2 files changed, 49 insertions, 6 deletions

diff --git a/deployment/systems/aisaka.scm b/deployment/systems/aisaka.scm
index 2f91765..76c048c 100644
--- a/deployment/systems/aisaka.scm
+++ b/deployment/systems/aisaka.scm
@@ -10,6 +10,7 @@
   #:use-module ((gnu services)                #:prefix gnu:services:)
   #:use-module ((gnu services base)           #:prefix gnu:services:base:)
   #:use-module ((gnu services dns)            #:prefix gnu:services:dns:)
+  #:use-module ((gnu services networking)     #:prefix gnu:services:networking:)
   #:use-module ((gnu services version-control) #:prefix gnu:services:version-control:)
   #:use-module ((gnu services web)            #:prefix gnu:services:web:)
   #:use-module ((gnu system)                  #:prefix gnu:system:)
@@ -33,7 +34,7 @@
                  ip-otvarta
                  " -all\""))
 
-(define ttl "60")
+(define ttl "3600")
 
 (gnu:services:dns:define-zone-entries marekpasnikowski.pl-entries
   ("@"               ttl "IN" "A"   ip-multimedia)
@@ -41,6 +42,8 @@
   ("@"               ttl "IN" "NS"  "ns.marekpasnikowski.pl.")
   ("ns1"             ttl "IN" "A"   ip-multimedia)
   ("@"               ttl "IN" "NS"  "ns1.marekpasnikowski.pl.")
+  ("mx"              ttl "IN" "A"   ip-otvarta)
+  ("@"               ttl "IN" "MX"  "9 mx.marekpasnikowski.pl.")
   ("@"               ttl "IN" "MX"  "10 mx1.forwardemail.net.")
   ("@"               ttl "IN" "MX"  "10 mx2.forwardemail.net.")
   ("@"               ttl "IN" "TXT" "\"forward-email-port=49152\"")
@@ -63,7 +66,7 @@
     (origin  "marekpasnikowski.pl")
     (ns      "ns.marekpasnikowski.pl.")
     (mail    "marek.marekpasnikowski.pl.")
-    (serial  2025122101)))
+    (serial  2026010900)))
 
 (define master-zone
   (gnu:services:dns:knot-zone-configuration
@@ -405,12 +408,51 @@
     (storage ((@ (gnu services mail) radicale-storage-configuration)
               (filesystem-folder "/data/radicale/collections"))))))
 
+(define enp1s0-address-4
+  (gnu:services:base:network-address
+    (device "enp1s0")
+    (value  "192.168.10.2/24")
+    (ipv6?  #f)))
+
+(define enp2s0-address-4
+  (gnu:services:base:network-address
+    (device "enp2s0")
+    (value  "192.168.1.2/24")
+    (ipv6?  #f)))
+
+(define enp1s0-route-4-default
+  (gnu:services:base:network-route
+    (destination "default")
+    (device      "enp1s0")
+    (ipv6?       #f)
+    (gateway     "192.168.10.1")))
+
+(define first-network
+  (gnu:services:base:static-networking
+    (addresses    (list enp1s0-address-4
+                        enp2s0-address-4))
+    (routes       (list enp1s0-route-4-default))
+    (name-servers (list "192.168.10.1"
+                        "192.168.1.1"))))
+
+(define static-networking-configuration
+  (list first-network))
+
+(define static-networking
+  (gnu:services:service
+    gnu:services:networking:static-networking-service-type
+    static-networking-configuration))
+
 (define swap-device-izumi-1-label
   ((@ (gnu system file-systems) file-system-label)
    "izumi-swap-f"))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
+(define %sovereign-services*
+  (gnu:services:modify-services sovereign:systems:%sovereign-services
+                                (delete gnu:services:networking:network-manager-service-type)))
+
 (define system-bootloader
   (gnu:bootloader:bootloader-configuration
    (bootloader gnu:bootloader:grub:grub-efi-bootloader)
@@ -443,7 +485,8 @@
               (nginx-izumi)
               offload-rakan
               (openssh)
-              (radicale)))
+              (radicale)
+              static-networking))
 
 (define system-users
         (list users:id1000:uid1000-account
@@ -474,7 +517,7 @@
     (locale             sovereign:systems:pl-locale)
     (locale-definitions sovereign:systems:%sovereign-locale-definitions)
     (services           (append system-services
-                                sovereign:systems:%sovereign-services))
+                                %sovereign-services*))
     (sudoers-file       sovereign:systems:%sovereign-sudoers-specification)))
 
 (define-public operating-system*
diff --git a/users/id1000.scm b/users/id1000.scm
index fa12195..06ca5f2 100644
--- a/users/id1000.scm
+++ b/users/id1000.scm
@@ -408,7 +408,7 @@
    "# instead of /etc/passwd\n"
    "table passwd file:" smtpd-keys "\n"
    "\n"
-   "table other-relays file:" relays-file "\n"
+   "# table other-relays file:" relays-file "\n"
    "table blacklist file:" blacklist-file "\n"
    "\n"
    "# A simple spam filter\n"
@@ -445,7 +445,7 @@
    "# We define some actions\n"
    "action receive lmtp \"/var/run/dovecot/lmtp\" rcpt-to virtual <aliases>\n"
    "action godkim relay host smtp://localhost:10027\n"
-   "action outbound relay helo \"" domain "\"\n"
+   "action outbound relay src \"192.168.1.2\" helo \"" "user119-109.otvarta.pl" "\"\n"
    "\n"
    "# We accept to relay any mail from authenticated users\n"
    "match for any from any auth action godkim\n"