Gonne/nixConfig
1
0
Fork 0
forked from Fachschaft/nixConfig
Code Pull requests Activity
117 commits 2 branches 0 tags 1.7 MiB
Commit graph

117 commits

This branch
This branch
All branches
Author SHA1 Message Date
Gonne
889b867c66
Fix e-mail regex. Apostrophes are allowed in local parts but we use them to deliminate strings in the sieve script. 2025-03-24 14:38:46 +01:00
Gonne
b2f6011c15
Update alias file 2025-03-24 13:47:27 +01:00
Gonne
85abf4ce93
Update alias script 2025-03-24 12:07:05 +01:00
Gonne
29ac5ba879
Move sieve generator script to stalwart-mail service and make all respective /tmp folders private 2025-03-24 10:44:31 +01:00
Gonne
6788b31aad
Enable SMTPUTF8. We talk to our own VM that supports it. 2025-03-18 11:33:25 +01:00
Gonne
e0c742fc88
More comments 2025-03-18 11:28:14 +01:00
Gonne
eb75da15d4
Rename secret files to have 'secrets.yaml' suffix. 2025-03-18 11:11:43 +01:00
Gonne
23d85d5364
Increase limits for our redirect script to be higher than our number of aliases 2025-03-18 10:22:14 +01:00
Gonne
797599b296
Include stalwart's patch for redirect to sender instead of our own 2025-03-18 10:22:05 +01:00
Gonne
5032b94ed1
Update to redirect script that works for multiple recipients 2025-03-18 09:56:06 +01:00
Gonne
ceaaa3bcaf Only set original sender for MAIL FROM 2025-03-06 08:50:36 +01:00
Gonne
85550be504 Alias file update 2025-03-06 08:50:36 +01:00
Gonne
be998b48f5 Group config parameters 2025-03-06 08:50:36 +01:00
Gonne
10ca56c064 Enable DKIM signing 2025-03-06 08:50:36 +01:00
Gonne
c05d7591a8 Filter out catch-all addresses of the form "@domain.tld" from the allowlist that are not intended for HRZ 2025-03-06 08:50:36 +01:00
Gonne
ea956c99e7 Set sender and increase redirect limit for our alias file 2025-03-06 08:50:36 +01:00
Gonne
b3dde5ef7a Accept mail from our badly configured VMs 2025-03-06 08:50:36 +01:00
Gonne
0517a5e77c Add mathebau.de to certificate 2025-03-06 08:50:36 +01:00
Gonne
3ece72db70 Rename config option after update beyond version 0.11.2 2025-03-06 08:50:36 +01:00
Gonne
68a02c75e1 Disable matheball.de forwards and submission to mail allowlist until we actually handle it 2025-03-06 08:50:36 +01:00
Gonne
beaab16ffa Allow unpacking stalwart's webadmin interface 2025-03-06 08:50:36 +01:00
Gonne
01951eadad Delete directive proxy_interface 
This directive is supposed to prevent mail delivery loops that would be caused by portforwarding to itself.
Behind this ip address, however, there is our general mail vm and not immediately the mailinglist setup.
 2025-03-06 08:50:36 +01:00
Dennis Frieberg
064aca1705
renamed secret files so they are easier to shell glob 2025-03-05 21:11:38 +01:00
Dennis Frieberg
e5e3fab14d
reencrypted secrets for Daniel 2025-03-05 20:53:01 +01:00
Dennis Frieberg
d21fd3e00c
deleted wrong nyarlathotep key 2025-03-05 20:52:11 +01:00
Daniel Simon
b5bbc0345d Add SOPS/AGE key for daniel 2025-03-04 00:12:27 +01:00
Daniel Simon
638b62591d Add SSH and Nix keys and password for daniel 2025-03-03 23:59:28 +01:00
Dennis Frieberg
0472063a76
new ssh key for nerf 2025-03-03 15:21:58 +01:00
Gonne
753b34592c Increase root file system to make space for /tmp folder which needs lots of space during builds 2025-02-27 16:00:24 +00:00
Gonne
cc91339f80 Address second round of review 2025-02-27 16:55:14 +01:00
Gonne
361eed84af Rename machine to Nyarlathotep 2025-02-26 18:04:27 +01:00
Gonne
70b3a694c4 Submit mailing list mails to correct vm based on port forwarding and run allowlist job less often 2025-02-26 12:34:44 +01:00
Gonne
f0e584e239 Add patch to allow alias files to redirect to their sender 2025-02-26 12:34:44 +01:00
Gonne
5a80d86bd3 Post mailaddresses to HRZ allowlist 2025-02-26 12:34:44 +01:00
Gonne
7796b7aa00 Add mail forwarding based on alias files 2025-02-26 12:34:44 +01:00
Gonne
d7b8f935cd Add basic mailserver configuration 2025-02-26 12:34:44 +01:00
Gonne
2aa93c98f5 Add basic machine config for kaalut, a new mail vm 2025-02-26 12:34:44 +01:00
Gonne
882a8ea189 Add our own package to inputs that converts an alias file to a sieve script. 
Remove the simple nixos mailserver dependency thet we won't use.
 2025-02-26 12:34:39 +01:00
Gonne
77bdd979b0 Align file system layout to new naming policy 2025-02-20 16:37:46 +01:00
Gonne
35707122fa Add Nodens, a VM to install NixOS VMs 2025-02-20 16:37:32 +01:00
Gonne
51c83c8ec0 Pass pkgs to machine configs to enable installation of packages there 2025-02-20 16:31:55 +01:00
Gonne
ac85711356 Entferne Backupconfig für die Matheballwebseite 
Die Bilder, die gesichert wurden, liegen jetzt alle im Git-Repo der Webseite
 2024-10-16 16:32:06 +00:00
Dennis Frieberg
ec46a28278
nix config to save some space 2024-10-15 13:19:23 +02:00
Gonne
e7154785dd Disable TLS behind proxies and relays 2024-10-12 14:10:01 +00:00
Gonne
ace96d5f7c Restrict HRZ allowlist update service privileges 2024-10-12 14:10:01 +00:00
Gonne
b50d7d0e6a Mailman backups 2024-10-12 14:10:01 +00:00
Gonne
b9b7a1fa58 Add pushing to hrz allowlist 2024-10-12 14:10:01 +00:00
Gonne
1ab6e5d868 Setze Mailman-Maschine auf 2024-10-12 14:10:01 +00:00
Gonne
0550754cdd nix flake update 
Allows insecure package jitsi-meet (see https://github.com/NixOS/nixpkgs/pull/334638)
 2024-10-12 13:30:00 +02:00
Gonne
575343c844 Unify hook settings and fix warning 
trace: warning: The option `settings.statix' defined in `/nix/store/plj05iykqma26y930qjf75zxp2qx02sl-source/flake.nix, via option perSystem' has been renamed to `hooks.statix.settings'.
 2024-07-02 16:03:14 +02:00