...

author: Gregor Kleen <gkleen@yggdrasil.li> 2025-06-07 13:00:03 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2025-06-07 13:00:03 +0200
commit: aaf33e220b1412c03b5725abe7cf165c06588fb5 (patch)
tree: 0ed01a589a2a4ad7fef2bca5877f9c1879e9eeb6 /hosts/sif/mail
parent: 09bc3823ae6cefcc8c22c16a25ff7211377c0410 (diff)
download: nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar
nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar.gz
nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar.bz2
nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar.xz
nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.zip
2 files changed, 0 insertions, 100 deletions
diff --git a/hosts/sif/mail/default.nix b/hosts/sif/mail/default.nix
deleted file mode 100644
index 8d6cd705..00000000
--- a/hosts/sif/mail/default.nix
+++ /dev/null
@@ -1,70 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-  services.postfix = {
-    enable = true;
-    enableSmtp = true;
-    enableSubmission = false;
-    setSendmail = true;
-    networksStyle = "host";
-    hostname = "sif.midgard.yggdrasil";
-    destination = [];
-    relayHost = "uucp:ymir";
-    recipientDelimiter = "+";
-    masterConfig = {
-      uucp = {
-        type = "unix";
-        private = true;
-        privileged = true;
-        chroot = false;
-        command = "pipe";
-        args = [ "flags=Fqhu" "user=uucp" ''argv=${config.security.wrapperDir}/uux -z -a $sender - $nexthop!rmail ($recipient)'' ];
-      };
-      smtps = {
-        type = "unix";
-        private = true;
-        privileged = true;
-        chroot = false;
-        command = "smtp";
-        args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ];
-      };
-    };
-    config = {
-      default_transport = "uucp:ymir";
-      inet_interfaces = "loopback-only";
-      authorized_submit_users = ["!uucp" "static:anyone"];
-      message_size_limit = "0";
-      sender_dependent_default_transport_maps = ''regexp:${pkgs.writeText "sender_relay" ''
-        /@(cip|stud)\.ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de
-        /@ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtpin1.ifi.lmu.de:587
-        /@math(ematik)?\.(lmu|uni-muenchen)\.de$/ smtps:smtp.math.lmu.de:465
-        /@(campus\.)?lmu\.de$/ smtp:postout.lrz.de
-      ''}'';
-      sender_bcc_maps = ''regexp:${pkgs.writeText "sender_bcc" ''
-        /^uni2work(-[^@]*)?@ifi\.lmu\.de$/ uni2work@ifi.lmu.de
-        /@ifi\.lmu\.de$/ gregor.kleen@ifi.lmu.de
-      ''}'';
-      smtp_sasl_auth_enable = true;
-      smtp_sender_dependent_authentication = true;
-      smtp_sasl_tls_security_options = "noanonymous";
