diff options
| author | Marek Paśnikowski <marek@marekpasnikowski.pl> | 2024-08-28 17:21:20 +0200 |
|---|---|---|
| committer | Marek Paśnikowski <marek@marekpasnikowski.pl> | 2024-09-11 11:50:29 +0200 |
| commit | 22a1808a77b91537d05dcd7cd43657a32acf546f (patch) | |
| tree | d4c4224008adc486d3f2804d452ec2282664e7d4 /systems/izumi | |
| parent | cfd138216dc17093bb3744595b0d79b6f6bba765 (diff) | |
refactor(id1000): implement dovecot in user module
Diffstat (limited to 'systems/izumi')
| -rw-r--r-- | systems/izumi/izumi.org | 128 | ||||
| -rw-r--r-- | systems/izumi/system-configuration.scm | 128 |
2 files changed, 42 insertions, 214 deletions
diff --git a/systems/izumi/izumi.org b/systems/izumi/izumi.org index 779e899..5048634 100644 --- a/systems/izumi/izumi.org +++ b/systems/izumi/izumi.org @@ -390,92 +390,6 @@ ( method "mofws" ) ( type 'domainkeys ) ) ) ) ) ) ) ) ) - ( define ( wip-imap-service domain ) - ( service dovecot-service-type - ( dovecot-configuration - ( disable-plaintext-auth? #t ) - ( mail-location "maildir:~/Maildir" ) - ( namespaces - ( list - ( namespace-configuration - ( name "inbox" ) - ( inbox? #t ) - ( mailboxes - ( list - ( mailbox-configuration - ( name "Archive" ) - ( auto "subscribe" ) - ( special-use ( list "\\Archive" ) ) ) - ( mailbox-configuration - ( name "Drafts" ) - ( auto "subscribe" ) - ( special-use ( list "\\Drafts" ) ) ) - ( mailbox-configuration - ( name "Junk" ) - ( auto "subscribe" ) - ( special-use ( list "\\Junk" ) ) ) - ( mailbox-configuration - ( name "Sent" ) - ( auto "subscribe" ) - ( special-use ( list "\\Sent" ) ) ) - ( mailbox-configuration - ( name "Trash" ) - ( auto "subscribe" ) - ( special-use ( list "\\Trash" ) ) ) ) ) ) ) ) - ( passdbs - ( list - ( passdb-configuration - ( args ( list "username_format=%n" "/secrets/dovecot" ) ) - ( driver "passwd-file" ) ) ) ) - ( protocols - ( list - ( protocol-configuration ( name "imap" ) ) - ( protocol-configuration ( name "lmtp" ) ) ) ) - ( services - ( list - ( service-configuration - ( kind "lmtp" ) - ( listeners - ( list - ( inet-listener-configuration - ( address "192.168.10.2 127.0.0.1" ) - ( port 24 ) - ( protocol "lmtp" ) ) - ( unix-listener-configuration - ( group "vmail" ) - ( mode "0666" ) - ( path "lmtp" ) - ( user "vmail" ) ) ) ) ) - ( service-configuration - ( kind "imap-login" ) - ( listeners - ( list - ( inet-listener-configuration - ( address "192.168.10.2" ) - ( port 993 ) - ( protocol "imaps" ) - ;; How does the boolean type map to - ;; the three configuration options? - ;; ( ssl? "required" ) - ) ) ) ) ) ) - ( ssl? "required" ) - ( ssl-cert - ( string-append - "</etc/letsencrypt/live/" - domain - "/fullchain.pem" ) ) - ( ssl-key - ( string-append - "</etc/letsencrypt/live/" - domain - "/privkey.pem" ) ) - ( ssl-min-protocol "TLSv1.2" ) - ( userdbs - ( list - ( userdb-configuration - ( args ( list "gid=vmail" "home=/home/vmail/%n" "uid=vmail" ) ) - ( driver "static" ) ) ) ) ) ) ) - ( define ( wip-smtp-service interface domain ) ( service opensmtpd-service-type ( opensmtpd-configuration @@ -484,7 +398,6 @@ ( define* ( wip-mail-services #:key interface domain ) ( list ( wip-dkim-service domain ) - ( wip-imap-service domain ) ( wip-smtp-service