b12f/os
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

fix: fix mail@b12f.io

Browse source
This commit is contained in:
Benjamin Bädorf 2024-01-03 21:08:59 +01:00
parent 523837b276
commit 6e2798a0d4
No known key found for this signature in database
GPG key ID: 1B7BF5B77A521346
2 changed files with 18 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
hosts/frikandel/email.nix
View file

@ -24,11 +24,16 @@ in {
owner = "maddy"; owner = "maddy";
}; };
users.users.maddy.extraGroups = [ "nginx" ];
security.acme.certs = { security.acme.certs = {
"mail.b12f.io" = { "mail.b12f.io" = {
reloadServices = [ "maddy" ]; reloadServices = [ "maddy" ];
group = "maddy"; group = "maddy";
}; };
"b12f.io" = {
reloadServices = [ "maddy" ];
};
"mta-sts.b12f.io" = {}; "mta-sts.b12f.io" = {};
"mta-sts.${hzDomain}" = {}; "mta-sts.${hzDomain}" = {};
}; };
@ -62,9 +67,11 @@ in {
echo '${dkimDNSb12fio}' >> /var/lib/maddy/dkim_keys/b12f.io_default.dns echo '${dkimDNSb12fio}' >> /var/lib/maddy/dkim_keys/b12f.io_default.dns
''; '';
networking.firewall.allowedTCPPorts = [ 25 587 993 ];
services.maddy = { services.maddy = {
enable = true; enable = true;
openFirewall = true; openFirewall = false;
hostname = "mail.b12f.io"; hostname = "mail.b12f.io";
primaryDomain = "b12f.io"; primaryDomain = "b12f.io";
ensureAccounts = [ ensureAccounts = [
@ -82,6 +89,10 @@ in {
keyPath = "${config.security.acme.certs."mail.b12f.io".directory}/key.pem"; keyPath = "${config.security.acme.certs."mail.b12f.io".directory}/key.pem";
certPath = "${config.security.acme.certs."mail.b12f.io".directory}/cert.pem"; certPath = "${config.security.acme.certs."mail.b12f.io".directory}/cert.pem";
} }
{
keyPath = "${config.security.acme.certs."b12f.io".directory}/key.pem";
certPath = "${config.security.acme.certs."b12f.io".directory}/cert.pem";
}
]; ];
}; };
config = '' config = ''
@ -169,7 +180,7 @@ in {
} }
} }
submission tcp://0.0.0.0:587 { submission tls://0.0.0.0:587 {
limits { limits {
all rate 50 1s all rate 50 1s
} }
@ -227,7 +238,7 @@ in {
} }
} }
imap tcp://0.0.0.0:143 { imap tls://0.0.0.0:993 {
auth &local_authdb auth &local_authdb
storage &local_mailboxes storage &local_mailboxes
} }

7
users/b12f/email/.config/offlineimap/config
View file

@ -46,7 +46,7 @@ type = IMAP
remotehost = mail.greenbaum.zone remotehost = mail.greenbaum.zone
remoteport = 993 remoteport = 993
remoteuser = admins@pub.solar remoteuser = admins@pub.solar
remotepasseval = get_secret("service", "smtp", "host", "mail.greenbaum.cloud", "user", "admins@pub.solar") remotepasseval = get_secret("service", "smtp", "host", "mail.greenbaum.zone", "user", "admins@pub.solar")
sslcacertfile = /etc/ssl/certs/ca-certificates.crt sslcacertfile = /etc/ssl/certs/ca-certificates.crt
ssl = yes ssl = yes
@ -63,7 +63,7 @@ type = IMAP
remotehost = mail.greenbaum.zone remotehost = mail.greenbaum.zone
remoteport = 993 remoteport = 993
remoteuser = crew@pub.solar remoteuser = crew@pub.solar
remotepasseval = get_secret("service", "smtp", "host", "mail.greenbaum.cloud", "user", "crew@pub.solar") remotepasseval = get_secret("service", "smtp", "host", "mail.greenbaum.zone", "user", "crew@pub.solar")
sslcacertfile = /etc/ssl/certs/ca-certificates.crt sslcacertfile = /etc/ssl/certs/ca-certificates.crt
ssl = yes ssl = yes
@ -79,9 +79,10 @@ localfolders = ~/Mail/mail@b12f.io
type = IMAP type = IMAP
remotehost = mail.b12f.io remotehost = mail.b12f.io
remoteuser = mail@b12f.io remoteuser = mail@b12f.io
remoteport = 143 remoteport = 993
remotepasseval = get_secret("service", "smtp", "host", "mail.b12f.io", "user", "mail@b12f.io") remotepasseval = get_secret("service", "smtp", "host", "mail.b12f.io", "user", "mail@b12f.io")
sslcacertfile = /etc/ssl/certs/ca-certificates.crt sslcacertfile = /etc/ssl/certs/ca-certificates.crt
ssl = yes
[Account RWTH] [Account RWTH]
localrepository = LocalRWTH localrepository = LocalRWTH