plasmagoat/homelab
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

homelab framework module init (everything is a mess)
Some checks failed
Test / tests (push) Has been cancelled
Details
/ OpenTofu (push) Has been cancelled
Details

Browse source
This commit is contained in:
plasmagoat 2025-07-28 02:05:13 +02:00
parent 0347f4d325
commit bcbcc8b17b
94 changed files with 7289 additions and 436 deletions
Download patch file Download diff file Expand all files Collapse all files

17
machines/mail/mailserver.nix
View file

@ -1,10 +1,14 @@
{config, ...}: {
sops.secrets."service_accounts/mail/password" = {};
sops.secrets."cloudflare/dns-api-token" = {};
sops.secrets."cloudflare/zone-api-token" = {};
mailserver = {
enable = true;
stateVersion = 3;
fqdn = "mail.procopius.dk";
domains = ["procopius.dk"];
dmarcReporting.enable = true;
localDnsResolver = false;
ldap = {
enable = true;
@ -28,10 +32,17 @@
searchBase = "ou=people,dc=procopius,dc=dk";
};
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80.
certificateScheme = "acme-nginx";
certificateScheme = "acme";
acmeCertificateName = "mail.procopius.dk";
};
security.acme.acceptTerms = true;
security.acme.defaults.email = "david.mikael@proton.me";
security.acme.defaults = {
dnsProvider = "cloudflare";
dnsResolver = "1.1.1.1:53";
credentialFiles = {
"CF_DNS_API_TOKEN_FILE" = config.sops.secrets."cloudflare/dns-api-token".path;
"CF_ZONE_API_TOKEN_FILE" = config.sops.secrets."cloudflare/zone-api-token".path;
};
};
}