Merge branch 'master' of git.selfprivacy.org:SelfPrivacy/selfprivacy.org
commit
c110fff8a1
|
@ -1,3 +1,5 @@
|
||||||
|
# CONFIG IS READY TO USE. IF NO SPECIFIC SETUP IS REQUIRED, THEN, JUST EXIT NANO
|
||||||
|
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -12,13 +14,13 @@
|
||||||
|
|
||||||
mailserver = {
|
mailserver = {
|
||||||
enable = true;
|
enable = true;
|
||||||
fqdn = "ilchub.net";
|
fqdn = "";
|
||||||
domains = [ "ilchub.net" ];
|
domains = [ "" ];
|
||||||
|
|
||||||
# A list of all login accounts. To create the password hashes, use
|
# A list of all login accounts. To create the password hashes, use
|
||||||
# mkpasswd -m sha-512 "super secret password"
|
# mkpasswd -m sha-512 "super secret password"
|
||||||
loginAccounts = {
|
loginAccounts = {
|
||||||
"test@ilchub.net" = {
|
"@" = {
|
||||||
hashedPassword = "";
|
hashedPassword = "";
|
||||||
|
|
||||||
#aliases = [
|
#aliases = [
|
||||||
|
@ -28,7 +30,7 @@
|
||||||
# Make this user the catchAll address for domains blah.com and
|
# Make this user the catchAll address for domains blah.com and
|
||||||
# example2.com
|
# example2.com
|
||||||
catchAll = [
|
catchAll = [
|
||||||
"ilchub.net"
|
""
|
||||||
];
|
];
|
||||||
sieveScript = ''
|
sieveScript = ''
|
||||||
require ["fileinto", "mailbox"];
|
require ["fileinto", "mailbox"];
|
||||||
|
@ -45,7 +47,7 @@
|
||||||
# loginAccounts addresses.
|
# loginAccounts addresses.
|
||||||
extraVirtualAliases = {
|
extraVirtualAliases = {
|
||||||
# address = forward address;
|
# address = forward address;
|
||||||
"admin@ilchub.net" = "test@ilchub.net";
|
"" = "";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
||||||
|
@ -67,6 +69,6 @@
|
||||||
security.acme = {
|
security.acme = {
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
# Replace the email here!
|
# Replace the email here!
|
||||||
email = "test@ilchub.net";
|
email = "";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,10 +11,10 @@
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
User = "restic";
|
User = "restic";
|
||||||
Environment = [ "AWS_ACCESS_KEY_ID=AKIAJOVDNQ6FERMIDHKA" "AWS_SECRET_ACCESS_KEY=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" ];
|
Environment = [ "AWS_ACCESS_KEY_ID=" "AWS_SECRET_ACCESS_KEY=" ];
|
||||||
};
|
};
|
||||||
script = ''
|
script = ''
|
||||||
restic -r s3:s3.amazonaws.com/haep9c-backup backup /var/vmail /var/vmail
|
restic -r s3:s3.amazonaws.com/ backup /var/vmail /var/vmail
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -61,14 +61,13 @@ AddSSHKey()
|
||||||
MakeConfig()
|
MakeConfig()
|
||||||
{
|
{
|
||||||
# Mailserver
|
# Mailserver
|
||||||
sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
|
sed -i '17s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
|
||||||
sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
|
sed -i '18s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
|
||||||
sed -i '21s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
|
sed -i '23s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
|
||||||
#sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix
|
sed -i "24s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
|
||||||
sed -i "22s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
|
sed -i '33s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
|
||||||
sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
|
sed -i '50s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||||
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
sed -i '72s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||||
sed -i '70s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
|
||||||
|
|
||||||
# System Configuration
|
# System Configuration
|
||||||
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
|
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
|
||||||
|
@ -163,7 +162,6 @@ ClearTempFiles()
|
||||||
rm .machine.json
|
rm .machine.json
|
||||||
rm .cloudflare.json
|
rm .cloudflare.json
|
||||||
rm $DOMAIN.selector.txt
|
rm $DOMAIN.selector.txt
|
||||||
rm -rf ~/.nix-ms/
|
|
||||||
rm ~/.ssh/known_hosts
|
rm ~/.ssh/known_hosts
|
||||||
rm configuration.nix
|
rm configuration.nix
|
||||||
rm goss.nix
|
rm goss.nix
|
||||||
|
@ -219,6 +217,16 @@ done
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
WaitDNSPropagation()
|
||||||
|
{
|
||||||
|
printf "Waiting for DNS Record to propagate..."
|
||||||
|
while [[ $( dig A +short ilchub.net ) != $machineip ]]
|
||||||
|
do
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
printf "done"
|
||||||
|
}
|
||||||
|
|
||||||
# Create records
|
# Create records
|
||||||
CreateARecord()
|
CreateARecord()
|
||||||
{
|
{
|
||||||
|
@ -263,8 +271,6 @@ PostInstallation()
|
||||||
{
|
{
|
||||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
|
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
|
||||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
|
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
|
||||||
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
|
|
||||||
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
|
|
||||||
}
|
}
|
||||||
|
|
||||||
PerformTests()
|
PerformTests()
|
||||||
|
@ -322,9 +328,11 @@ then
|
||||||
exit -1
|
exit -1
|
||||||
fi
|
fi
|
||||||
printf "Purging records..."
|
printf "Purging records..."
|
||||||
|
GetZoneID
|
||||||
PurgeDNSRecords
|
PurgeDNSRecords
|
||||||
printf "done"
|
printf "done"
|
||||||
CreateARecord
|
CreateARecord
|
||||||
|
WaitDNSPropagation
|
||||||
ApplyConfig
|
ApplyConfig
|
||||||
if [ $RESTORE_MAILBACKUP == "y" ]
|
if [ $RESTORE_MAILBACKUP == "y" ]
|
||||||
then
|
then
|
||||||
|
|
Loading…
Reference in New Issue