diff --git a/static/mailserver.nix b/static/mailserver.nix index 34f8924..7bd362c 100644 --- a/static/mailserver.nix +++ b/static/mailserver.nix @@ -1,3 +1,5 @@ +# CONFIG IS READY TO USE. IF NO SPECIFIC SETUP IS REQUIRED, THEN, JUST EXIT NANO + { config, pkgs, ... }: { imports = [ @@ -12,13 +14,13 @@ mailserver = { enable = true; - fqdn = "ilchub.net"; - domains = [ "ilchub.net" ]; + fqdn = ""; + domains = [ "" ]; # A list of all login accounts. To create the password hashes, use # mkpasswd -m sha-512 "super secret password" loginAccounts = { - "test@ilchub.net" = { + "@" = { hashedPassword = ""; #aliases = [ @@ -28,7 +30,7 @@ # Make this user the catchAll address for domains blah.com and # example2.com catchAll = [ - "ilchub.net" + "" ]; sieveScript = '' require ["fileinto", "mailbox"]; @@ -45,7 +47,7 @@ # loginAccounts addresses. extraVirtualAliases = { # address = forward address; - "admin@ilchub.net" = "test@ilchub.net"; + "" = ""; }; # Use Let's Encrypt certificates. Note that this needs to set up a stripped @@ -67,6 +69,6 @@ security.acme = { acceptTerms = true; # Replace the email here! - email = "test@ilchub.net"; + email = ""; }; } diff --git a/static/restic.nix b/static/restic.nix index c0521a7..a068d16 100644 --- a/static/restic.nix +++ b/static/restic.nix @@ -11,10 +11,10 @@ serviceConfig = { Type = "oneshot"; User = "restic"; - Environment = [ "AWS_ACCESS_KEY_ID=AKIAJOVDNQ6FERMIDHKA" "AWS_SECRET_ACCESS_KEY=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" ]; + Environment = [ "AWS_ACCESS_KEY_ID=" "AWS_SECRET_ACCESS_KEY=" ]; }; script = '' - restic -r s3:s3.amazonaws.com/haep9c-backup backup /var/vmail /var/vmail + restic -r s3:s3.amazonaws.com/ backup /var/vmail /var/vmail ''; }; }; diff --git a/static/server.sh b/static/server.sh index 7c77a30..3bacf77 100644 --- a/static/server.sh +++ b/static/server.sh @@ -61,14 +61,13 @@ AddSSHKey() MakeConfig() { # Mailserver - sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix - sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix - sed -i '21s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix - #sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix - sed -i "22s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix - sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix - sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix - sed -i '70s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix + sed -i '17s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix + sed -i '18s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix + sed -i '23s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix + sed -i "24s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix + sed -i '33s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix + sed -i '50s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix + sed -i '72s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix # System Configuration sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix @@ -163,7 +162,6 @@ ClearTempFiles() rm .machine.json rm .cloudflare.json rm $DOMAIN.selector.txt - rm -rf ~/.nix-ms/ rm ~/.ssh/known_hosts rm configuration.nix rm goss.nix @@ -219,6 +217,16 @@ done } +WaitDNSPropagation() +{ + printf "Waiting for DNS Record to propagate..." + while [[ $( dig A +short ilchub.net ) != $machineip ]] + do + sleep 1 + done + printf "done" +} + # Create records CreateARecord() { @@ -263,8 +271,6 @@ PostInstallation() { ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4 - #ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/ - #ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json & } PerformTests() @@ -322,9 +328,11 @@ then exit -1 fi printf "Purging records..." +GetZoneID PurgeDNSRecords printf "done" CreateARecord +WaitDNSPropagation ApplyConfig if [ $RESTORE_MAILBACKUP == "y" ] then