From d975f43b3e0646f2793eebf12521424990e8ad48 Mon Sep 17 00:00:00 2001 From: Lukas Wurzinger Date: Sat, 20 Apr 2024 21:49:50 +0200 Subject: [PATCH] remove mail --- class/desktop/clipboard.nix | 3 - class/desktop/default.nix | 3 - class/desktop/docker.nix | 3 - class/desktop/flatpak.nix | 22 ------ class/desktop/neovide.nix | 2 +- class/desktop/users.nix | 15 ---- flake.lock | 142 +++++------------------------------- flake.nix | 2 - hosts/abacus/default.nix | 4 +- hosts/abacus/mailserver.nix | 59 --------------- hosts/abacus/nextcloud.nix | 53 -------------- part | 4 +- pubkeys.nix | 2 +- secrets/mail-lukas.age | 9 --- secrets/nextcloud-lukas.age | 9 --- secrets/secrets.nix | 3 - secrets/user-guest.age | 11 --- 17 files changed, 25 insertions(+), 321 deletions(-) delete mode 100644 class/desktop/clipboard.nix delete mode 100644 class/desktop/docker.nix delete mode 100644 class/desktop/users.nix delete mode 100644 hosts/abacus/mailserver.nix delete mode 100644 hosts/abacus/nextcloud.nix delete mode 100644 secrets/mail-lukas.age delete mode 100644 secrets/nextcloud-lukas.age delete mode 100644 secrets/user-guest.age diff --git a/class/desktop/clipboard.nix b/class/desktop/clipboard.nix deleted file mode 100644 index cab0c1c..0000000 --- a/class/desktop/clipboard.nix +++ /dev/null @@ -1,3 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = [pkgs.wl-clipboard]; -} diff --git a/class/desktop/default.nix b/class/desktop/default.nix index 4532d4b..a49ed63 100644 --- a/class/desktop/default.nix +++ b/class/desktop/default.nix @@ -1,7 +1,5 @@ { imports = [ - ./clipboard.nix - ./docker.nix ./flatpak.nix ./fonts.nix ./fs.nix @@ -15,7 +13,6 @@ ./plasma.nix ./printing.nix ./syncthing.nix - ./users.nix ./vm.nix ./wine.nix ]; diff --git a/class/desktop/docker.nix b/class/desktop/docker.nix deleted file mode 100644 index a878015..0000000 --- a/class/desktop/docker.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - virtualisation.docker.enable = true; -} diff --git a/class/desktop/flatpak.nix b/class/desktop/flatpak.nix index 3562804..1ff0c53 100644 --- a/class/desktop/flatpak.nix +++ b/class/desktop/flatpak.nix @@ -1,25 +1,3 @@ { - config, - pkgs, - ... -}: { - # FIXME: This is unnecessary when https://github.com/NixOS/nixpkgs/pull/262462 is merged - system.fsPackages = [pkgs.bindfs]; - fileSystems = let - mkRoSymBind = path: { - device = path; - fsType = "fuse.bindfs"; - options = ["ro" "resolve-symlinks" "x-gvfs-hide"]; - }; - aggregatedFonts = pkgs.buildEnv { - name = "system-fonts"; - paths = config.fonts.packages; - pathsToLink = ["/share/fonts"]; - }; - in { - "/usr/share/icons" = mkRoSymBind "/run/current-system/sw/share/icons"; - "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts"); - }; - services.flatpak.enable = true; } diff --git a/class/desktop/neovide.nix b/class/desktop/neovide.nix index 6821dbf..6ebbb3b 100644 --- a/class/desktop/neovide.nix +++ b/class/desktop/neovide.nix @@ -1,5 +1,5 @@ {pkgs, ...}: let package = pkgs.neovide; in { - environment.systemPackages = [package]; + environment.systemPackages = [package pkgs.wl-clipboard]; } diff --git a/class/desktop/users.nix b/class/desktop/users.nix deleted file mode 100644 index c5a9c18..0000000 --- a/class/desktop/users.nix +++ /dev/null @@ -1,15 +0,0 @@ -{config, ...