diff --git a/modules/mailserver.nix b/modules/mailserver.nix index d617250..2e25ef2 100644 --- a/modules/mailserver.nix +++ b/modules/mailserver.nix @@ -6,22 +6,24 @@ let in with lib; { - # services.caddy = { - # virtualHosts = { - # "mail.cochrun.xyz".extraConfig = '' - # tls internal { - # key_type rsa2048 - # } - # respond "Hello DMS" - # '' ; - # }; - # }; +# services.caddy = { +# enable = true; +# virtualHosts = { +# "mail.cochrun.xyz".extraConfig = '' +# reverse_proxy 8898 +# tls internal { +# key_type rsa2048 +# } +# respond "Hello DMS" +# '' ; +# }; +# }; mailserver = { enable = true; fqdn = fqdn; domains = [ dn ]; enableManageSieve = true; - mailDirectory = "/home/chris/mailserver/docker-data/mail-data"; + # mailDirectory = "/home/chris/mailserver/docker-data/mail-data"; mailboxes = { Archive = { auto = "subscribe"; @@ -46,9 +48,9 @@ with lib; }; useFsLayout = true; hierarchySeparator = "/"; - certificateScheme = "acme-nginx"; - # certificateFile = "/var/lib/acme/${fqdn}/fullchain.pem"; - # keyFile = "/var/lib/acme/${fqdn}/key.pem"; + certificateScheme = "manual"; + certificateFile = "/var/lib/acme/${fqdn}/fullchain.pem"; + keyFile = "/var/lib/acme/${fqdn}/key.pem"; loginAccounts = { "chris@cochrun.xyz" = { hashedPasswordFile = "/home/chris/mailp"; @@ -67,9 +69,9 @@ with lib; security.acme = { acceptTerms = true; defaults.email = "chris@cochrun.xyz"; - # certs.${fqdn} = { - # webroot = "/var/lib/acme/acme-challenge/"; - # # dnsProvider = "namecheap"; - # }; + certs.${fqdn} = { + webroot = "/var/lib/acme/acme-challenge/"; + extraDomainNames = [ "cochrun.xyz" ]; + }; }; } diff --git a/systems/dalinar/configuration.nix b/systems/dalinar/configuration.nix index 87bf74d..648dc55 100644 --- a/systems/dalinar/configuration.nix +++ b/systems/dalinar/configuration.nix @@ -280,21 +280,21 @@ reverse_proxy localhost:2283 ''; }; - virtualHosts = { - "piped.cochrun.xyz".extraConfig = '' - reverse_proxy http://127.0.0.1:8085 - ''; - }; - virtualHosts = { - "pipedapi.cochrun.xyz".extraConfig = '' - reverse_proxy http://127.0.0.1:8085 - ''; - }; - virtualHosts = { - "pipedproxy.cochrun.xyz".extraConfig = '' - reverse_proxy http://127.0.0.1:8085 - ''; - }; + # virtualHosts = { + # "piped.cochrun.xyz".extraConfig = '' + # reverse_proxy http://127.0.0.1:8085 + # ''; + # }; + # virtualHosts = { + # "pipedapi.cochrun.xyz".extraConfig = '' + # reverse_proxy http://127.0.0.1:8085 + # ''; + # }; + # virtualHosts = { + # "pipedproxy.cochrun.xyz".extraConfig = '' + # reverse_proxy http://127.0.0.1:8085 + # ''; + # }; virtualHosts = { "inv.cochrun.xyz".extraConfig = '' reverse_proxy http://127.0.0.1:3000 @@ -348,26 +348,26 @@ } ''; }; - virtualHosts = { - "truthmatters.cc".extraConfig = '' - encode gzip - root * /srv/truthmatters - file_server - header { - Access-Control-Allow-Origin * - } - ''; - }; - virtualHosts = { - "new.luctorcrc.org".extraConfig = '' - encode gzip - root * /srv/luctorcrc - file_server - header { - Access-Control-Allow-Origin * - } - ''; - }; + # virtualHosts = { + # "truthmatters.cc".extraConfig = '' + # encode gzip + # root * /srv/truthmatters + # file_server + # header { + # Access-Control-Allow-Origin * + # } + # ''; + # }; + # virtualHosts = { + # "new.luctorcrc.org".extraConfig = '' + # encode gzip + # root * /srv/luctorcrc + # file_server + # header { + # Access-Control-Allow-Origin * + # } + # ''; + # }; virtualHosts = { "nc.cochrun.xyz".extraConfig = '' reverse_proxy localhost:8080