postfix: add to vno1-oh2

2023-07-26 13:26:11 +03:00
parent 60936605c9
commit bac191ef2f
17 changed files with 120 additions and 91 deletions
--- a/hosts/hel1-a/configuration.nix
+++ b/hosts/hel1-a/configuration.nix
@@ -18,6 +18,11 @@ in {
    timeZone = "UTC";

    services = {
+      postfix = {
+        enable = true;
+        saslPasswdPath = config.age.secrets.sasl-passwd.path;
+      };
+
      zfsunlock = {
        enable = true;
        targets."vno1-oh2.servers.jakst" = {
@@ -371,31 +376,6 @@ in {
      };
    };

-    postfix = {
-      enable = true;
-      enableSmtp = true;
-      networks = [
-        "127.0.0.1/8"
-        "[::ffff:127.0.0.0]/104"
-        "[::1]/128"
-        myData.tailscale_subnet.cidr
-      ];
-      hostname = "${config.networking.hostName}.${config.networking.domain}";
-      relayHost = "smtp.sendgrid.net";
-      relayPort = 587;
-      mapFiles = {
-        sasl_passwd = config.age.secrets.sasl-passwd.path;
-      };
-      extraConfig = ''
-        smtp_sasl_auth_enable = yes
-        smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
-        smtp_sasl_security_options = noanonymous
-        smtp_sasl_tls_security_options = noanonymous
-        smtp_tls_security_level = encrypt
-        header_size_limit = 4096000
-      '';
-    };
-
    logrotate = {
      settings = {
        "/var/log/caddy/access-jakstys.lt.log" = {
--- a/hosts/vno1-oh2/configuration.nix
+++ b/hosts/vno1-oh2/configuration.nix
@@ -40,21 +40,28 @@
      };
    };

-    services.syncthing = {
-      enable = true;
-      dataDir = "/home/motiejus/";
-      user = "motiejus";
-      group = "users";
-    };
+    services = {
+      postfix = {
+        enable = true;
+        saslPasswdPath = config.age.secrets.sasl-passwd.path;
+      };

-    services.zfsunlock = {
-      enable = true;
-      targets."hel1-a.servers.jakst" = {
-        sshEndpoint = myData.hosts."hel1-a.servers.jakst".publicIP;
-        pingEndpoint = "hel1-a.servers.jakst";
-        remotePubkey = myData.hosts."hel1-a.servers.jakst".initrdPubKey;
-        pwFile = config.age.secrets.zfs-passphrase-hel1-a.path;
-        startAt = "*-*-* *:00/5:00";
+      syncthing = {
+        enable = true;
+        dataDir = "/home/motiejus/";
+        user = "motiejus";
+        group = "users";
+      };
+
+      zfsunlock = {
+        enable = true;
+        targets."hel1-a.servers.jakst" = {
+          sshEndpoint = myData.hosts."hel1-a.servers.jakst".publicIP;
+          pingEndpoint = "hel1-a.servers.jakst";
+          remotePubkey = myData.hosts."hel1-a.servers.jakst".initrdPubKey;
+          pwFile = config.age.secrets.zfs-passphrase-hel1-a.path;
+          startAt = "*-*-* *:00/5:00";
+        };
      };
    };
  };