.aliases.yaml
View file

0
nixos/machines/nyarlathotep/mathechor.aliases.secrets.yaml → nixos/machines/nyarlathotep/mathechor.aliases.yaml
View file

0
nixos/machines/nyarlathotep/stalwartAdmin.secrets.yaml → nixos/machines/nyarlathotep/stalwartAdmin.yaml
View file