diff options
| author | lassulus <lass@aidsballs.de> | 2015-08-13 22:36:07 +0200 |
|---|---|---|
| committer | lassulus <lass@aidsballs.de> | 2015-08-13 22:36:07 +0200 |
| commit | c1a74913b7c74e97993af492a2b02c2e690fd215 (patch) | |
| tree | ee1cab8cc135508cfc85af1d09469036c1593a14 | |
| parent | 157d2e12c28f91eedd23062a66486093685fbcb4 (diff) | |
| parent | 89402643695cff9b06b61573c096eaa2e7017af1 (diff) | |
Merge branch 'tv' into newmaster
| -rw-r--r-- | Makefile | 4 | ||||
| -rw-r--r-- | Zpubkeys/makefu_tsp.ssh.pub | 1 | ||||
| -rw-r--r-- | tv/1systems/nomic.nix | 4 | ||||
| -rw-r--r-- | tv/1systems/wu.nix | 5 | ||||
| -rw-r--r-- | tv/2configs/exim-retiolum.nix | 126 | ||||
| -rw-r--r-- | tv/2configs/git.nix | 3 |
6 files changed, 12 insertions, 131 deletions
@@ -25,7 +25,7 @@ deploy:;@ eval: @ ifeq ($(filter),json) - extraArgs=--json + extraArgs='--json --strict' filter() { jq -r .; } else filter() { cat; } @@ -33,8 +33,6 @@ endif NIX_PATH=stockholm=$$PWD:$$NIX_PATH \ nix-instantiate \ $${extraArgs-} \ - $${json+--json} \ - $${json+--strict} \ --eval \ -A "$$get" \ '<stockholm>' \ diff --git a/Zpubkeys/makefu_tsp.ssh.pub b/Zpubkeys/makefu_tsp.ssh.pub new file mode 100644 index 0000000..9a9c9b6 --- /dev/null +++ b/Zpubkeys/makefu_tsp.ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1srWa67fcsw3r64eqgIuHbMbrj6Ywd9AwzCM+2dfXqYQZblchzH4Q4oydjdFOnV9LaA1LfNcWEjV/gVQKA2/xLSyXSDwzTxQDyOAZaqseKVg1F0a7wAF20+LiegQj6KXE29wcTW1RjcPncmagTBv5/vYbo1eDLKZjwGpEnG0+s+TRftrAhrgtbsuwR1GWWYACxk1CbxbcV+nIZ1RF9E1Fngbl4C4WjXDvsASi8s24utCd/XxgKwKcSFv7EWNfXlNzlETdTqyNVdhA7anc3N7d/TGrQuzCdtrvBFq4WbD3IRhSk79PXaB3L6xJ7LS8DyOSzfPyiJPK65Zw5s4BC07Z makefu@tsp diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index b9a10cb..896c1ad 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -25,7 +25,6 @@ with lib; ../2configs/AO753.nix ../2configs/base.nix ../2configs/consul-server.nix - ../2configs/exim-retiolum.nix ../2configs/git.nix { tv.iptables = { @@ -39,6 +38,9 @@ with lib; }; } { + krebs.exim-retiolum = true; + } + { krebs.nginx = { enable = true; servers.default.locations = [ diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 27691ec..a5cbde3 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -29,7 +29,6 @@ in ../2configs/w110er.nix ../2configs/base.nix ../2configs/consul-client.nix - ../2configs/exim-retiolum.nix ../2configs/git.nix ../2configs/mail-client.nix ../2configs/xserver.nix @@ -91,6 +90,7 @@ in sxiv texLive tmux + tvpkgs.cac tvpkgs.dic zathura @@ -165,6 +165,9 @@ in }; } { + krebs.exim-retiolum = true; + } + { krebs.nginx = { enable = true; servers.default.locations = [ diff --git a/tv/2configs/exim-retiolum.nix b/tv/2configs/exim-retiolum.nix deleted file mode 100644 index 851a0c6..0000000 --- a/tv/2configs/exim-retiolum.nix +++ /dev/null @@ -1,126 +0,0 @@ -{ config, pkgs, ... }: - -{ - services.exim = - # This configuration makes only sense for retiolum-enabled hosts. - # TODO modular configuration - assert config.krebs.retiolum.enable; - let - # TODO get the hostname from config.krebs.retiolum. - retiolumHostname = "${config.networking.hostName}.retiolum"; - in - { enable = true; - config = '' - primary_hostname = ${retiolumHostname} - domainlist local_domains = @ : localhost - domainlist relay_to_domains = *.retiolum - hostlist relay_from_hosts = <; 127.0.0.1 ; ::1 - - acl_smtp_rcpt = acl_check_rcpt - acl_smtp_data = acl_check_data - - host_lookup = * - rfc1413_hosts = * - rfc1413_query_timeout = 5s - - log_file_path = syslog - syslog_timestamp = false - syslog_duplication = false - - begin acl - - acl_check_rcpt: - accept hosts = : - control = dkim_disable_verify - - deny message = Restricted characters in address - domains = +local_domains - local_parts = ^[.] : ^.*[@%!/|] - - deny message = Restricted characters in address - domains = !+local_domains - local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ - - accept local_parts = postmaster - domains = +local_domains - - #accept - # hosts = *.retiolum - # domains = *.retiolum - # control = dkim_disable_verify - - #require verify = sender - - accept hosts = +relay_from_hosts - control = submission - control = dkim_disable_verify - - accept authenticated = * - control = submission - control = dkim_disable_verify - - require message = relay not permitted - domains = +local_domains : +relay_to_domains - - require verify = recipient - - accept - - - acl_check_data: - accept - - - begin routers - - retiolum: - driver = manualroute - domains = ! ${retiolumHostname} : *.retiolum - transport = remote_smtp - route_list = ^.* $0 byname - no_more - - nonlocal: - debug_print = "R: nonlocal for $local_part@$domain" - driver = redirect - domains = ! +local_domains - allow_fail - data = :fail: Mailing to remote domains not supported - no_more - - local_user: - # debug_print = "R: local_user for $local_part@$domain" - driver = accept - check_local_user - # local_part_suffix = +* : -* - # local_part_suffix_optional - transport = home_maildir - cannot_route_message = Unknown user - - - begin transports - - remote_smtp: - driver = smtp - - home_maildir: - driver = appendfile - maildir_format - directory = $home/Maildir - directory_mode = 0700 - delivery_date_add - envelope_to_add - return_path_add - # group = mail - # mode = 0660 - - begin retry - *.retiolum * F,42d,1m - * * F,2h,15m; G,16h,1h,1.5; F,4d,6h - - begin rewrite - - begin authenticators - ''; - }; -} diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index ecb98ce..8d66249 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -20,6 +20,9 @@ let rules = concatMap make-rules (attrValues repos); public-repos = mapAttrs make-public-repo { + cac = { + desc = "CloudAtCost command line interface"; + }; cgserver = {}; crude-mail-setup = {}; dot-xmonad = {}; |