-      smtp_sasl_mechanism_filter = ["plain"];
-      smtp_sasl_password_maps = "regexp:/var/db/postfix/sasl_passwd";
-      smtp_cname_overrides_servername = false;
-      smtp_always_send_ehlo = true;
-      smtp_tls_security_level = "dane";
-      smtp_tls_loglevel = "1";
-      smtp_dns_support_level = "dnssec";
-    };
-  };
-  sops.secrets.postfix-sasl-passwd = {
-    key = "sasl-passwd";
-    path = "/var/db/postfix/sasl_passwd";
-    owner = "postfix";
-    sopsFile = ./secrets.yaml;
-  };
-}
diff --git a/hosts/sif/mail/secrets.yaml b/hosts/sif/mail/secrets.yaml
deleted file mode 100644
index 3c74b710..00000000
--- a/hosts/sif/mail/secrets.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-sasl-passwd: ENC[AES256_GCM,data:L5QOQTEOplm9rQ+PuyDUl492ZTgIgZdRXNCNRaPQ4FLU+ha0GO7rjYWAOtvW7/oVdALrkQveSpBolnLG0nayvkjLpPuA6o9brR6bky52QmhOd8cYN9LMOhJcLJTwpUuvDesXkJD1mWA+ifuPnK6elVEfPuOndzMyw8MEvbPl53yCKQ7HOJc2nGvneD5QFkiHB9W9MmrR1gjGqaCSjZ0ahCnxe/Z2SwqccmBR9l60vt683RXMYbKNLDuSgE7HcXbzF9NstfnoSq7b332y/NgYsXvY0w+f6yPhsDuPhUXU+7gIcPb4+1TFOtdZP8uIPm1aLqG2nNKNhMGt23X8dD5Myy0FF6XmbTj43mDzKJahNel7pT91d+Vac5s08UeyUpQSjtrVMYneVTYbHEwiFPAD7S57LF0kZuE1aXIRF35g6XV3GB4rQDsrBsrZzn9vsGS12L2pdtYFVCvt/dLFlmd/GjPpm4JWyNSg,iv:fUEBrr1iby7+hK8ZesW+77HLMW93c6LpCcoJy8pgXUE=,tag:cW8vKVAebnJqo1gNNwDohQ==,type:str]
-sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
-    age:
-        - recipient: age1rmmhetcmllq0ahl5qznlr0eya2zdxwl9h6y5wnl97d2wtyx5t99sm2u866
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1MVYrR1ZrUXVhYVIvdTdS
-            OUxoOGhRZ3p2dFhCYkxta1REYy9FWTFEZVNJCjhpQ0VMcWdkWWQ1blZyVVpGWk81
-            UVBTZzNKSis2ZVVNdFA4TldvL05oMWcKLS0tIEl0TU8xQUhkTk83dDhzYU5aeCtR
-            OVcrdFRaeGxZL2kxT3VzUnBtWEI1Y1UK8LwKTus25P/nQrMJG5MOuR/lD2PCgeLC
-            WYBIbFusX//mwr1nymyWnHXkfXf8uHzpc6rJGFoa+TuOVU3elYB/Pg==
-            -----END AGE ENCRYPTED FILE-----
-        - recipient: age1fj65apkhfkrwyv5tx6zcs9nkjg8267fy733qph30sc7zfn7vapjqkd5kne
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQcUs2OGp6WWN5cm9IVDdx
-            TFRpZTJXQjBXeGp3RytPaFdjR3UyVURnYmhZCnh3SDNYR0J1US9vcEhTbmJCNm5r
-            emJReml2QTNkTC93M0lpYlpNbTc4TGsKLS0tIGZ4YkE4STQ2dmh4akJVcnZOUVhT
-            MTNrOGxqZmFWSnl0U3lVTnllbEFTN28KKv/W6tk2YlNQV8fotfjSLg1HOs6OdMj4
-            GkZ30jQYfwmFYEA8YPn9JXbVNpprXd0d6ufLl/tAQckT6lsqGhwzeg==
-            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2022-02-02T14:45:23Z"
-    mac: ENC[AES256_GCM,data:UdM/VmdfqhYm1aFCHaO0mbJA/oyV/J2oKVVmGDa0Co3MWq9aWMqP726O+rLk36W0HOG4fmue//R1Q524au2hMW9bZUFzrubfQt2V78tZRZeHCJSRmOmi1D1EDdfPz9J3oWDvIEgIIsAk5H5EuuH0j6FILye6tzcomNGDAKZbwuc=,iv:a7dJAqkcroLp01gkGKV5gm6gTIIMa/9P8qJn44ISrw0=,tag:R9/6X6mgfVSLK7bmoWRnfQ==,type:str]
