diff --git a/systems/amd-server-vm/configuration.nix b/systems/amd-server-vm/configuration.nix index 24adc87..a2e5e6d 100644 --- a/systems/amd-server-vm/configuration.nix +++ b/systems/amd-server-vm/configuration.nix @@ -1,5 +1,8 @@ { config, pkgs, modulesPath, lib, ... }: +let + tmp_dovecot_passwords = "kopatz:{PLAIN}password:5000:5000::/home/kopatz"; +in { imports = [ # Include the results of the hardware scan. @@ -42,7 +45,6 @@ variant = "us"; }; hardware = { - firmware.enable = true; ssd.enable = true; }; misc = { @@ -105,6 +107,93 @@ virtualisation.vmware.guest.enable = true; services.xserver.videoDrivers = [ "vmware" ]; + users = { + users = { + vmail = { + isSystemUser = true; + description = "Virtual mail user"; + home = "/data/vmail"; + uid = 5000; + group = "vmail"; + }; + }; + groups = { + vmail = { + gid = 5000; + }; + }; + }; + systemd.tmpfiles.rules = [ "d /data/vmail 0700 vmail vmail -" ]; + services.postfix = { + enable = true; + settings.main = { + myhostname = "mail-kopatz.duckdns.org"; + mydomain = "mail-kopatz.duckdns.org"; + #myorigin = "$mydomain"; + mynetworks = [ "127.0.0.0/8" "192.168.0.0/24" "192.168.2.0/24" ]; + mydestination = [ "localhost.$mydomain" "localhost" ]; + recipient_delimiter = "+"; + virtual_mailbox_domains = [ "mail-kopatz.duckdns.org" ]; + virtual_mailbox_base = "/data/vmail"; + virtual_mailbox_maps = "hash:/etc/postfix/virtual-map"; + virtual_uid_maps = "static:${toString config.users.users.vmail.uid}"; + virtual_gid_maps = "static:${toString config.users.groups.vmail.gid}"; + virtual_transport = "virtual"; + local_transport = "virtual"; + local_recipient_maps = "$virtual_mailbox_maps"; + }; + virtual = '' + root@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + mailer-daemon@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + postmaster@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + nobody@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + hostmaster@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + usenet@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + news@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + webmaster@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + www@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + ftp@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + abuse@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org + ''; + mapFiles = { + "virtual-map" = pkgs.writeText "postfix-virtual" '' + kopatz@mail-kopatz.duckdns.org mail-kopatz.duckdns.org/kopatz/ + test@mail-kopatz.duckdns.org mail-kopatz.duckdns.org/test/ + ''; + }; + }; + services.dovecot2 = { + enable = true; + enableImap = true; + enablePAM = false; + configFile = pkgs.writeText "dovecot.conf" '' + default_internal_user = ${config.services.dovecot2.user} + default_internal_group = ${config.services.dovecot2.group} + passdb { + driver = passwd-file + args = scheme=CRYPT username_format=%u /etc/dovecot-users + } + + userdb { + driver = passwd-file + args = username_format=%u /etc/dovecot-users + default_fields = uid=vmail gid=vmail home=/home/vmail/%u + } + mail_location = maildir:/data/vmail/mail-kopatz.duckdns.org/%n + + ssl = no + disable_plaintext_auth = no + auth_mechanisms = plain + ''; + }; + environment.etc."dovecot-users".text = tmp_dovecot_passwords; + + # 8888 = scheibenmeister skip button + # 25 = stmp -> postfix + # 143 = imap -> dovecot + networking.firewall.allowedTCPPorts = [ 25565 25566 8888 25 143 ]; + networking.hostName = "server-vm"; # Define your hostname. + #services.murmur = { # enable = true; # openFirewall = true; @@ -130,9 +219,6 @@ options = [ "defaults" "nofail" "noatime" ]; }; - # 8888 = scheibenmeister skip button - networking.firewall.allowedTCPPorts = [ 25565 25566 8888 ]; - networking.hostName = "server-vm"; # Define your hostname. # Configure console keymap console.keyMap = "us";