a.paliy
/
selfprivacy_fork
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' of git.selfprivacy.org:SelfPrivacy/selfprivacy.org

master
Zholnay Kirill 2020-09-14 12:03:56 +03:00
parent fae0163656 89230b5f07
commit c110fff8a1
3 changed files with 29 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
static/mailserver.nix
View File

@ -1,3 +1,5 @@
# CONFIG IS READY TO USE. IF NO SPECIFIC SETUP IS REQUIRED, THEN, JUST EXIT NANO
{ config, pkgs, ... }:
{
imports = [
@ -12,13 +14,13 @@
mailserver = {
enable = true;
fqdn = "ilchub.net";
domains = [ "ilchub.net" ];
fqdn = "";
domains = [ "" ];
# A list of all login accounts. To create the password hashes, use
# mkpasswd -m sha-512 "super secret password"
loginAccounts = {
"test@ilchub.net" = {
"@" = {
hashedPassword = "";
#aliases = [
@ -28,7 +30,7 @@
# Make this user the catchAll address for domains blah.com and
# example2.com
catchAll = [
"ilchub.net"
""
];
sieveScript = ''
require ["fileinto", "mailbox"];
@ -45,7 +47,7 @@
# loginAccounts addresses.
extraVirtualAliases = {
# address = forward address;
"admin@ilchub.net" = "test@ilchub.net";
"" = "";
};
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
@ -67,6 +69,6 @@
security.acme = {
acceptTerms = true;
# Replace the email here!
email = "test@ilchub.net";
email = "";
};
}

4
static/restic.nix
View File

@ -11,10 +11,10 @@
serviceConfig = {
Type = "oneshot";
User = "restic";
Environment = [ "AWS_ACCESS_KEY_ID=AKIAJOVDNQ6FERMIDHKA" "AWS_SECRET_ACCESS_KEY=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" ];
Environment = [ "AWS_ACCESS_KEY_ID=" "AWS_SECRET_ACCESS_KEY=" ];
};
script = ''
restic -r s3:s3.amazonaws.com/haep9c-backup backup /var/vmail /var/vmail
restic -r s3:s3.amazonaws.com/ backup /var/vmail /var/vmail
'';
};
};

30
static/server.sh
View File

@ -61,14 +61,13 @@ AddSSHKey()
MakeConfig()
{
# Mailserver
sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
sed -i '21s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
#sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix
sed -i "22s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
sed -i '70s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
sed -i '17s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
sed -i '18s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
sed -i '23s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
sed -i "24s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
sed -i '33s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
sed -i '50s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
sed -i '72s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
# System Configuration
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
@ -163,7 +162,6 @@ ClearTempFiles()
rm .machine.json
rm .cloudflare.json
rm $DOMAIN.selector.txt
rm -rf ~/.nix-ms/
rm ~/.ssh/known_hosts
rm configuration.nix
rm goss.nix
@ -219,6 +217,16 @@ done
}
WaitDNSPropagation()
{
printf "Waiting for DNS Record to propagate..."
while [[ $( dig A +short ilchub.net ) != $machineip ]]
do
sleep 1
done
printf "done"
}
# Create records
CreateARecord()
{
@ -263,8 +271,6 @@ PostInstallation()
{
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
}
PerformTests()
@ -322,9 +328,11 @@ then
exit -1
fi
printf "Purging records..."
GetZoneID
PurgeDNSRecords
printf "done"
CreateARecord
WaitDNSPropagation
ApplyConfig
if [ $RESTORE_MAILBACKUP == "y" ]
then