summaryrefslogtreecommitdiff
path: root/ymir.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2020-01-06 15:08:32 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2020-01-06 15:08:32 +0100
commit5685ae98e376ee903f7ef2f577e44617a830a6c4 (patch)
treedc65798435f339f37647ecfdb92f6897dd9abe19 /ymir.nix
parent9485d5e5c58e88850021bde171282b052171416f (diff)
downloadnixos-5685ae98e376ee903f7ef2f577e44617a830a6c4.tar
nixos-5685ae98e376ee903f7ef2f577e44617a830a6c4.tar.gz
nixos-5685ae98e376ee903f7ef2f577e44617a830a6c4.tar.bz2
nixos-5685ae98e376ee903f7ef2f577e44617a830a6c4.tar.xz
nixos-5685ae98e376ee903f7ef2f577e44617a830a6c4.zip
acme...
Diffstat (limited to 'ymir.nix')
-rw-r--r--ymir.nix20
1 files changed, 10 insertions, 10 deletions
diff --git a/ymir.nix b/ymir.nix
index 88d95fba..d926b547 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -11,8 +11,8 @@ let
11 enabled = true; 11 enabled = true;
12 domain = name; 12 domain = name;
13 ssl = { 13 ssl = {
14 key = "${config.security.acme.directory}/yggdrasil.li/key.pem"; 14 key = "/var/lib/acme/yggdrasil.li/key.pem";
15 cert = "${config.security.acme.directory}/yggdrasil.li/fullchain.pem"; 15 cert = "/var/lib/acme/yggdrasil.li/fullchain.pem";
16 extraOptions = { 16 extraOptions = {
17 dhparam = config.security.dhparams.params.prosody.path; 17 dhparam = config.security.dhparams.params.prosody.path;
18 }; 18 };
@@ -495,8 +495,8 @@ in rec {
495 /^localhost$/ ACCEPT 495 /^localhost$/ ACCEPT
496 /\.?ymir$/ ACCEPT 496 /\.?ymir$/ ACCEPT
497 ''}'']; 497 ''}''];
498 sslCert = "${config.security.acme.directory}/yggdrasil.li/fullchain.pem"; 498 sslCert = "/var/lib/acme/yggdrasil.li/fullchain.pem";
499 sslKey = "${config.security.acme.directory}/yggdrasil.li/key.pem"; 499 sslKey = "/var/lib/acme/yggdrasil.li/key.pem";
500 config = { 500 config = {
501 #the dh params 501 #the dh params
502 smtpd_tls_dh1024_param_file = config.security.dhparams.params."postfix-1024".path; 502 smtpd_tls_dh1024_param_file = config.security.dhparams.params."postfix-1024".path;
@@ -702,8 +702,8 @@ in rec {
702 enableLmtp = true; 702 enableLmtp = true;
703 enablePop3 = false; 703 enablePop3 = false;
704 enablePAM = false; # do that manualy 704 enablePAM = false; # do that manualy
705 sslServerCert = "${config.security.acme.directory}/yggdrasil.li/fullchain.pem"; 705 sslServerCert = "/var/lib/acme/yggdrasil.li/fullchain.pem";
706 sslServerKey = "${config.security.acme.directory}/yggdrasil.li/key.pem"; 706 sslServerKey = "/var/lib/acme/yggdrasil.li/key.pem";
707 mailLocation = "maildir:~/mail:LAYOUT=index:UTF-8"; 707 mailLocation = "maildir:~/mail:LAYOUT=index:UTF-8";
708 modules = with pkgs; [ dovecot_pigeonhole ]; 708 modules = with pkgs; [ dovecot_pigeonhole ];
709 protocols = [ "sieve" ]; 709 protocols = [ "sieve" ];
@@ -955,8 +955,8 @@ in rec {
955 955
956 services.infinoted = { 956 services.infinoted = {
957 enable = true; 957 enable = true;
958 keyFile = "${config.security.acme.directory}/yggdrasil.li/key.pem"; 958 keyFile = "/var/lib/acme/yggdrasil.li/key.pem";
959 certificateFile = "${config.security.acme.directory}/yggdrasil.li/fullchain.pem"; 959 certificateFile = "/var/lib/acme/yggdrasil.li/fullchain.pem";
960 plugins = [ "note-text" "note-chat" "logging" "autosave" "certificate-auth" "directory-sync" ]; 960 plugins = [ "note-text" "note-chat" "logging" "autosave" "certificate-auth" "directory-sync" ];
961 extraConfig = '' 961 extraConfig = ''
962 [certificate-auth] 962 [certificate-auth]
@@ -1027,8 +1027,8 @@ in rec {
1027 localUsers = true; 1027 localUsers = true;
1028 writeEnable = true; 1028 writeEnable = true;
1029 chrootlocalUser = true; 1029 chrootlocalUser = true;
1030 rsaKeyFile = "${config.security.acme.directory}/yggdrasil.li/key.pem"; 1030 rsaKeyFile = "/var/lib/acme/yggdrasil.li/key.pem";
1031 rsaCertFile = "${config.security.acme.directory}/yggdrasil.li/fullchain.pem"; 1031 rsaCertFile = "/var/lib/acme/yggdrasil.li/fullchain.pem";
1032 extraConfig = '' 1032 extraConfig = ''
1033 local_umask=022 1033 local_umask=022
1034 1034
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 06:13:08 +0000