Merge branch 'master' of git.selfprivacy.org:SelfPrivacy/selfprivacy.org
commit
c110fff8a1
|
@ -1,3 +1,5 @@
|
|||
# CONFIG IS READY TO USE. IF NO SPECIFIC SETUP IS REQUIRED, THEN, JUST EXIT NANO
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
|
@ -12,13 +14,13 @@
|
|||
|
||||
mailserver = {
|
||||
enable = true;
|
||||
fqdn = "ilchub.net";
|
||||
domains = [ "ilchub.net" ];
|
||||
fqdn = "";
|
||||
domains = [ "" ];
|
||||
|
||||
# A list of all login accounts. To create the password hashes, use
|
||||
# mkpasswd -m sha-512 "super secret password"
|
||||
loginAccounts = {
|
||||
"test@ilchub.net" = {
|
||||
"@" = {
|
||||
hashedPassword = "";
|
||||
|
||||
#aliases = [
|
||||
|
@ -28,7 +30,7 @@
|
|||
# Make this user the catchAll address for domains blah.com and
|
||||
# example2.com
|
||||
catchAll = [
|
||||
"ilchub.net"
|
||||
""
|
||||
];
|
||||
sieveScript = ''
|
||||
require ["fileinto", "mailbox"];
|
||||
|
@ -45,7 +47,7 @@
|
|||
# loginAccounts addresses.
|
||||
extraVirtualAliases = {
|
||||
# address = forward address;
|
||||
"admin@ilchub.net" = "test@ilchub.net";
|
||||
"" = "";
|
||||
};
|
||||
|
||||
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
||||
|
@ -67,6 +69,6 @@
|
|||
security.acme = {
|
||||
acceptTerms = true;
|
||||
# Replace the email here!
|
||||
email = "test@ilchub.net";
|
||||
email = "";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -11,10 +11,10 @@
|
|||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "restic";
|
||||
Environment = [ "AWS_ACCESS_KEY_ID=AKIAJOVDNQ6FERMIDHKA" "AWS_SECRET_ACCESS_KEY=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" ];
|
||||
Environment = [ "AWS_ACCESS_KEY_ID=" "AWS_SECRET_ACCESS_KEY=" ];
|
||||
};
|
||||
script = ''
|
||||
restic -r s3:s3.amazonaws.com/haep9c-backup backup /var/vmail /var/vmail
|
||||
restic -r s3:s3.amazonaws.com/ backup /var/vmail /var/vmail
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
|
@ -61,14 +61,13 @@ AddSSHKey()
|
|||
MakeConfig()
|
||||
{
|
||||
# Mailserver
|
||||
sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
|
||||
sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
|
||||
sed -i '21s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
|
||||
#sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix
|
||||
sed -i "22s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
|
||||
sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
|
||||
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
sed -i '70s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
sed -i '17s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
|
||||
sed -i '18s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
|
||||
sed -i '23s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
|
||||
sed -i "24s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
|
||||
sed -i '33s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
|
||||
sed -i '50s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
sed -i '72s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
|
||||
# System Configuration
|
||||
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
|
||||
|
@ -163,7 +162,6 @@ ClearTempFiles()
|
|||
rm .machine.json
|
||||
rm .cloudflare.json
|
||||
rm $DOMAIN.selector.txt
|
||||
rm -rf ~/.nix-ms/
|
||||
rm ~/.ssh/known_hosts
|
||||
rm configuration.nix
|
||||
rm goss.nix
|
||||
|
@ -219,6 +217,16 @@ done
|
|||
|
||||
}
|
||||
|
||||
WaitDNSPropagation()
|
||||
{
|
||||
printf "Waiting for DNS Record to propagate..."
|
||||
while [[ $( dig A +short ilchub.net ) != $machineip ]]
|
||||
do
|
||||
sleep 1
|
||||
done
|
||||
printf "done"
|
||||
}
|
||||
|
||||
# Create records
|
||||
CreateARecord()
|
||||
{
|
||||
|
@ -263,8 +271,6 @@ PostInstallation()
|
|||
{
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
|
||||
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
|
||||
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
|
||||
}
|
||||
|
||||
PerformTests()
|
||||
|
@ -322,9 +328,11 @@ then
|
|||
exit -1
|
||||
fi
|
||||
printf "Purging records..."
|
||||
GetZoneID
|
||||
PurgeDNSRecords
|
||||
printf "done"
|
||||
CreateARecord
|
||||
WaitDNSPropagation
|
||||
ApplyConfig
|
||||
if [ $RESTORE_MAILBACKUP == "y" ]
|
||||
then
|
||||
|
|
Loading…
Reference in New Issue