-    pgp: []
-    unencrypted_suffix: _unencrypted
-    version: 3.7.1
author	Gregor Kleen <gkleen@yggdrasil.li>	2025-06-07 13:00:03 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2025-06-07 13:00:03 +0200
commit	aaf33e220b1412c03b5725abe7cf165c06588fb5 (patch)
tree	0ed01a589a2a4ad7fef2bca5877f9c1879e9eeb6 /hosts/sif/mail
parent	09bc3823ae6cefcc8c22c16a25ff7211377c0410 (diff)
download	nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar.gz nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar.bz2 nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.tar.xz nixos-aaf33e220b1412c03b5725abe7cf165c06588fb5.zip

diff --git a/hosts/sif/mail/default.nix b/hosts/sif/mail/default.nix deleted file mode 100644 index 8d6cd705..00000000 --- a/hosts/sif/mail/default.nix +++ /dev/null
@@ -1,70 +0,0 @@
1	{ config, lib, pkgs, ... }:
2	{
3	services.postfix = {
4	enable = true;
5	enableSmtp = true;
6	enableSubmission = false;
7	setSendmail = true;
8	networksStyle = "host";
9	hostname = "sif.midgard.yggdrasil";
10	destination = [];
11	relayHost = "uucp:ymir";
12	recipientDelimiter = "+";
13	masterConfig = {
14	uucp = {
15	type = "unix";
16	private = true;
17	privileged = true;
18	chroot = false;
19	command = "pipe";
20	args = [ "flags=Fqhu" "user=uucp" ''argv=${config.security.wrapperDir}/uux -z -a $sender - $nexthop!rmail ($recipient)'' ];
21	};
22	smtps = {
23	type = "unix";
24	private = true;
25	privileged = true;
26	chroot = false;
27	command = "smtp";
28	args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ];
29	};
30	};
31	config = {
32	default_transport = "uucp:ymir";
33
34	inet_interfaces = "loopback-only";
35
36	authorized_submit_users = ["!uucp" "static:anyone"];
37	message_size_limit = "0";
38
39	sender_dependent_default_transport_maps = ''regexp:${pkgs.writeText "sender_relay" ''
40	/@(cip\|stud)\.ifi\.(lmu\|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de
41	/@ifi\.(lmu\|uni-muenchen)\.de$/ smtp:smtpin1.ifi.lmu.de:587
42	/@math(ematik)?\.(lmu\|uni-muenchen)\.de$/ smtps:smtp.math.lmu.de:465
43	/@(campus\.)?lmu\.de$/ smtp:postout.lrz.de
44	''}'';
45	sender_bcc_maps = ''regexp:${pkgs.writeText "sender_bcc" ''
46	/^uni2work(-[^@]*)?@ifi\.lmu\.de$/ uni2work@ifi.lmu.de
47	/@ifi\.lmu\.de$/ gregor.kleen@ifi.lmu.de
48	''}'';
49
50	smtp_sasl_auth_enable = true;
51	smtp_sender_dependent_authentication = true;
52	smtp_sasl_tls_security_options = "noanonymous";
53	smtp_sasl_mechanism_filter = ["plain"];
54	smtp_sasl_password_maps = "regexp:/var/db/postfix/sasl_passwd";
