nixConfig/nixos/machines/kaalut/configuration.nix

76 lines
1.8 KiB
Nix
Raw Normal View History

{flake-inputs, ...}: {
imports = [
./hardware-configuration.nix
../../modules/mail.nix
../../roles
../../roles/vm.nix
../../modules/vmNetwork.nix
];
# System configuration here
environment.systemPackages = [flake-inputs.alias-to-sieve.packages.x86_64-linux.default];
services.mathebau-mail = {
enable = true;
domains = [
{
domain = "koma89.tu-darmstadt.de";
allowlistPass = "/run/secrets/allowlistPassKoMa";
}
{
domain = "mathebau.de";
allowlistPass = "/run/secrets/allowlistPassKoMa";
}
];
};
networking.hostName = "kaalut";
vmNetwork.ipv4 = "192.168.0.17";
system.stateVersion = "24.05";
sops.secrets = {
allowlistPassMatheball = {
sopsFile = ./allowlistPassMatheball.yaml;
owner = "stalwart-mail";
group = "stalwart-mail";
mode = "0400";
};
allowlistPassMathebau = {
sopsFile = ./allowlistPassMathebau.yaml;
owner = "stalwart-mail";
group = "stalwart-mail";
mode = "0400";
};
allowlistPassMathechor = {
sopsFile = ./allowlistPassMathechor.yaml;
owner = "stalwart-mail";
group = "stalwart-mail";
mode = "0400";
};
allowlistPassKoMa = {
sopsFile = ./allowlistPassKoMa.yaml;
owner = "stalwart-mail";
group = "stalwart-mail";
mode = "0400";
};
stalwartAdmin = {
sopsFile = ./stalwartAdmin.yaml;
owner = "stalwart-mail";
group = "stalwart-mail";
mode = "0400";
};
backupKey = {
sopsFile = ./backupKey.yaml;
owner = "root";
group = "root";
mode = "0400";
};
mailForwardSieve = {
sopsFile = ./mailForwardSieve.yaml;
owner = "stalwart-mail";
group = "stalwart-mail";
mode = "0440";
};
};
}