interface domain ) ) ) ( operating-system @@ -569,7 +482,8 @@ #:interface "enp1s0" #:domain "marekpasnikowski.pl" ) ( list - (service (service-type (inherit certbot-service-type) + (@ (users id1000) dovecot-service) + (service (service-type (inherit certbot-service-type) (extensions (map (lambda (extension) (if (eq? (service-extension-target extension) nginx-service-type) @@ -578,24 +492,24 @@ certbot-nginx-server-configurations)) extension)) (service-type-extensions certbot-service-type)))) - ( certbot-configuration - ( certificates - ( list - ( certificate-configuration - ( deploy-hook - ( program-file - "nginx-deploy-hook" - #~ - ( let - ( ( pid ( call-with-input-file "/var/run/nginx/pid" read ) ) ) - ( kill pid SIGHUP ) ) ) ) - ( domains - ( list - "marekpasnikowski.pl" - "git.marekpasnikowski.pl" - "radicale.marekpasnikowski.pl" ) ) ) ) ) - ( email "marek@marekpasnikowski.pl" ) - ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) + ( certbot-configuration + ( certificates + ( list + ( certificate-configuration + ( deploy-hook + ( program-file + "nginx-deploy-hook" + #~ + ( let + ( ( pid ( call-with-input-file "/var/run/nginx/pid" read ) ) ) + ( kill pid SIGHUP ) ) ) ) + ( domains + ( list + "marekpasnikowski.pl" + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl" ) ) ) ) ) + ( email "marek@marekpasnikowski.pl" ) + ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) (service (service-type (inherit cgit-service-type) (extensions (map (lambda (extension) (if (eq? (service-extension-target extension) @@ -647,7 +561,7 @@ ( gitolite-configuration ( rc-file ( gitolite-rc-file ( umask #o0027 ) ) ) ( admin-pubkey ( plain-file "gitolite-admin.pub" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) ( service gnome-desktop-service-type ) ( service syncthing-service-type ( syncthing-configuration ( user "marek" ) ) ) (service nginx-service-type* diff --git a/systems/izumi/system-configuration.scm b/systems/izumi/system-configuration.scm index a031235..8388bf4 100644 --- a/systems/izumi/system-configuration.scm +++ b/systems/izumi/system-configuration.scm @@ -380,92 +380,6 @@ ( method "mofws" ) ( type 'domainkeys ) ) ) ) ) ) ) ) ) -( define ( wip-imap-service domain ) - ( service dovecot-service-type - ( dovecot-configuration - ( disable-plaintext-auth? #t ) - ( mail-location "maildir:~/Maildir" ) - ( namespaces - ( list - ( namespace-configuration - ( name "inbox" ) - ( inbox? #t ) - ( mailboxes - ( list - ( mailbox-configuration - ( name "Archive" ) - ( auto "subscribe" ) - ( special-use ( list "\\Archive" ) ) ) - ( mailbox-configuration - ( name "Drafts" ) - ( auto "subscribe" ) - ( special-use ( list "\\Drafts" ) ) ) - ( mailbox-configuration - ( name "Junk" ) - ( auto "subscribe" ) - ( special-use ( list "\\Junk" ) ) ) - ( mailbox-configuration - ( name "Sent" ) - ( auto "subscribe" ) - ( special-use ( list "\\Sent" ) ) ) - ( mailbox-configuration - ( name "Trash" ) - ( auto "subscribe" ) - ( special-use ( list "\\Trash" ) ) ) ) ) ) ) ) - ( passdbs - ( list - ( passdb-configuration - ( args ( list "username_format=%n" "/secrets/dovecot" ) ) - ( driver "passwd-file" ) ) ) ) - ( protocols - ( list - ( protocol-configuration ( name "imap" ) ) - ( protocol-configuration ( name "lmtp" ) ) ) ) - ( services - ( list - ( service-configuration - ( kind "lmtp" ) - ( listeners - ( list - ( inet-listener-configuration - ( address "192.168.10.2 127.0.0.1" ) - ( port 24 ) - ( protocol "lmtp" ) ) - ( unix-listener-configuration - ( group "vmail" ) - ( mode "0666" ) - ( path "lmtp" ) - ( user "vmail" ) ) ) ) ) - ( service-configuration - ( kind "imap-login" ) - ( listeners - ( list - ( inet-listener-configuration - ( address "192.168.10.2" ) - ( port 993 ) - ( protocol "imaps" ) - ;; How does the boolean type map to - ;; the three configuration options? - ;; ( ssl? "required" ) - ) ) ) ) ) ) - ( ssl? "required" ) - ( ssl-cert - ( string-append - "</etc/letsencrypt/live/" - domain - "/fullchain.pem" ) ) - ( ssl-key - ( string-append - "</etc/letsencrypt/live/" - domain - "/privkey.pem" ) ) - ( ssl-min-protocol "TLSv1.2" ) - ( userdbs - ( list - ( userdb-configuration - ( args ( list "gid=vmail" "home=/home/vmail/%n" "uid=vmail" ) ) - ( driver "static" ) ) ) ) ) ) ) - ( define ( wip-smtp-service interface domain ) ( service opensmtpd-service-type ( opensmtpd-configuration @@ -474,7 +388,6 @@ ( define* ( wip-mail-services #:key interface domain ) ( list ( wip-dkim-service domain ) - ( wip-imap-service domain ) ( wip-smtp-service interface domain ) ) ) ( operating-system @@ -559,7 +472,8 @@ #:interface "enp1s0" #:domain "marekpasnikowski.pl" ) ( list - (service (service-type (inherit certbot-service-type) + (@ (users id1000) dovecot-service) + (service (service-type (inherit certbot-service-type) (extensions (map (lambda (extension) (if (eq? (service-extension-target extension) nginx-service-type) @@ -568,24 +482,24 @@ certbot-nginx-server-configurations)) extension)) (service-type-extensions certbot-service-type)))) - ( certbot-configuration - ( certificates - ( list - ( certificate-configuration - ( deploy-hook - ( program-file - "nginx-deploy-hook" - #~ - ( let - ( ( pid ( call-with-input-file "/var/run/nginx/pid" read ) ) ) - ( kill pid SIGHUP ) ) ) ) - ( domains - ( list - "marekpasnikowski.pl" - "git.marekpasnikowski.pl" - "radicale.marekpasnikowski.pl" ) ) ) ) ) - ( email "marek@marekpasnikowski.pl" ) - ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) + ( certbot-configuration + ( certificates + ( list + ( certificate-configuration + ( deploy-hook + ( program-file + "nginx-deploy-hook" + #~ + ( let + ( ( pid ( call-with-input-file "/var/run/nginx/pid" read ) ) ) + ( kill pid SIGHUP ) ) ) ) + ( domains + ( list + "marekpasnikowski.pl" + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl" ) ) ) ) ) + ( email "marek@marekpasnikowski.pl" ) + ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) (service (service-type (inherit cgit-service-type) (extensions (map (lambda (extension) (if (eq? (service-extension-target extension) @@ -637,7 +551,7 @@ ( gitolite-configuration ( rc-file ( gitolite-rc-file ( umask #o0027 ) ) ) ( admin-pubkey ( plain-file "gitolite-admin.pub" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) ( service gnome-desktop-service-type ) ( service syncthing-service-type ( syncthing-configuration ( user "marek" ) ) ) (service nginx-service-type* |