diff --git a/static/configuration.nix b/static/configuration.nix new file mode 100644 index 0000000..0d1ef75 --- /dev/null +++ b/static/configuration.nix @@ -0,0 +1,25 @@ +{ pkgs, ... }: { + imports = [ + ./hardware-configuration.nix + ./mailserver.nix + + ]; + + boot.cleanTmpDir = true; + networking.hostName = "nixos-mailserver"; + networking.firewall.allowPing = true; + networking.firewall.allowedTCPPorts = [ 22 443 80 143 993 587 25 465 ]; + networking.firewall.allowedUDPPorts = [ 443 80 143 993 587 25 465 ]; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + + ]; + environment.systemPackages = with pkgs; [ + htop + vim + letsencrypt + opendkim + ]; + system.autoUpgrade.enable = true; + system.autoUpgrade.allowReboot = false; +} diff --git a/static/mailserver.nix b/static/mailserver.nix new file mode 100644 index 0000000..f7168d1 --- /dev/null +++ b/static/mailserver.nix @@ -0,0 +1,65 @@ +{ config, pkgs, ... }: +{ + imports = [ + (builtins.fetchTarball { + # Pick a commit from the branch you are interested in + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/4008d0cb/nixos-mailserver-4008d0cb.tar.gz"; + # And set its hash + sha256 = "1y9svi3nrg24ky1gqbpa3zhnhhin399h0cmnf81hb4yn75mlqiqx"; + }) + ]; + + + mailserver = { + enable = true; + fqdn = "example.com"; + domains = [ "example.com" ]; + + # A list of all login accounts. To create the password hashes, use + # mkpasswd -m sha-512 "super secret password" + loginAccounts = { + "test@example.com" = { + hashedPassword = "$6$ABz9oq7Ha3ddtTeD$qnBACjNEXrwkXdx8UM6sJEM6qeGZSvjNd0KaZEsq.fAHh31Jrxls1OWBgSxSjM200zTqB91v7qlR.hwMESICw1"; + + #aliases = [ + # "mail@example.com" + #]; + + # Make this user the catchAll address for domains blah.com and + # example2.com + catchAll = [ + "example.com" + ]; + }; + + }; + + # Extra virtual aliases. These are email addresses that are forwarded to + # loginAccounts addresses. + extraVirtualAliases = { + # address = forward address; + "admin@example.com" = "test@example.com"; + }; + + # Use Let's Encrypt certificates. Note that this needs to set up a stripped + # down nginx and opens port 80. + certificateScheme = 3; + + # Enable IMAP and POP3 + enableImap = true; + enablePop3 = false; + enableImapSsl = true; + enablePop3Ssl = false; + dkimSelector = "selector"; + + # Enable the ManageSieve protocol + enableManageSieve = false; + + virusScanning = false; + }; + security.acme = { + acceptTerms = true; + # Replace the email here! + email = "test@example.com"; +}; +} diff --git a/static/server.sh b/static/server.sh index e530048..2f52e73 100755 --- a/static/server.sh +++ b/static/server.sh @@ -5,15 +5,16 @@ InstallDependencies() { packagesNeeded='curl jq' - if [ -x "$(command -v apk)" ]; then sudo apk add --no-cache $packagesNeeded - elif [ -x "$(command -v apt-get)" ]; then sudo apt-get install $packagesNeeded - elif [ -x "$(command -v dnf)" ]; then sudo dnf install $packagesNeeded - elif [ -x "$(command -v zypper)" ]; then sudo zypper install $packagesNeeded - elif [ -x "$(command -v pacman)" ]; then sudo pacman -S $packagesNeeded - elif [ -x "$(command -v emerge)" ]; then sudo emerge --ask $packagesNeeded + if [ -x "$(command -v apk)" ]; then sudo apk add --no-cache $packagesNeeded # Alpine Linux + elif [ -x "$(command -v apt-get)" ]; then sudo apt-get install $packagesNeeded # Debian/Ubuntu Linux + elif [ -x "$(command -v dnf)" ]; then sudo dnf install $packagesNeeded # Fedora Linux + elif [ -x "$(command -v zypper)" ]; then sudo zypper install $packagesNeeded # openSUSE Linux + elif [ -x "$(command -v pacman)" ]; then sudo pacman -S $packagesNeeded # Arch/Manjaro Linux + elif [ -x "$(command -v emerge)" ]; then sudo emerge --ask $packagesNeeded # Gentoo Linux + elif [ -x "$(command -v nix-env)" ]; then nix-env -iA $packagesNeeded # NixOS else echo "FAILED TO INSTALL PACKAGE: Package manager not found. You must manually install: $packagesNeeded">&2; fi - wget http://192.168.0.104/configuration.nix - wget http://192.168.0.104/mailserver.nix + wget https://selfprivacy.org/configuration.nix + wget https://selfprivacy.org/mailserver.nix } CollectData() { @@ -181,7 +182,7 @@ printf "Waiting for the server to create...\n" MakeServer sleep 30 printf "Waiting for nixos-infect to replace system files(this may take some time)...\n" -sleep 180 +sleep 200 GetMachineIP ApplyConfig GetDKIM @@ -194,7 +195,7 @@ CreateMXRecord CreateDMARCRecord CreateSPFRecord CreateDKIMRecord -echo "done" +printf "done\n" printf "Clearing temporary files..." ClearTempFiles printf "done\n"