55	smtp_cname_overrides_servername = false;
56	smtp_always_send_ehlo = true;
57	smtp_tls_security_level = "dane";
58
59	smtp_tls_loglevel = "1";
60	smtp_dns_support_level = "dnssec";
61	};
62	};
63
64	sops.secrets.postfix-sasl-passwd = {
65	key = "sasl-passwd";
66	path = "/var/db/postfix/sasl_passwd";
67	owner = "postfix";
68	sopsFile = ./secrets.yaml;
69	};
70	}


diff --git a/hosts/sif/mail/secrets.yaml b/hosts/sif/mail/secrets.yaml deleted file mode 100644 index 3c74b710..00000000 --- a/hosts/sif/mail/secrets.yaml +++ /dev/null
@@ -1,30 +0,0 @@
1	sasl-passwd: ENC[AES256_GCM,data:L5QOQTEOplm9rQ+PuyDUl492ZTgIgZdRXNCNRaPQ4FLU+ha0GO7rjYWAOtvW7/oVdALrkQveSpBolnLG0nayvkjLpPuA6o9brR6bky52QmhOd8cYN9LMOhJcLJTwpUuvDesXkJD1mWA+ifuPnK6elVEfPuOndzMyw8MEvbPl53yCKQ7HOJc2nGvneD5QFkiHB9W9MmrR1gjGqaCSjZ0ahCnxe/Z2SwqccmBR9l60vt683RXMYbKNLDuSgE7HcXbzF9NstfnoSq7b332y/NgYsXvY0w+f6yPhsDuPhUXU+7gIcPb4+1TFOtdZP8uIPm1aLqG2nNKNhMGt23X8dD5Myy0FF6XmbTj43mDzKJahNel7pT91d+Vac5s08UeyUpQSjtrVMYneVTYbHEwiFPAD7S57LF0kZuE1aXIRF35g6XV3GB4rQDsrBsrZzn9vsGS12L2pdtYFVCvt/dLFlmd/GjPpm4JWyNSg,iv:fUEBrr1iby7+hK8ZesW+77HLMW93c6LpCcoJy8pgXUE=,tag:cW8vKVAebnJqo1gNNwDohQ==,type:str]
2	sops:
3	kms: []
4	gcp_kms: []
5	azure_kv: []
6	hc_vault: []
7	age:
8	- recipient: age1rmmhetcmllq0ahl5qznlr0eya2zdxwl9h6y5wnl97d2wtyx5t99sm2u866
9	enc: \|
10	-----BEGIN AGE ENCRYPTED FILE-----
11	YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1MVYrR1ZrUXVhYVIvdTdS
12	OUxoOGhRZ3p2dFhCYkxta1REYy9FWTFEZVNJCjhpQ0VMcWdkWWQ1blZyVVpGWk81
13	UVBTZzNKSis2ZVVNdFA4TldvL05oMWcKLS0tIEl0TU8xQUhkTk83dDhzYU5aeCtR
14	OVcrdFRaeGxZL2kxT3VzUnBtWEI1Y1UK8LwKTus25P/nQrMJG5MOuR/lD2PCgeLC
15	WYBIbFusX//mwr1nymyWnHXkfXf8uHzpc6rJGFoa+TuOVU3elYB/Pg==
16	-----END AGE ENCRYPTED FILE-----
17	- recipient: age1fj65apkhfkrwyv5tx6zcs9nkjg8267fy733qph30sc7zfn7vapjqkd5kne
18	enc: \|
19	-----BEGIN AGE ENCRYPTED FILE-----
20	YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQcUs2OGp6WWN5cm9IVDdx
21	TFRpZTJXQjBXeGp3RytPaFdjR3UyVURnYmhZCnh3SDNYR0J1US9vcEhTbmJCNm5r
22	emJReml2QTNkTC93M0lpYlpNbTc4TGsKLS0tIGZ4YkE4STQ2dmh4akJVcnZOUVhT
23	MTNrOGxqZmFWSnl0U3lVTnllbEFTN28KKv/W6tk2YlNQV8fotfjSLg1HOs6OdMj4
24	GkZ30jQYfwmFYEA8YPn9JXbVNpprXd0d6ufLl/tAQckT6lsqGhwzeg==
25	-----END AGE ENCRYPTED FILE-----
26	lastmodified: "2022-02-02T14:45:23Z"
27	mac: ENC[AES256_GCM,data:UdM/VmdfqhYm1aFCHaO0mbJA/oyV/J2oKVVmGDa0Co3MWq9aWMqP726O+rLk36W0HOG4fmue//R1Q524au2hMW9bZUFzrubfQt2V78tZRZeHCJSRmOmi1D1EDdfPz9J3oWDvIEgIIsAk5H5EuuH0j6FILye6tzcomNGDAKZbwuc=,iv:a7dJAqkcroLp01gkGKV5gm6gTIIMa/9P8qJn44ISrw0=,tag:R9/6X6mgfVSLK7bmoWRnfQ==,type:str]
28	pgp: []
29	unencrypted_suffix: _unencrypted
30	version: 3.7.1