}: { - age.secrets.user-guest.file = ../../secrets/user-guest.age; - - users = { - groups.guest = {}; - - users.guest = { - isNormalUser = true; - hashedPasswordFile = config.age.secrets.user-guest.path; - extraGroups = ["wheel" "networkmanager" "gamemode"]; - }; - }; - - services.displayManager.hiddenUsers = ["guest"]; -} diff --git a/flake.lock b/flake.lock index 12f1207..8d2b90c 100644 --- a/flake.lock +++ b/flake.lock @@ -21,22 +21,6 @@ "type": "github" } }, - "blobs": { - "flake": false, - "locked": { - "lastModified": 1604995301, - "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", - "owner": "simple-nixos-mailserver", - "repo": "blobs", - "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", - "type": "gitlab" - }, - "original": { - "owner": "simple-nixos-mailserver", - "repo": "blobs", - "type": "gitlab" - } - }, "darwin": { "inputs": { "nixpkgs": [ @@ -83,22 +67,6 @@ } }, "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_2": { "locked": { "lastModified": 1696426674, "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", @@ -112,7 +80,7 @@ "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, - "flake-compat_3": { + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1696426674, @@ -188,7 +156,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems_3" + "systems": "systems_2" }, "locked": { "lastModified": 1701680307, @@ -206,7 +174,7 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_4" + "systems": "systems_3" }, "locked": { "lastModified": 1710146030, @@ -247,11 +215,11 @@ }, "hardware": { "locked": { - "lastModified": 1712909959, - "narHash": "sha256-7/5ubuwdEbQ7Z+Vqd4u0mM5L2VMNDsBh54visp27CtQ=", + "lastModified": 1713521961, + "narHash": "sha256-EwR8wW9AqJhSIY+0oxWRybUZ32BVKuZ9bjlRh8SJvQ8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f58b25254be441cd2a9b4b444ed83f1e51244f1f", + "rev": "5d48925b815fd202781bfae8fb6f45c07112fdb2", "type": "github" }, "original": { @@ -318,31 +286,10 @@ "type": "github" } }, - "mailserver": { - "inputs": { - "blobs": "blobs", - "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_2", - "utils": "utils" - }, - "locked": { - "lastModified": 1710449465, - "narHash": "sha256-2orO8nfplp6uQJBFqKkj1iyNMC6TysmwbWwbb4osTag=", - "owner": "simple-nixos-mailserver", - "repo": "nixos-mailserver", - "rev": "79c8cfcd5873a85559da6201b116fb38b490d030", - "type": "gitlab" - }, - "original": { - "owner": "simple-nixos-mailserver", - "repo": "nixos-mailserver", - "type": "gitlab" - } - }, "myvim": { "inputs": { "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "nixvim": "nixvim" }, "locked": { @@ -435,17 +382,18 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1709703039, - "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", + "lastModified": 1712791164, + "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", + "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5", "type": "github" }, "original": { - "id": "nixpkgs", + "owner": "NixOS", "ref": "nixos-unstable", - "type": "indirect" + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs_3": { @@ -466,27 +414,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1712791164, - "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=", + "lastModified": 