diff --git a/config/hosts/mail/configuration.nix b/config/hosts/mail/configuration.nix deleted file mode 100644 index 9192dc6..0000000 --- a/config/hosts/mail/configuration.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config, pkgs, lib, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ../../common/services/ssh.nix - ../../common/users.nix - #./services/restic.nix - ./services/mail.nix - ./services/acme.nix - ./data/secrets/secrets.nix - ]; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/sda"; - boot.supportedFilesystems = ["zfs"]; - services.zfs.autoSnapshot.enable = true; - services.zfs.autoScrub.enable = true; - - networking.hostName = "mail"; - networking.hostId = "1e04e84b"; - time.timeZone = "Europe/Copenhagen"; - networking.useDHCP = false; - networking.interfaces.ens3.useDHCP = true; - networking.interfaces.ens3.ipv6.addresses = [ { address = "2a01:4f9:c010:624a::1"; prefixLength = 64; } ]; - networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; }; - - security.sudo.wheelNeedsPassword = false; - - environment.systemPackages = with pkgs; [ - vim - htop - iotop - dig - ]; - - nix = { - autoOptimiseStore = true; - trustedUsers = [ - "root" - "@wheel" - ]; - }; - - - # Use hetzner firewall instead - networking.firewall.enable = false; - system.stateVersion = "21.05"; - -} diff --git a/config/hosts/mail/data/secrets/mail_noreply_anarkafem_dev b/config/hosts/mail/data/secrets/mail_noreply_anarkafem_dev deleted file mode 100644 index 8756cf3..0000000 Binary files a/config/hosts/mail/data/secrets/mail_noreply_anarkafem_dev and /dev/null differ diff --git a/config/hosts/mail/data/secrets/secrets.nix b/config/hosts/mail/data/secrets/secrets.nix deleted file mode 100644 index 42a986c..0000000 Binary files a/config/hosts/mail/data/secrets/secrets.nix and /dev/null differ diff --git a/config/hosts/mail/data/secrets/ssh_key b/config/hosts/mail/data/secrets/ssh_key deleted file mode 100644 index d99f226..0000000 Binary files a/config/hosts/mail/data/secrets/ssh_key and /dev/null differ diff --git a/config/hosts/mail/data/secrets/ssh_key.pub b/config/hosts/mail/data/secrets/ssh_key.pub deleted file mode 100644 index 04225ea..0000000 Binary files a/config/hosts/mail/data/secrets/ssh_key.pub and /dev/null differ diff --git a/config/hosts/mail/hardware-configuration.nix b/config/hosts/mail/hardware-configuration.nix deleted file mode 100644 index 90e8d09..0000000 --- a/config/hosts/mail/hardware-configuration.nix +++ /dev/null @@ -1,41 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - (modulesPath + "/profiles/minimal.nix") - ]; - - boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "rpool/safe/root"; - fsType = "zfs"; - }; - - fileSystems."/home" = - { device = "rpool/safe/home"; - fsType = "zfs"; - }; - - fileSystems."/var" = - { device = "rpool/safe/var"; - fsType = "zfs"; - }; - - fileSystems."/nix" = - { device = "rpool/local/nix"; - fsType = "zfs"; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/9c3c66f5-bf5a-4a2a-88a2-fc2ef312d7ef"; } - ]; - -} diff --git a/config/hosts/mail/services/acme.nix b/config/hosts/mail/services/acme.nix deleted file mode 100644 index 62ae467..0000000 --- a/config/hosts/mail/services/acme.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, ... }: - -{ - security.acme = { - acceptTerms = true; - email = "admin+certs@graven.dev"; - }; -} - diff --git a/config/hosts/mail/services/mail.nix b/config/hosts/mail/services/mail.nix deleted file mode 100644 index f6f1184..0000000 --- a/config/hosts/mail/services/mail.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, ... }: - -{ - imports = [ - (builtins.fetchTarball { - # Pick a commit from the branch you are interested in - url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/5675b122a947b40e551438df6a623efad19fd2e7/nixos-mailserver-5675b122a947b40e551438df6a623efad19fd2e7.tar.gz"; - # And set its hash - sha256 = "1fwhb7a5v9c98nzhf3dyqf3a5ianqh7k50zizj8v5nmj3blxw4pi"; - }) - ]; - - mailserver = { - enable = true; - fqdn = "mail.graven.dev"; - domains = [ "anarkafem.dev" ]; - - loginAccounts = { - "noreply@anarkafem.dev" = { - hashedPasswordFile = config.secrets.files.mail_noreply_anarkafem_dev.file; - }; - }; - certificateScheme = 3; - }; -} diff --git a/config/hosts/mail/services/restic.nix b/config/hosts/mail/services/restic.nix deleted file mode 100644 index 2425166..0000000 --- a/config/hosts/mail/services/restic.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, ... }: - -{ - - services.restic.backups = { - "mail" = { - paths = [ "/var/vmail" ]; - repository = "sftp:restic@despondos.nao.sh:/etheria/backup/mail/mail"; - initialize = true; - pruneOpts = [ "--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 75" ]; - timerConfig = { "OnCalendar" = "02:15"; }; - extraOptions = [ "sftp.command='ssh restic@despondos.nao.sh -i ${config.secrets.files.ssh_key.file} -s sftp'" ]; - passwordFile = builtins.toString config.secrets.files.restic_pass.file; - user = "virtualMail"; - }; - }; -} diff --git a/deploy/default.nix b/deploy/default.nix index c91bbbd..ee07e2e 100644 --- a/deploy/default.nix +++ b/deploy/default.nix @@ -33,13 +33,6 @@ in import "${sources.nixus}" {} ({ config, ... }: { successTimeout = 300; ignoreFailingSystemdUnits = true; }; - mail = { lib, config, ... }: { - host = "emelie@mail.graven.dev"; - configuration = ../config/hosts/mail/configuration.nix; - switchTimeout = 300; - successTimeout = 300; - #ignoreFailingSystemdUnits = true; - }; }; })