a.paliy
/
selfprivacy_fork
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' of git.selfprivacy.org:SelfPrivacy/selfprivacy.org

master
Zholnay Kirill 2020-09-14 12:03:56 +03:00
parent fae0163656 89230b5f07
commit c110fff8a1
3 changed files with 29 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
static/mailserver.nix
View File

@ -1,3 +1,5 @@
# CONFIG IS READY TO USE. IF NO SPECIFIC SETUP IS REQUIRED, THEN, JUST EXIT NANO
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports = [ imports = [
@ -12,13 +14,13 @@
mailserver = { mailserver = {
enable = true; enable = true;
fqdn = "ilchub.net"; fqdn = "";
domains = [ "ilchub.net" ]; domains = [ "" ];
# A list of all login accounts. To create the password hashes, use # A list of all login accounts. To create the password hashes, use
# mkpasswd -m sha-512 "super secret password" # mkpasswd -m sha-512 "super secret password"
loginAccounts = { loginAccounts = {
"test@ilchub.net" = { "@" = {
hashedPassword = ""; hashedPassword = "";
#aliases = [ #aliases = [
@ -28,7 +30,7 @@
# Make this user the catchAll address for domains blah.com and # Make this user the catchAll address for domains blah.com and
# example2.com # example2.com
catchAll = [ catchAll = [
"ilchub.net" ""
]; ];
sieveScript = '' sieveScript = ''
require ["fileinto", "mailbox"]; require ["fileinto", "mailbox"];
@ -45,7 +47,7 @@
# loginAccounts addresses. # loginAccounts addresses.
extraVirtualAliases = { extraVirtualAliases = {
# address = forward address; # address = forward address;
"admin@ilchub.net" = "test@ilchub.net"; "" = "";
}; };
# Use Let's Encrypt certificates. Note that this needs to set up a stripped # Use Let's Encrypt certificates. Note that this needs to set up a stripped
@ -67,6 +69,6 @@
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
# Replace the email here! # Replace the email here!
email = "test@ilchub.net"; email = "";
}; };
} }

4
static/restic.nix
View File

@ -11,10 +11,10 @@
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
User = "restic"; User = "restic";
Environment = [ "AWS_ACCESS_KEY_ID=AKIAJOVDNQ6FERMIDHKA" "AWS_SECRET_ACCESS_KEY=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" ]; Environment = [ "AWS_ACCESS_KEY_ID=" "AWS_SECRET_ACCESS_KEY=" ];
}; };
script = '' script = ''
restic -r s3:s3.amazonaws.com/haep9c-backup backup /var/vmail /var/vmail restic -r s3:s3.amazonaws.com/ backup /var/vmail /var/vmail
''; '';
}; };
}; };

30
static/server.sh
View File

@ -61,14 +61,13 @@ AddSSHKey()
MakeConfig() MakeConfig()
{ {
# Mailserver # Mailserver
sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix sed -i '17s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix sed -i '18s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
sed -i '21s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix sed -i '23s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
#sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix sed -i "24s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
sed -i "22s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix sed -i '33s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix sed -i '50s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix sed -i '72s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
sed -i '70s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
# System Configuration # System Configuration
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
@ -163,7 +162,6 @@ ClearTempFiles()
rm .machine.json rm .machine.json
rm .cloudflare.json rm .cloudflare.json
rm $DOMAIN.selector.txt rm $DOMAIN.selector.txt
rm -rf ~/.nix-ms/
rm ~/.ssh/known_hosts rm ~/.ssh/known_hosts
rm configuration.nix rm configuration.nix
rm goss.nix rm goss.nix
@ -219,6 +217,16 @@ done
} }
WaitDNSPropagation()
{
printf "Waiting for DNS Record to propagate..."
while [[ $( dig A +short ilchub.net ) != $machineip ]]
do
sleep 1
done
printf "done"
}
# Create records # Create records
CreateARecord() CreateARecord()
{ {
@ -263,8 +271,6 @@ PostInstallation()
{ {
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4 ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
} }
PerformTests() PerformTests()
@ -322,9 +328,11 @@ then
exit -1 exit -1
fi fi
printf "Purging records..." printf "Purging records..."
GetZoneID
PurgeDNSRecords PurgeDNSRecords
printf "done" printf "done"
CreateARecord CreateARecord
WaitDNSPropagation
ApplyConfig ApplyConfig
if [ $RESTORE_MAILBACKUP == "y" ] if [ $RESTORE_MAILBACKUP == "y" ]
then then