gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

services/mail: add dork.dev

Browse source
This commit is contained in:
kat witch 2021-09-01 22:35:43 +01:00
parent 2b9ebd8877
commit 3dd9c4274c
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
4 changed files with 70 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

63
config/services/mail/default.nix
View file

@ -2,47 +2,50 @@
with lib;
{
let
domains = [ "kittywitch" "dork" ];
in {
imports = [ sources.nixos-mailserver.outPath ];
kw.secrets.variables = (mapListToAttrs (field:
kw.secrets.variables = listToAttrs (map (field:
nameValuePair "mail-${field}-hash" {
path = "secrets/mail-kittywitch";
field = "${field}-hash";
}) ["gitea" "kat"]
// {
mail-domainkey-kitty = {
path = "secrets/mail-kittywitch";
++ map (domain:
nameValuePair "mail-domainkey-${domain}" {
path = "secrets/mail-${domain}";
field = "notes";
}) domains);
deploy.tf.dns.records = lib.mkMerge (map (domain: let
zoneGet = domain: if domain == "dork" then "dork.dev." else config.network.dns.zone;
in {
"services_mail_${domain}_mx" = {
zone = zoneGet domain;
mx = {
priority = 10;
target = "${config.network.addresses.public.domain}.";
};
};
});
deploy.tf.dns.records.services_mail_mx = {
tld = config.network.dns.tld;
domain = "@";
mx = {
priority = 10;
target = "${config.network.addresses.public.domain}.";
};
};
"services_mail_${domain}_spf" = {
zone = zoneGet domain;
txt.value = "v=spf1 ip4:${config.network.addresses.public.nixos.ipv4.address} ip6:${config.network.addresses.public.nixos.ipv6.address} -all";
};
deploy.tf.dns.records.services_mail_spf = {
tld = config.network.dns.tld;
domain = "@";
txt.value = "v=spf1 ip4:${config.network.addresses.public.nixos.ipv4.address} ip6:${config.network.addresses.public.nixos.ipv6.address} -all";
};
"services_mail_${domain}_dmarc" = {
zone = zoneGet domain;
domain = "_dmarc";
txt.value = "v=DMARC1; p=none";
};
deploy.tf.dns.records.services_mail_dmarc = {
tld = config.network.dns.tld;
domain = "_dmarc";
txt.value = "v=DMARC1; p=none";
};
deploy.tf.dns.records.services_mail_domainkey = {
tld = config.network.dns.tld;
domain = "mail._domainkey";
txt.value = tf.variables.mail-domainkey-kitty.ref;
};
"services_mail_${domain}_domainkey" = {
zone = zoneGet domain;
domain = "mail._domainkey";
txt.value = tf.variables."mail-domainkey-${domain}".ref;
};
}) domains);
secrets.files = {
mail-kat-hash = {