1713537308, + "narHash": "sha256-XtTSSIB2DA6tOv+l0FhvfDMiyCmhoRbNB+0SeInZkbk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1712791164, - "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5", + "rev": "5c24cf2f0a12ad855f444c30b2421d044120c66f", "type": "github" }, "original": { @@ -499,11 +431,11 @@ "nixvim": { "inputs": { "devshell": "devshell", - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat", "flake-parts": "flake-parts_3", "home-manager": "home-manager_2", "nix-darwin": "nix-darwin", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { @@ -522,7 +454,7 @@ }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_2", "flake-utils": "flake-utils_2", "gitignore": "gitignore", "nixpkgs": [ @@ -556,9 +488,8 @@ "flake-parts": "flake-parts", "hardware": "hardware", "impermanence": "impermanence", - "mailserver": "mailserver", "myvim": "myvim", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_4" } }, "systems": { @@ -605,39 +536,6 @@ "repo": "default", "type": "github" } - }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "utils": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1709126324, - "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "d465f4819400de7c8d874d50b982301f28a84605", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index ebc488e..7a0cd39 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,6 @@ hardware.url = "github:NixOS/nixos-hardware"; impermanence.url = "github:nix-community/impermanence"; agenix.url = "github:ryantm/agenix"; - mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; myvim.url = "github:lukaswrz/myvim"; }; @@ -29,7 +28,6 @@ modules = [ inputs.impermanence.nixosModules.impermanence inputs.agenix.nixosModules.default - inputs.mailserver.nixosModule ./common ./class/${class} diff --git a/hosts/abacus/default.nix b/hosts/abacus/default.nix index 0e0538a..650f7bc 100644 --- a/hosts/abacus/default.nix +++ b/hosts/abacus/default.nix @@ -5,9 +5,7 @@ ./atuin.nix ./conduit.nix ./forgejo.nix - ./mailserver.nix ./navidrome.nix - ./nextcloud.nix ./nginx.nix ./vaultwarden.nix ]; @@ -38,7 +36,7 @@ }; security.acme = { - defaults.email = "lukasatwrzdotone@gmail.com"; + defaults.email = "lukas@wrz.one"; acceptTerms = true; }; } diff --git a/hosts/abacus/mailserver.nix b/hosts/abacus/mailserver.nix deleted file mode 100644 index a675c77..0000000 --- a/hosts/abacus/mailserver.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - config, - pkgs, - ... -}: let - inherit (config.networking) domain fqdn; - - wellKnownMtaSts = pkgs.writeText "" '' - version: STSv1 - mode: enforce - mx: ${fqdn} - max_age: 86400 - ''; -in { - age.secrets.mail-lukas.file = ../../secrets/mail-lukas.age; - - environment.persistence."/persist".directories = [ - config.mailserver.dkimKeyDirectory - config.mailserver.mailDirectory - config.mailserver.sieveDirectory - ]; - - mailserver = { - enable = true; - openFirewall = true; - inherit fqdn; - domains = [domain]; - - loginAccounts = { - "lukas@${domain}" = { - hashedPasswordFile = config.age.secrets.mail-lukas.path; - aliases = ["postmaster@${domain}" "vault@${domain}"]; - }; - }; - - certificateScheme = "acme-nginx"; - }; - - # FIXME: This is unnecessary when https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/275 is closed - services.dovecot2.sieve.extensions = ["fileinto"]; - - services.nginx.virtualHosts."mta-sts.