commit 73414a6049dc3b48f4072549cef21a9f23571de6 Author: revol-xut Date: Sun Feb 20 18:26:28 2022 +0100 initial system setup diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b2be92b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +result diff --git a/README.md b/README.md new file mode 100644 index 0000000..83034ca --- /dev/null +++ b/README.md @@ -0,0 +1,21 @@ +The next generation Mailbert +----------------------------- + +The Nix Mail setup to rule them all. + +## Useful Links + +- +- + +## TODO-List + +- [] people should add their puplic keys +- [] replace keys/test.age +- [] setup system and init sops + +## Testing Locally + +`` + nix build +`` diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..f928078 --- /dev/null +++ b/flake.lock @@ -0,0 +1,148 @@ +{ + "nodes": { + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1645010845, + "narHash": "sha256-hO9X4PvxkSLMQnGGB7tOrKPwufhLMiNQMNXNwzLqneo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2128d0aa28edef51fd8fef38b132ffc0155595df", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-21_05": { + "locked": { + "lastModified": 1625692408, + "narHash": "sha256-e9L3TLLDVIJpMnHtiNHJE62oOh6emRtSZ244bgYJUZs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c06613c25df3fe1dd26243847a3c105cf6770627", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05", + "type": "indirect" + } + }, + "nixpkgs-21_11": { + "locked": { + "lastModified": 1638371214, + "narHash": "sha256-0kE6KhgH7n0vyuX4aUoGsGIQOqjIx2fJavpCWtn73rc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a640d8394f34714578f3e6335fc767d0755d78f9", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.11", + "type": "indirect" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1626852498, + "narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs", + "simple-nixos-mailserver": "simple-nixos-mailserver", + "sops-nix": "sops-nix" + } + }, + "simple-nixos-mailserver": { + "inputs": { + "blobs": "blobs", + "nixpkgs": "nixpkgs_2", + "nixpkgs-21_05": "nixpkgs-21_05", + "nixpkgs-21_11": "nixpkgs-21_11", + "utils": "utils" + }, + "locked": { + "lastModified": 1638911354, + "narHash": "sha256-hNhzLOp+dApEY15vwLAQZu+sjEQbJcOXCaSfAT6lpsQ=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "6e3a7b2ea6f0d68b82027b988aa25d3423787303", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "ref": "nixos-21.11", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1644599065, + "narHash": "sha256-oFLRb9p954wiUGn8iU5wOCY/7yBrT4Xvg7Ew07MvSKs=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "fc22eff3205e9742c1b0fd229c267bf237f0c43e", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "utils": { + "locked": { + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..e0a02c2 --- /dev/null +++ b/flake.nix @@ -0,0 +1,38 @@ +{ + inputs = { + nixpkgs.url = github:NixOS/nixpkgs/nixos-21.11; + sops-nix.url = github:Mic92/sops-nix; + sops-nix.inputs.nixpkgs.follows = "nixpkgs"; + simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-21.11"; + }; + + outputs = { self, nixpkgs, sops-nix, simple-nixos-mailserver, ... }@inputs: { + #packages."x86_64-linux" = nixpkgs.lib.filterAttrs (_: nixpkgs.lib.isDerivation) ( + # import nixpkgs { + # system = "x86_64-linux"; + # #overlays = [self.overlay]; + #}); + + defaultPackage."x86_64-linux" = (nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + simple-nixos-mailserver.nixosModule + ./mailbert/configuration.nix + + (_: { _module.args.buildVM = true; }) + "${nixpkgs}/nixos/modules/virtualisation/qemu-vm.nix" + ./modules/vm.nix + ]; + }).config.system.build.vm; + + nixosConfigurations.mailbert = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + simple-nixos-mailserver.nixosModule + ./mailbert/configuration.nix + ]; + }; + }; +} diff --git a/keys/revol-xut.asc b/keys/revol-xut.asc new file mode 100644 index 0000000..700b515 --- /dev/null +++ b/keys/revol-xut.asc @@ -0,0 +1,132 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGFTcLABEAC3RcK0UojOFDThOXglm0rxfnMqo2KdZeXu+oiHI8nmiwJaZPuI +BCEXi8xclFaJxVMfNa3O5qw4SW71gMLOW/SN3Ws/RyKQnbOjFliPTM5D+HKL341V +PDvXaKrnKg1j4AnubnbYi2PljW0mrsheIhZdbL62rFZJP+5NZML60ykc8GAdsEXV +8BELxMtyqLrmu10ToEZ/HSHeVirBBPPBey6FGZmydsYoUUmRl9z6trIfA9unRnQL +4pGLl1UUMu0esk6C9MX1DwxZW8b5jWkw+R8QekOK4WJ5yYSSZ47uoJN4Uz9w+4cW +9EKIj33E9Tn5iXrd9OSAUyxr9zOBjIWg+PPAzwLg9gXxxaEGvZNAA6IkKeduLZpo ++2qcXA+TsZkNo77hzvs5aKMz/jWtheLeCrxbwCv421GLOrl4Srjeicb/+oeaxKG6 +BR3Qw3RqR5ZMRtFZGhznudF9Of6uNrGAAtH0cxhKNTlR4YGu+4AnobrlStG4QCA7 +22Dg7xuo4MlRy4l1Vvg+3wSRoaL8I+7ClvIaYIFxAZvF5QRW7BCzV32KOo6H9xe6 +ahHy8RkmFXQ1z3+gCcJsxVjZXP/3NzNk59sJzDyP8gag5vUAlKnnCALRs6BmHttP +4y7UJiLZXEHx38i3RG9cWLwiEkl6kw9tQR1wHmlNjMGGUeNeM8Vrjl5DuQARAQAB +tCRyZXZvbC14dXQgPHJldm9sLXh1dEBwcm90b25tYWlsLmNvbT6JAk4EEwEIADgW +IQSR6+hwFjkTI2QqaAO5ZgCdV+acxgUCYVNwsAIbAwULCQgHAgYVCgkICwIEFgID +AQIeAQIXgAAKCRC5ZgCdV+acxrgzEACFtMFpogMhyDvpJLh9QuakJ2cg1thH27Q5 +oZx3PPD9n63yMnbpxdgXMqZfBb+sa0pg8njh0yNb3ZQDSSapf1zYEEFqf5xH3ILN +3CAMrV6mODHMXN4HQSLaT6qw+ZaogGc3SgrL3OQg8YZ5CfbfYCUEh2X7cX7D0+gT +YHGUNpwfsxrlQG5rPNalg8i+FN+3M60aHg7sGdr0UTQg3ZWHBvZBZEY/GsfgHl3n +R72lMG640VQqw+kDw/dq569VPLpneGBzt0+iq4/BOcAEJEpmhqTYNDjriY2NNOA5 +DkqVxJ5Ep0E6vZuvVMhS4PVtZ3wpzBV9KprUaFgu3UZjANpUsHhu1ds6rYEWfgX4 +8VfXk7QYmXP3gCtjrTbB+alwVVvXtjS2cxmZkLLjsyWszo5gaaW7QYNBoCbyS8hV +1fiUfp9S/NMg/nPoj8Cx4g1eFpfV4fJkOdAVYrC4he9CMJdJ5kh9IBdVxevg3xbr +1vyvMWYSk3XM1xfvJRfthkWvSf9wWRGJPjGDh897f3kKVRHDqcvjxLZG5EsmZegr +8yk++Sg0tFW5ODWOlQrOq/qjdt/V71fuEczgPwZznfxnxwYDhI69YFl0g4dwF76u +5b6/rsblRr3Ws8nvuNPp4391DpymDMJs9vXZgiKiQ/eyCeOgOFn/8wQbPPhJDIrG +9dRg+ESo47kCDQRhU3CwARAA7MTQESJDTOZbK44PF8PXGvz4BhSEf6lzb78iDUqn +JmNe22szfLh5yInoZL43ADnUNkiLKNUed+8rOoVJEqHts9zO5EjMOLdMOAm3agAO +Y3sAhKw3RrLLTcdfpSUnxD0RTD6G3+ELtgGN0V7MZpt0ryzHKod7qTrzO9ucRYds +ony1NMqLHe3lmyKul9f34VfzqZ3nNLgJfNIxH4CBGHpklIJ5YIxI6IVLrwF+J3yn +6jAvvxMCGd7MsXswUST3iha9u70mBGDT3e+oDAbDqMCe39yk5myvj2auJ6IAQrUO +FeoQV0CLY0iDVyDx3KieBEl44X5PU9EmHGI6I7vXDS82kkeGlJ1+UeVqsP9LjDbV +5HO3RKctuznJ8lYq6xM+eHF+5OxuQLqZ+VOQi9YeF9sCkR6CvxhW2WkyKGZjCgdj +uaEaQmTGBLu0vHIdni3DQN7PL29wTXSfZJxHyyT57yNU6km/mfVFcRKTuBn9ufPd ++BBwgA7IekuQzNeRpAzgeJbUd15DMv2dGfBjXaX/lrnXv8Q5YKgEEUArhEWMU/ll ++JOLqbKz8NsgJrRQipZ3YeiDPSEuVMc0H+66o0u7hhENQGUGGXasGniKpI0YlsE0 +i0r+YzCUYsDzsgU1299+anvXJMoHwqKaWPbgKuAzQ6N1zS0hoZF+fzEqAHgDG3sO +R6MAEQEAAYkCNgQYAQgAIBYhBJHr6HAWORMjZCpoA7lmAJ1X5pzGBQJhU3CwAhsM +AAoJELlmAJ1X5pzG3aEQAKB6VD91b7glPeDYm6LJNWVXmloan+CT9ybafGpphgvy +hRki3Szcqd8CfugGuE/zjSfORCJiaqL1o+mMxDLX5CktYEl72FDFz4oA7Pzry/ZF +rAx6I0djATQkdqgvzjv+DfGaNdR+gHaGCIaHF5SmLSSkKI7pGuv8sjjmi/sjbMRx +DwcjHx1X8IckVzihYR1iGkPPBMM5+O0nPOjxfRcIY/OWcKkVWxrDkLdddrUQHqAP +7aT4GY2nFC3NmoUTt9Fsj7qWBm/lWXkVjTBSa+gR3gpkDE0hK3SYRiBDegG8h3Lp +IL3Au7BegyG21QToBQTijG384W/TCAWIa8w0caIQM1wQrAkTCJnn4Ndxw7x2ovmp +GC4vFGGqxroUvC6NEkFaepxP5/a+j+bMtFDBCbKo9j9EBXXIq7MZCnOM+68QBLiN +fR0dpTS4U1DvO7AY1a7GtSUW6SKIoB/dG/271NpQzeiu8C/Is9BR9YqO5n6tA8Y0 +4ODnj6bAP+gE6Fqmeh6rcRusnGcRMtdscgV1CXVQdD9DW5NwmRjml5LuoIxInn+m +Y78Sh3533Rl8lVH5+E7iyImW+i9w/TXUVYPXaD5spQrsNbtgafQ4mMXu38v1aDWg +fkWU7/c6MpVHFusHv+OrDDIAVIapBLi3Gh3MzxEBG32hWkGDLnGfk0NguV+ZjU9l +uQINBGFlV18BEACsAw55MMcPnJtwe0HsqF8MPeOl2djOPjHlh3E2cJ2DMWDA8QfN +T/ATZCz0+eSipHQu0RJ6T8s0bdi5WGjlkpZMTnXh1Nel+6/Wj1z1QBkHhX9Nb+zE +3r89rJbYA6FukV0q9/BOauMkVspzvMjajzVGmSejDC2ZnPEHRb/x7x7NiKJ38tFT +BQyPGwZHQi2ZSEkjkCq88Vqa5VL6ckTMai/yuc2Rp6ThTou6qUHdbQJmQNxB3ZD8 ++CxnhsPdblMzLrhCoKtakNT63IUlKVaSIMgr4r8PVts+bRWkT+usLA3Lo8TjJFV2 +0zrZrd6pfUhEtG+3L9I+DsE9P8mCgKOJ6OkNmY6q3tL1NtzACgtGYIZd9kZxyZD4 +vduKO2uCdTRGHsOvSgj1JuLpsPuHt/8rDjtYnoojqkf78TptWlQXUoBUdwIuFwXh +9HwXLPH9L4TY2DyEWXzsnioCmXiksq8zWBQTiDHClQwM6n3eyKpktVjm1YSfKD6u +wu5ZqOMV4hWGdoSlfhQ30pDZrDxu4UR5JNN2Z9wIYexfna217ZmGZeKx/D18QYHP +nJWHIXVn80oY0U5s3pEgYNEv1mGeLyUS8LGWl91tYgAyhQXWETQFElCSQACCHn9k +1iW+jO7VGbwBOguDqJvnxIPIMvphsmaFx1He3RlRSepm5YzLFJq4hK8T7wARAQAB +iQRsBBgBCAAgFiEEkevocBY5EyNkKmgDuWYAnVfmnMYFAmFlV18CGwICQAkQuWYA +nVfmnMbBdCAEGQEIAB0WIQR/pDvSzM0OT2g2QV5PVv93WWJ9BwUCYWVXXwAKCRBP +Vv93WWJ9B/a6D/4rU94pYuSEm9RoYdyNDMMEhxORuQ0SJURcdFyCUCV+SqsSUXv/ +zNtaQ1B27kreHvCCmr+BSl/Cw5l0StTRol13pXz6U3at+QaH7yAyXxi51JmsmjAh +D7vpRmAirHUdB7mlAXY4hccBbI4wvMM9c0C92oT6toMh13vHwW/2JGlwiqeJFCnu ++0WRwKm8bHzfhllB3/5iwN5aZl32O4+QyzY53SsoR0W8V9q1wpkXvWGXxd74PXHw +os9pXuhilcBz+CLicAZe45lU5gM7WkhYxRexcqd1jcQ+jf5C7PraJLY/NDC1M14I +1FfSouOIcanDjvc8pApysgeYA5zMzeebbwI8fmP0uNrR6jajGzmZOfkitEmjvR0z +CLbDZ6kvutt5j95UQpv6M3S+vq9+/lBV9UZshbVo6in78mTJtFViVquWY/w4o/nI +QDBiPhznONHRstACoAzFkn8M0MnIMlI/U9lDy0Jwe6toLUzBHZPKxaZhncUYyzg0 ++QTnh4h0/GRP7Wh8LLh3kL/NvlXyHvDvcC5A66ZlgEK9aBb3NL32JI5rq8UwohWP +MB9qyqg0P3/gHKONU71Hx1e3IcYnrsrHxllpj+sZNhVhbr1ta4BLSInGsfuHURW6 +FQp1v68A6mVS+RikzKgUp45Ogxrr/Qu8JpL/B70dcmmUjVC9hJLXmmeqEyhbD/9J +i7ZtwYcShVcda4qU+UFm+YyC/+7a97KmIjWTuOyJAvo4FvvzUbIwra2NJlG5iSYc +GnYnHQqrpIfK2QgRkV0Jl5w8maAcphf/NWg0XVZGz8PG0ADuh8zKxcJnrfzQyS1X +YS7sPD9kHkxqZke18y+rf5KiOOYnttw0qpg6+3s4Lhdklbyyt0rQqp+tciOP1rRT +cTrKRxjPoa07viR6Z4oCPflILGdiqHDf0cXVIwkKt5nry+8aNgcGQASF6AEXgnSk +qxYg3fcCDD9JuZU3I+XxPU8fXZ4rdjBIOJdX5eCNuWxythPr+/c1Zlg50cnUhMnE +jqE8Ff6nb9W+EkT9FHe2cJ7ALgPU2Bsd8wXCJbqIbhDTxRmOKe5dldbjvzn8emau +/wivGfkIRwK++4yikNslK6OZgg5FPI37Xfntlf+xVy2eIIUZSwGzSeKWsgd00xnb +E+UXCVx1U2OqT6b45q2tv9rZzkHyp+p6KPW9mYS/15cf70wQXiY5ckVR5GnE4gOJ +LnGdBagiVGdIZOmzNVUnOPuGRDU9S3+i+PdcEf+y6NZHAa/frzFAryCimoWapPwc +AMXzKjSbA3htpmkjXedmdCcSS80osV0ncmp1ItgOVu+h+J80Bq0NLNPPPxcdTzvv +T8glpyIPT++jmTDI82+9MmW8taoMmY7BbG2cqluh5rkCDQRhZV5jARAA3ChfSi7Q +sk4zuDDIzIcAfVRntY5jkEwlL37Vfxxz0cmEPr78u5/kiDV8MOUwlm08tZjDvrfy +JplouQDs0dTAWdqPxzkLQJD+lUap3aKphsTWHCH6o1s90hMmZdWM6MB16E8RtF7K +rTYIGWpetBLYZxqjhaHXtn1sTf3B2zHi8eUDkVT87iPr6RX/YBSWueYJnmUE9mJf +st2jhK5kF++yt3w6/jXaJ7lKiCfDIJwEiqQx4DA4j6r5pWQHHSqOOyxybwxf3l4q +SpqIdX2qlFgm1Wo6d0SE0Ufsy/iOg18k1QMFzR4IOSZxI30k9NSSL5UqnOBeVERb +Bf/NgzQbQlFb2JquoKxr+WPSg+YLvcY0KFfBXMZXZJyXXUzVgcRYWK4k84BQG223 +M59iEZAOaPBqi9XoorKCfKGHzCmlVr8dcujbHO84v6ZXPlvC7UoylaBYwyUbuejw +fgn8OXuLig0PaSXX2XXInvvzgidojPU8uJ9s88T6Fc25Tb02HexQIV4V52I06qsi +lvC3aOZ7i3odtWF8hQ/bfRt53T9rkbYakQxPryLbhEgOJ+TPXfv+FVUHG8mN1G+y +uATgFRWkz03lVFh0Pk5FjhWXqfF+bsx2lVajikhqGTJyFlo1HQKS4BZWdccfKzq3 +LWQ/8d2s6cIW5smdYO3a4yoQJJXyhmL2a4EAEQEAAYkCNgQYAQgAIBYhBJHr6HAW +ORMjZCpoA7lmAJ1X5pzGBQJhZV5jAhsMAAoJELlmAJ1X5pzG4b8QAK3GLogvlYuk +KNK8igJo+Nk8ftJ70ozvrsRxmpAupoLe+6sWf/rlXPYZRPB+4YQBXpuw4HCltauO +79Q3Qy5YkK5V0QiGM6o0YyyEHnpGpSJWT43+cTH8OcmXA1g7rEXUKqy3YC4FUyDZ +Em0bOaFa1oqeTXXi3bRaPTBkp03D1uD+Ly++YieV+Xt+ObzWkAigT7NHVERmkrtq +m08GKXhyQM5KcpVLwF0pdgJTffl0uBjyGhwzUNdyxcBJQ3L/c5BSTeFY2sAVIGwX +msoOOB5bmU5DJ1kTe/yMBMJyDxltTdKJ9RHWT328BcZYHpeFF0hWiAvAzzsUvh77 +mQesewWScTaG7StQMQEcM8HnBLZcsRqajbIXwsb3HNyTvADT4JAFkUMwq3GnSvSl +SEktIia43wqMcS0cLJej6dGcbErgrtc6Nw8tXqfdkAqxc1DVCOdActFukruxuLk/ +NKnHJg4/q3v2hgrIzUkyy7qM2G1/ns/YKHnAnJyxci87lmZYHIoG5MhogGdOKWgN +CW8vpp11lS16AYaXCBM/QyiMga7mT+wpHrat5FbmN6TVKkOWmPnvoGkyeUjkof8E +PnsBpXXOpHTLP8ky89OdbrraEXGiBEPHonfzvG2gjI7mwHz5rWUV/9to+nT2IrWP +l2prWUwR4RaL1ninCGGDpG6NaMy/aoFOuQINBGFlYngBEADdkkSaiZa0N2qdlCMk +GKfiBoykFDEfYNLZNi0sTRamvu6D7Xl4J0yKEHoNNYjp+mRbe04EApqJtIh7LlCb +FverIsaWx+yB8iZ7otN0qKvWnCEaEd5FUcPLk52wA4nLnECIzW4pTjjfDtnqD9p0 +uyzQubJC3OwO9b0ep6S022gSz3I3sjEUmfhA5oiS6cp0w7d18A4HpD9Br2o4/UZ4 +UiFxkmPF4snuHqNwDbpROsxpi6Dhc2VaNFNAw6BY5pY36VaQmFQBUcxfetzDRpds +PIsePbCU3gqs/w7Dq/YODzksZWI1zn6Ox/6Hvaeqo7bh/UAVxA9UHcpGigsBrkol +mW6ysHdRznhvB7EInzFaYQ6skQLujJWRnc/QtVlqPaJNzmePjINTqe4vcegu2b6E +W07vy4IbO4Afqmf/AMOdLIdtNsJ5rUNr+FIMUWpY0DPI08VjaPwTL41hFM7z/ovy +5pC2dopMCABXernmrqzAfK6+dBqoZxVtX7MsC8ha5PVv+8dBHbBcI/pLhmr8Eru1 +zKaFvmMowUE9B66n4wbjvDXEepsZ/UnFGY8IJVo5Xb/PDEtwFm2uf5ZqbhGSHKTe +69Xr9T166baHYkC8455FnKZ2N+Ds6QNmlo9sq7C9LbVS8cVR7ORQPtxO7sJ98/y5 +pyoi6WIssoBpM3ryWRHk1wDLFwARAQABiQI2BBgBCAAgFiEEkevocBY5EyNkKmgD +uWYAnVfmnMYFAmFlYngCGyAACgkQuWYAnVfmnMaMQxAAgyb8P191n2r11K5IgF13 +zfyus3VtATWOdViDtn6tE2FeLBUnEOPmn3BSlvPIRXnUNNIOJLd8Z6SYagKKnLK7 +JtV9uM8trLbdaOlfZDmXXNDX5iuMwCIhrikN/I7zGomSS9N7ln1oKEd53yNutUyy +nLFjfzFJ2Z8NOH1kw87DMIFJG7suwYzW7BdhRJv09GNypgciddFlzaacnQ1T/FLX +JpREQEFRQfiuuEkByeyt6gq5ATotsWq+eukLSc5JGiy5rG86Cdbzz4ZQ+awMopog +8ph4BVQHC4fZEK6C2BwT4ZdfVHF6RWnZVpIsgCU2ujwe4L1HrRn5yhGIYWPxYD1X +/w7JTC4TVnZIszi7kTQgMiuUyCtEN2GNrS+4+DPN5gN9OituHdEA1JdLurZ6MZhl +7bnoAmLt2qAaFSquwyjhiu9pjJx1DV5sVA87QpIRwrmn2AuD6/4EZuDKT3IiumzT +i0hHGWjEsadckih45T4++tbafTIlGMM+Qf7ZGxN6ry/SQFV3C8aId1lv7rsEfiYe +FsSAY6gXxA+yKF8nnIf19nqitKDWUUnSDGG8HSdw0GUY2Up6sK7OGpZa0eFY2G5A +F4kf7w593iUl9LStmGD/yCpYS0CZ3Zu+tHwfaXFnLXc+r1EnAJh2MW5MrEn0kSWO +lVBehNjHALQ9k/lWjR0NHcQ= +=YlVy +-----END PGP PUBLIC KEY BLOCK----- diff --git a/keys/test.age b/keys/test.age new file mode 100644 index 0000000..69f5030 --- /dev/null +++ b/keys/test.age @@ -0,0 +1,3 @@ +# created: 2021-10-15T12:49:19+02:00 +# public key: age1925katzy5gws3f9hnvnlwspu6trxf488arwt6ayw3urg2mgumqhszxnmqh +AGE-SECRET-KEY-185C2AV5M0U2FAUL3LYQXDU7N5ZE226GRFRUY2976GNKGEXLQC3DQ539JDN diff --git a/mailbert.qcow2 b/mailbert.qcow2 new file mode 100644 index 0000000..b2d47ef Binary files /dev/null and b/mailbert.qcow2 differ diff --git a/mailbert/configuration.nix b/mailbert/configuration.nix new file mode 100644 index 0000000..d90133a --- /dev/null +++ b/mailbert/configuration.nix @@ -0,0 +1,53 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + # Enabled modules + ../modules/base.nix + ../modules/mail.nix + ]; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + + networking.hostName = "mailbert"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + networking.networkmanager.enable = true; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "20.11"; # Did you read the comment? + +} + diff --git a/mailbert/hardware-configuration.nix b/mailbert/hardware-configuration.nix new file mode 100644 index 0000000..c244fc2 --- /dev/null +++ b/mailbert/hardware-configuration.nix @@ -0,0 +1,28 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/6d8f4b96-4ccb-4a94-a9b1-bab4a28fc940"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/58C2-5A6A"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + +} diff --git a/modules/base.nix b/modules/base.nix new file mode 100644 index 0000000..140f90d --- /dev/null +++ b/modules/base.nix @@ -0,0 +1,43 @@ +{ pkgs, config, ... }: + +{ + _module.args.buildVM = false; + + # use Nix 2.4 for flakes support + nix = { + package = pkgs.nix_2_4; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "uk"; + }; + + users.users.root = { + openssh.authorizedKeys.keyFiles = [ + ./keys/revol-xut + ]; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + atop + fish + git + htop + tmux + vim_configurable + wget + ]; + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + services.openssh.passwordAuthentication = false; + programs.mosh.enable = true; +} diff --git a/modules/keys/revol-xut b/modules/keys/revol-xut new file mode 100644 index 0000000..700b515 --- /dev/null +++ b/modules/keys/revol-xut @@ -0,0 +1,132 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGFTcLABEAC3RcK0UojOFDThOXglm0rxfnMqo2KdZeXu+oiHI8nmiwJaZPuI +BCEXi8xclFaJxVMfNa3O5qw4SW71gMLOW/SN3Ws/RyKQnbOjFliPTM5D+HKL341V +PDvXaKrnKg1j4AnubnbYi2PljW0mrsheIhZdbL62rFZJP+5NZML60ykc8GAdsEXV +8BELxMtyqLrmu10ToEZ/HSHeVirBBPPBey6FGZmydsYoUUmRl9z6trIfA9unRnQL +4pGLl1UUMu0esk6C9MX1DwxZW8b5jWkw+R8QekOK4WJ5yYSSZ47uoJN4Uz9w+4cW +9EKIj33E9Tn5iXrd9OSAUyxr9zOBjIWg+PPAzwLg9gXxxaEGvZNAA6IkKeduLZpo ++2qcXA+TsZkNo77hzvs5aKMz/jWtheLeCrxbwCv421GLOrl4Srjeicb/+oeaxKG6 +BR3Qw3RqR5ZMRtFZGhznudF9Of6uNrGAAtH0cxhKNTlR4YGu+4AnobrlStG4QCA7 +22Dg7xuo4MlRy4l1Vvg+3wSRoaL8I+7ClvIaYIFxAZvF5QRW7BCzV32KOo6H9xe6 +ahHy8RkmFXQ1z3+gCcJsxVjZXP/3NzNk59sJzDyP8gag5vUAlKnnCALRs6BmHttP +4y7UJiLZXEHx38i3RG9cWLwiEkl6kw9tQR1wHmlNjMGGUeNeM8Vrjl5DuQARAQAB +tCRyZXZvbC14dXQgPHJldm9sLXh1dEBwcm90b25tYWlsLmNvbT6JAk4EEwEIADgW +IQSR6+hwFjkTI2QqaAO5ZgCdV+acxgUCYVNwsAIbAwULCQgHAgYVCgkICwIEFgID +AQIeAQIXgAAKCRC5ZgCdV+acxrgzEACFtMFpogMhyDvpJLh9QuakJ2cg1thH27Q5 +oZx3PPD9n63yMnbpxdgXMqZfBb+sa0pg8njh0yNb3ZQDSSapf1zYEEFqf5xH3ILN +3CAMrV6mODHMXN4HQSLaT6qw+ZaogGc3SgrL3OQg8YZ5CfbfYCUEh2X7cX7D0+gT +YHGUNpwfsxrlQG5rPNalg8i+FN+3M60aHg7sGdr0UTQg3ZWHBvZBZEY/GsfgHl3n +R72lMG640VQqw+kDw/dq569VPLpneGBzt0+iq4/BOcAEJEpmhqTYNDjriY2NNOA5 +DkqVxJ5Ep0E6vZuvVMhS4PVtZ3wpzBV9KprUaFgu3UZjANpUsHhu1ds6rYEWfgX4 +8VfXk7QYmXP3gCtjrTbB+alwVVvXtjS2cxmZkLLjsyWszo5gaaW7QYNBoCbyS8hV +1fiUfp9S/NMg/nPoj8Cx4g1eFpfV4fJkOdAVYrC4he9CMJdJ5kh9IBdVxevg3xbr +1vyvMWYSk3XM1xfvJRfthkWvSf9wWRGJPjGDh897f3kKVRHDqcvjxLZG5EsmZegr +8yk++Sg0tFW5ODWOlQrOq/qjdt/V71fuEczgPwZznfxnxwYDhI69YFl0g4dwF76u +5b6/rsblRr3Ws8nvuNPp4391DpymDMJs9vXZgiKiQ/eyCeOgOFn/8wQbPPhJDIrG +9dRg+ESo47kCDQRhU3CwARAA7MTQESJDTOZbK44PF8PXGvz4BhSEf6lzb78iDUqn +JmNe22szfLh5yInoZL43ADnUNkiLKNUed+8rOoVJEqHts9zO5EjMOLdMOAm3agAO +Y3sAhKw3RrLLTcdfpSUnxD0RTD6G3+ELtgGN0V7MZpt0ryzHKod7qTrzO9ucRYds +ony1NMqLHe3lmyKul9f34VfzqZ3nNLgJfNIxH4CBGHpklIJ5YIxI6IVLrwF+J3yn +6jAvvxMCGd7MsXswUST3iha9u70mBGDT3e+oDAbDqMCe39yk5myvj2auJ6IAQrUO +FeoQV0CLY0iDVyDx3KieBEl44X5PU9EmHGI6I7vXDS82kkeGlJ1+UeVqsP9LjDbV +5HO3RKctuznJ8lYq6xM+eHF+5OxuQLqZ+VOQi9YeF9sCkR6CvxhW2WkyKGZjCgdj +uaEaQmTGBLu0vHIdni3DQN7PL29wTXSfZJxHyyT57yNU6km/mfVFcRKTuBn9ufPd ++BBwgA7IekuQzNeRpAzgeJbUd15DMv2dGfBjXaX/lrnXv8Q5YKgEEUArhEWMU/ll ++JOLqbKz8NsgJrRQipZ3YeiDPSEuVMc0H+66o0u7hhENQGUGGXasGniKpI0YlsE0 +i0r+YzCUYsDzsgU1299+anvXJMoHwqKaWPbgKuAzQ6N1zS0hoZF+fzEqAHgDG3sO +R6MAEQEAAYkCNgQYAQgAIBYhBJHr6HAWORMjZCpoA7lmAJ1X5pzGBQJhU3CwAhsM +AAoJELlmAJ1X5pzG3aEQAKB6VD91b7glPeDYm6LJNWVXmloan+CT9ybafGpphgvy +hRki3Szcqd8CfugGuE/zjSfORCJiaqL1o+mMxDLX5CktYEl72FDFz4oA7Pzry/ZF +rAx6I0djATQkdqgvzjv+DfGaNdR+gHaGCIaHF5SmLSSkKI7pGuv8sjjmi/sjbMRx +DwcjHx1X8IckVzihYR1iGkPPBMM5+O0nPOjxfRcIY/OWcKkVWxrDkLdddrUQHqAP +7aT4GY2nFC3NmoUTt9Fsj7qWBm/lWXkVjTBSa+gR3gpkDE0hK3SYRiBDegG8h3Lp +IL3Au7BegyG21QToBQTijG384W/TCAWIa8w0caIQM1wQrAkTCJnn4Ndxw7x2ovmp +GC4vFGGqxroUvC6NEkFaepxP5/a+j+bMtFDBCbKo9j9EBXXIq7MZCnOM+68QBLiN +fR0dpTS4U1DvO7AY1a7GtSUW6SKIoB/dG/271NpQzeiu8C/Is9BR9YqO5n6tA8Y0 +4ODnj6bAP+gE6Fqmeh6rcRusnGcRMtdscgV1CXVQdD9DW5NwmRjml5LuoIxInn+m +Y78Sh3533Rl8lVH5+E7iyImW+i9w/TXUVYPXaD5spQrsNbtgafQ4mMXu38v1aDWg +fkWU7/c6MpVHFusHv+OrDDIAVIapBLi3Gh3MzxEBG32hWkGDLnGfk0NguV+ZjU9l +uQINBGFlV18BEACsAw55MMcPnJtwe0HsqF8MPeOl2djOPjHlh3E2cJ2DMWDA8QfN +T/ATZCz0+eSipHQu0RJ6T8s0bdi5WGjlkpZMTnXh1Nel+6/Wj1z1QBkHhX9Nb+zE +3r89rJbYA6FukV0q9/BOauMkVspzvMjajzVGmSejDC2ZnPEHRb/x7x7NiKJ38tFT +BQyPGwZHQi2ZSEkjkCq88Vqa5VL6ckTMai/yuc2Rp6ThTou6qUHdbQJmQNxB3ZD8 ++CxnhsPdblMzLrhCoKtakNT63IUlKVaSIMgr4r8PVts+bRWkT+usLA3Lo8TjJFV2 +0zrZrd6pfUhEtG+3L9I+DsE9P8mCgKOJ6OkNmY6q3tL1NtzACgtGYIZd9kZxyZD4 +vduKO2uCdTRGHsOvSgj1JuLpsPuHt/8rDjtYnoojqkf78TptWlQXUoBUdwIuFwXh +9HwXLPH9L4TY2DyEWXzsnioCmXiksq8zWBQTiDHClQwM6n3eyKpktVjm1YSfKD6u +wu5ZqOMV4hWGdoSlfhQ30pDZrDxu4UR5JNN2Z9wIYexfna217ZmGZeKx/D18QYHP +nJWHIXVn80oY0U5s3pEgYNEv1mGeLyUS8LGWl91tYgAyhQXWETQFElCSQACCHn9k +1iW+jO7VGbwBOguDqJvnxIPIMvphsmaFx1He3RlRSepm5YzLFJq4hK8T7wARAQAB +iQRsBBgBCAAgFiEEkevocBY5EyNkKmgDuWYAnVfmnMYFAmFlV18CGwICQAkQuWYA +nVfmnMbBdCAEGQEIAB0WIQR/pDvSzM0OT2g2QV5PVv93WWJ9BwUCYWVXXwAKCRBP +Vv93WWJ9B/a6D/4rU94pYuSEm9RoYdyNDMMEhxORuQ0SJURcdFyCUCV+SqsSUXv/ +zNtaQ1B27kreHvCCmr+BSl/Cw5l0StTRol13pXz6U3at+QaH7yAyXxi51JmsmjAh +D7vpRmAirHUdB7mlAXY4hccBbI4wvMM9c0C92oT6toMh13vHwW/2JGlwiqeJFCnu ++0WRwKm8bHzfhllB3/5iwN5aZl32O4+QyzY53SsoR0W8V9q1wpkXvWGXxd74PXHw +os9pXuhilcBz+CLicAZe45lU5gM7WkhYxRexcqd1jcQ+jf5C7PraJLY/NDC1M14I +1FfSouOIcanDjvc8pApysgeYA5zMzeebbwI8fmP0uNrR6jajGzmZOfkitEmjvR0z +CLbDZ6kvutt5j95UQpv6M3S+vq9+/lBV9UZshbVo6in78mTJtFViVquWY/w4o/nI +QDBiPhznONHRstACoAzFkn8M0MnIMlI/U9lDy0Jwe6toLUzBHZPKxaZhncUYyzg0 ++QTnh4h0/GRP7Wh8LLh3kL/NvlXyHvDvcC5A66ZlgEK9aBb3NL32JI5rq8UwohWP +MB9qyqg0P3/gHKONU71Hx1e3IcYnrsrHxllpj+sZNhVhbr1ta4BLSInGsfuHURW6 +FQp1v68A6mVS+RikzKgUp45Ogxrr/Qu8JpL/B70dcmmUjVC9hJLXmmeqEyhbD/9J +i7ZtwYcShVcda4qU+UFm+YyC/+7a97KmIjWTuOyJAvo4FvvzUbIwra2NJlG5iSYc +GnYnHQqrpIfK2QgRkV0Jl5w8maAcphf/NWg0XVZGz8PG0ADuh8zKxcJnrfzQyS1X +YS7sPD9kHkxqZke18y+rf5KiOOYnttw0qpg6+3s4Lhdklbyyt0rQqp+tciOP1rRT +cTrKRxjPoa07viR6Z4oCPflILGdiqHDf0cXVIwkKt5nry+8aNgcGQASF6AEXgnSk +qxYg3fcCDD9JuZU3I+XxPU8fXZ4rdjBIOJdX5eCNuWxythPr+/c1Zlg50cnUhMnE +jqE8Ff6nb9W+EkT9FHe2cJ7ALgPU2Bsd8wXCJbqIbhDTxRmOKe5dldbjvzn8emau +/wivGfkIRwK++4yikNslK6OZgg5FPI37Xfntlf+xVy2eIIUZSwGzSeKWsgd00xnb +E+UXCVx1U2OqT6b45q2tv9rZzkHyp+p6KPW9mYS/15cf70wQXiY5ckVR5GnE4gOJ +LnGdBagiVGdIZOmzNVUnOPuGRDU9S3+i+PdcEf+y6NZHAa/frzFAryCimoWapPwc +AMXzKjSbA3htpmkjXedmdCcSS80osV0ncmp1ItgOVu+h+J80Bq0NLNPPPxcdTzvv +T8glpyIPT++jmTDI82+9MmW8taoMmY7BbG2cqluh5rkCDQRhZV5jARAA3ChfSi7Q +sk4zuDDIzIcAfVRntY5jkEwlL37Vfxxz0cmEPr78u5/kiDV8MOUwlm08tZjDvrfy +JplouQDs0dTAWdqPxzkLQJD+lUap3aKphsTWHCH6o1s90hMmZdWM6MB16E8RtF7K +rTYIGWpetBLYZxqjhaHXtn1sTf3B2zHi8eUDkVT87iPr6RX/YBSWueYJnmUE9mJf +st2jhK5kF++yt3w6/jXaJ7lKiCfDIJwEiqQx4DA4j6r5pWQHHSqOOyxybwxf3l4q +SpqIdX2qlFgm1Wo6d0SE0Ufsy/iOg18k1QMFzR4IOSZxI30k9NSSL5UqnOBeVERb +Bf/NgzQbQlFb2JquoKxr+WPSg+YLvcY0KFfBXMZXZJyXXUzVgcRYWK4k84BQG223 +M59iEZAOaPBqi9XoorKCfKGHzCmlVr8dcujbHO84v6ZXPlvC7UoylaBYwyUbuejw +fgn8OXuLig0PaSXX2XXInvvzgidojPU8uJ9s88T6Fc25Tb02HexQIV4V52I06qsi +lvC3aOZ7i3odtWF8hQ/bfRt53T9rkbYakQxPryLbhEgOJ+TPXfv+FVUHG8mN1G+y +uATgFRWkz03lVFh0Pk5FjhWXqfF+bsx2lVajikhqGTJyFlo1HQKS4BZWdccfKzq3 +LWQ/8d2s6cIW5smdYO3a4yoQJJXyhmL2a4EAEQEAAYkCNgQYAQgAIBYhBJHr6HAW +ORMjZCpoA7lmAJ1X5pzGBQJhZV5jAhsMAAoJELlmAJ1X5pzG4b8QAK3GLogvlYuk +KNK8igJo+Nk8ftJ70ozvrsRxmpAupoLe+6sWf/rlXPYZRPB+4YQBXpuw4HCltauO +79Q3Qy5YkK5V0QiGM6o0YyyEHnpGpSJWT43+cTH8OcmXA1g7rEXUKqy3YC4FUyDZ +Em0bOaFa1oqeTXXi3bRaPTBkp03D1uD+Ly++YieV+Xt+ObzWkAigT7NHVERmkrtq +m08GKXhyQM5KcpVLwF0pdgJTffl0uBjyGhwzUNdyxcBJQ3L/c5BSTeFY2sAVIGwX +msoOOB5bmU5DJ1kTe/yMBMJyDxltTdKJ9RHWT328BcZYHpeFF0hWiAvAzzsUvh77 +mQesewWScTaG7StQMQEcM8HnBLZcsRqajbIXwsb3HNyTvADT4JAFkUMwq3GnSvSl +SEktIia43wqMcS0cLJej6dGcbErgrtc6Nw8tXqfdkAqxc1DVCOdActFukruxuLk/ +NKnHJg4/q3v2hgrIzUkyy7qM2G1/ns/YKHnAnJyxci87lmZYHIoG5MhogGdOKWgN +CW8vpp11lS16AYaXCBM/QyiMga7mT+wpHrat5FbmN6TVKkOWmPnvoGkyeUjkof8E +PnsBpXXOpHTLP8ky89OdbrraEXGiBEPHonfzvG2gjI7mwHz5rWUV/9to+nT2IrWP +l2prWUwR4RaL1ninCGGDpG6NaMy/aoFOuQINBGFlYngBEADdkkSaiZa0N2qdlCMk +GKfiBoykFDEfYNLZNi0sTRamvu6D7Xl4J0yKEHoNNYjp+mRbe04EApqJtIh7LlCb +FverIsaWx+yB8iZ7otN0qKvWnCEaEd5FUcPLk52wA4nLnECIzW4pTjjfDtnqD9p0 +uyzQubJC3OwO9b0ep6S022gSz3I3sjEUmfhA5oiS6cp0w7d18A4HpD9Br2o4/UZ4 +UiFxkmPF4snuHqNwDbpROsxpi6Dhc2VaNFNAw6BY5pY36VaQmFQBUcxfetzDRpds +PIsePbCU3gqs/w7Dq/YODzksZWI1zn6Ox/6Hvaeqo7bh/UAVxA9UHcpGigsBrkol +mW6ysHdRznhvB7EInzFaYQ6skQLujJWRnc/QtVlqPaJNzmePjINTqe4vcegu2b6E +W07vy4IbO4Afqmf/AMOdLIdtNsJ5rUNr+FIMUWpY0DPI08VjaPwTL41hFM7z/ovy +5pC2dopMCABXernmrqzAfK6+dBqoZxVtX7MsC8ha5PVv+8dBHbBcI/pLhmr8Eru1 +zKaFvmMowUE9B66n4wbjvDXEepsZ/UnFGY8IJVo5Xb/PDEtwFm2uf5ZqbhGSHKTe +69Xr9T166baHYkC8455FnKZ2N+Ds6QNmlo9sq7C9LbVS8cVR7ORQPtxO7sJ98/y5 +pyoi6WIssoBpM3ryWRHk1wDLFwARAQABiQI2BBgBCAAgFiEEkevocBY5EyNkKmgD +uWYAnVfmnMYFAmFlYngCGyAACgkQuWYAnVfmnMaMQxAAgyb8P191n2r11K5IgF13 +zfyus3VtATWOdViDtn6tE2FeLBUnEOPmn3BSlvPIRXnUNNIOJLd8Z6SYagKKnLK7 +JtV9uM8trLbdaOlfZDmXXNDX5iuMwCIhrikN/I7zGomSS9N7ln1oKEd53yNutUyy +nLFjfzFJ2Z8NOH1kw87DMIFJG7suwYzW7BdhRJv09GNypgciddFlzaacnQ1T/FLX +JpREQEFRQfiuuEkByeyt6gq5ATotsWq+eukLSc5JGiy5rG86Cdbzz4ZQ+awMopog +8ph4BVQHC4fZEK6C2BwT4ZdfVHF6RWnZVpIsgCU2ujwe4L1HrRn5yhGIYWPxYD1X +/w7JTC4TVnZIszi7kTQgMiuUyCtEN2GNrS+4+DPN5gN9OituHdEA1JdLurZ6MZhl +7bnoAmLt2qAaFSquwyjhiu9pjJx1DV5sVA87QpIRwrmn2AuD6/4EZuDKT3IiumzT +i0hHGWjEsadckih45T4++tbafTIlGMM+Qf7ZGxN6ry/SQFV3C8aId1lv7rsEfiYe +FsSAY6gXxA+yKF8nnIf19nqitKDWUUnSDGG8HSdw0GUY2Up6sK7OGpZa0eFY2G5A +F4kf7w593iUl9LStmGD/yCpYS0CZ3Zu+tHwfaXFnLXc+r1EnAJh2MW5MrEn0kSWO +lVBehNjHALQ9k/lWjR0NHcQ= +=YlVy +-----END PGP PUBLIC KEY BLOCK----- diff --git a/modules/mail.nix b/modules/mail.nix new file mode 100644 index 0000000..4327244 --- /dev/null +++ b/modules/mail.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ... }: +let release = "nixos-21.05"; +in { + mailserver = { + enable = true; + fqdn = "mail.example.com"; + domains = [ "example.com" "example2.com" ]; + loginAccounts = { + "user1@example.com" = { + # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 > /hashed/password/file/location + hashedPasswordFile = "/hashed/password/file/location"; + + aliases = [ + ]; + }; + }; + }; +} + diff --git a/modules/vm.nix b/modules/vm.nix new file mode 100644 index 0000000..2e8d1be --- /dev/null +++ b/modules/vm.nix @@ -0,0 +1,29 @@ +{ config, lib, pkgs, buildVM, ... }: + +{ + assertions = [ + { assertion = buildVM; message = "this module may only be used when building a VM!"; } + ]; + + users.users.root.hashedPassword = ""; + users.mutableUsers = false; + + networking.useDHCP = lib.mkForce false; + networking.interfaces = lib.mkForce { + eth0.useDHCP = true; + }; + networking.defaultGateway = lib.mkForce null; + + #sops.defaultSopsFile = lib.mkForce ../secrets.test.yaml; + #sops.age.sshKeyPaths = lib.mkForce []; + #sops.gnupg.sshKeyPaths = lib.mkForce []; + #sops.age.keyFile = lib.mkForce "${../keys/test.age}"; + #sops.age.generateKey = lib.mkForce false; + + + # Set VM disk size (in MB) + virtualisation.diskSize = 2048; + + # Set VM ram amount (in MB) + virtualisation.memorySize = 1024; +}