diff --git a/config/default.nix b/config/default.nix index 89827a0b..b4142878 100644 --- a/config/default.nix +++ b/config/default.nix @@ -304,15 +304,5 @@ time.timeZone = lib.mkDefault "Europe/Berlin"; - users = { - motdFile = ./motd; - users = let - adminKeys = with builtins; lib.lists.flatten (attrValues cfg.sshKeys); - in { - # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/installation-device.nix#L23 - nixos = lib.mkIf (config.system.nixos.variant_id == "installer") { openssh.authorizedKeys.keys = adminKeys; }; - - root.openssh.authorizedKeys.keys = adminKeys; - }; - }; + users.motdFile = ./motd; } diff --git a/hosts/gitea/default.nix b/hosts/gitea/default.nix index 167c9e59..3a03239a 100644 --- a/hosts/gitea/default.nix +++ b/hosts/gitea/default.nix @@ -1,7 +1,10 @@ { config, pkgs, lib, libC, ... }: { - c3d2.deployment.server = "server10"; + c3d2 = { + deployment.server = "server10"; + hq.sendmail = true; + }; microvm.mem = 4 * 1024; @@ -146,18 +149,5 @@ }; }; - programs.msmtp = { - enable = true; - accounts.default = { - host = "mail.c3d2.de"; - port = 587; - tls = true; - tls_starttls = true; - auth = false; - domain = "gitea.c3d2.de"; - from = "mail@c3d2.de"; - }; - }; - system.stateVersion = "21.11"; } diff --git a/hosts/vaultwarden/default.nix b/hosts/vaultwarden/default.nix index 843602de..5ab54dab 100644 --- a/hosts/vaultwarden/default.nix +++ b/hosts/vaultwarden/default.nix @@ -1,7 +1,10 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: { - c3d2.deployment.server = "server10"; + c3d2 = { + deployment.server = "server10"; + hq.sendmail = true; + }; # microvm.mem = 2 * 1024; diff --git a/modules/c3d2.nix b/modules/c3d2.nix index 79683a18..fd788ac8 100644 --- a/modules/c3d2.nix +++ b/modules/c3d2.nix @@ -58,6 +58,14 @@ in # broken :( default = false; }; + + sendmail = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Wether to configure sendmail via msmtp. + ''; + }; }; nncp = { @@ -82,27 +90,29 @@ in }; config = { - programs.nncp.settings = lib.optionalAttrs cfg.nncp.mergeSettings cfg.nncp; + networking.interfaces = lib.mkIf (cfg.hq.interface != null) { + "${cfg.hq.interface}".ipv6.addresses = [{ + address = toHqPrivateAddress config.networking.hostName; + prefixLength = 64; + }]; + }; - users = - let - adminKeys = with builtins; lib.lists.flatten (attrValues cfg.sshKeys); - in - { - users.k-ot = lib.mkIf cfg.k-ot.enable { - createHome = true; - isNormalUser = true; - uid = 1000; - extraGroups = [ - "audio" - "video" - "wheel" - ]; - # get by running mkpasswd logged in as the user - hashedPassword = "$y$j9T$AoK/PRviZS4BDJ6jX/Qt6/$FDM/JfANEU7H0RAIuN0DL2hjYujVAVDdI0jgN5wGwB5"; - openssh.authorizedKeys.keys = adminKeys; + programs = { + nncp.settings = lib.optionalAttrs cfg.nncp.mergeSettings cfg.nncp; + + msmtp = lib.mkIf cfg.hq.sendmail { + enable = true; + accounts.default = { + host = "mail.c3d2.de"; + port = 587; + tls = true; + tls_starttls = true; + auth = false; + domain = "gitea.c3d2.de"; + from = "mail@c3d2.de"; }; }; + }; services.vector = lib.mkIf config.c3d2.hq.journalToMqtt { enable = true; @@ -174,11 +184,31 @@ in }]; }; - networking.interfaces = lib.mkIf (cfg.hq.interface != null) { - "${cfg.hq.interface}".ipv6.addresses = [{ - address = toHqPrivateAddress config.networking.hostName; - prefixLength = 64; - }]; - }; + users = + let + adminKeys = with builtins; lib.lists.flatten (attrValues cfg.sshKeys); + in + { + users = { + k-ot = lib.mkIf cfg.k-ot.enable { + createHome = true; + isNormalUser = true; + uid = 1000; + extraGroups = [ + "audio" + "video" + "wheel" + ]; + # get by running mkpasswd logged in as the user + hashedPassword = "$y$j9T$AoK/PRviZS4BDJ6jX/Qt6/$FDM/JfANEU7H0RAIuN0DL2hjYujVAVDdI0jgN5wGwB5"; + openssh.authorizedKeys.keys = adminKeys; + }; + + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/installation-device.nix#L23 + nixos = lib.mkIf (config.system.nixos.variant_id == "installer") { openssh.authorizedKeys.keys = adminKeys; }; + + root.openssh.authorizedKeys.keys = adminKeys; + }; + }; }; }