${domain}" = { - enableACME = true; - forceSSL = true; - quic = true; - - locations = { - "/".return = "404"; - - "=/.well-known/mta-sts.txt" = { - alias = wellKnownMtaSts; - - extraConfig = '' - default_type text/plain; - ''; - }; - }; - }; -} diff --git a/hosts/abacus/nextcloud.nix b/hosts/abacus/nextcloud.nix deleted file mode 100644 index 6f66f8e..0000000 --- a/hosts/abacus/nextcloud.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - config, - pkgs, - ... -}: { - age.secrets.nextcloud-lukas = { - file = ../../secrets/nextcloud-lukas.age; - owner = "nextcloud"; - group = "nextcloud"; - }; - - services.nextcloud = { - enable = true; - package = pkgs.nextcloud28; - - hostName = "cloud.${config.networking.domain}"; - https = true; - - configureRedis = true; - - # TODO: news - extraApps = { - inherit - (config.services.nextcloud.package.packages.apps) - bookmarks - calendar - contacts - deck - forms - mail - maps - notes - phonetrack - tasks - ; - }; - extraAppsEnable = true; - - database.createLocally = true; - config = { - dbtype = "pgsql"; - - adminuser = "lukas"; - adminpassFile = config.age.secrets.nextcloud-lukas.path; - }; - }; - - services.nginx.virtualHosts.${config.services.nextcloud.hostName} = { - enableACME = true; - forceSSL = true; - quic = true; - }; -} diff --git a/part b/part index c1e4922..57c3d5b 100755 --- a/part +++ b/part @@ -53,8 +53,8 @@ fi blkdev=$1 sfdisk --label gpt --quiet -- "$blkdev" < ssh-ed25519 SFHVrw 9+APWz/u61v8zE6auzspntqrKNdCFb7fZPFMIdOBx0E -KMMD8n0klfeMN41AHX7sgXOdjI4eCgODKpkaFBkiesQ --> ssh-ed25519 S+dwQQ nPqPcy5Ksk6W14xacleMie+mNKInhdlOcjtb3iEaSDU -IB7VAISMPvD8goodgcahuCab5r59zD/O3fKAePLBKAc --> ssh-ed25519 ffmsLw Rf4/ibog+At3JqyvQkkXKAsmhkK6/8wWeMSrwsJzGSs -To4HRcE12BiFQZp1z+dT9DiE24LxJdFVxYZUalstfgo ---- dnS4XgHvGt9ZROAl+daSLO4VDj8ihnJenDNvfG43zFA -ĕhqA #!V9T5ӱKruktUq\/W%FXRDYZx+7SwAQhrTz+8B>*,$+EfaAl \ No newline at end of file diff --git a/secrets/nextcloud-lukas.age b/secrets/nextcloud-lukas.age deleted file mode 100644 index 2cb5aa7..0000000 --- a/secrets/nextcloud-lukas.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 SFHVrw 6oAZL86Esb8hewQ6ylGb7k0RsQlJoQbwyHDB8cEiVH0 -TvD14WLXzxCvDb1/iWljWNgR+qF0yjwlSLZ06HoNh9I --> ssh-ed25519 S+dwQQ KoANzMyOZKHMFBg+nqblxAP+bWKGXceexVYUbExu80s -kUIcinUKIvPuBlFgnPKIomq+yk9P8GnjsujM63+Hm68 --> ssh-ed25519 ffmsLw Ad9EVWmpxhiAaREltE2J7APUn/NeNg9tw8vG8yeC3HU -R26AmfZEq1Q0qKJ4npuQV5Yc/aIKJMiP68/Rd8l7lDg ---- Y3yFHxXo16Z9hQVFdDut04ioZ0H4x4YUy/SBGn8+MWw -[@/1[7RM,B7A_iQ'@ ssh-ed25519 SFHVrw DCt2GZWNEMSghE2UN3bXoILlWnuJcwyC/NZeMq02CAc -+QUTcHu/7xuzWjwveWAlGvsI2cO47uGwR4BSvOLtjjs --> ssh-ed25519 S+dwQQ 6rAan8TWKoUaAhBHpNsMkVo2p+Lgz0ZoQmxFEaNTSHU -PdiHcuv08y1iOlaLFVpSwd3Hhf2eVkhmAk+ERUgQcck --> ssh-ed25519 d2fKsw JVyjUdSyNjZwm+YT6ADU9NdtdB/b4BRXvNeY1Rf3j2E -vMSNQGFCbIsK+QvurnxSk+bOhGAT0auQGUGi61Xu718 --> ssh-ed25519 US6ATA 1P9NLhIOtAfIDoPkFhvcXKmABtKeT/DwcnpAKnZOFm8 -E4JXWldgwLJpVHObEL8x5WILVyXCwCzM3KUwtkitG6w ---- b838whGkA7DIZ58mqtWg/LYmXwSNNDBTLuRcsSwXQWg -GQhtYP6x [)YUgygҴWϋiLikϟ;V/EUDKUmeųco[CO \ No newline at end of file