StuRa/stura-infra
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use 'real' nixos mailserver repo

Browse source
This commit is contained in:
Bereich Administration Rechentechnik 2025-01-29 10:15:34 +01:00
parent 06a9702782
commit 02ba4fa6ad
3 changed files with 86 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

32
authentik.nix Normal file
View file

@ -0,0 +1,32 @@
{ config, lib, pkgs, ... }:{
users.groups.authentik = { };
users.users.authentik = {
isSystemUser = true;
extraGroups = [ "docker" ];
group = "authentik";
};
services.authentik = {
enable = true;
# The environmentFile needs to be on the target host!
# Best use something like sops-nix or agenix to manage it
environmentFile = "/var/lib/authentik_secret";
settings = {
email = {
host = "mail.stura.htw-dresden.de";
port = 25;
username = "authentik@stura.htw-dresden.de";
use_tls = false;
use_ssl = false;
from = "authentik@stura.htw-dresden.de";
};
disable_startup_analytics = true;
avatars = "initials";
};
nginx = {
enable = true;
enableACME = true;
host = "auth.htw.stura-dresden.de";
};
};
}

124
flake.lock generated
View file

@ -12,11 +12,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1736445563, "lastModified": 1737810234,
"narHash": "sha256-+f1MWPtja+LRlTHJP/i/3yxmnzo2LGtZmxtJJTdAp8o=", "narHash": "sha256-zTS99/ZE8khNnIWFEsF21E6seR9IizGYkY19t6iK7z4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "authentik-nix", "repo": "authentik-nix",
"rev": "bf5a5bf42189ff5f468f0ff26c9296233a97eb6c", "rev": "1fa3cbed36fb03d2f6ceab981d083af98b5c7d0f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -61,11 +61,11 @@
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1733328505,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -95,11 +95,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1727826117, "lastModified": 1736143030,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -116,11 +116,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1726560853, "lastModified": 1731533236,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -134,20 +134,20 @@
"blobs": "blobs", "blobs": "blobs",
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"utils": "utils" "nixpkgs-24_11": "nixpkgs-24_11"
}, },
"locked": { "locked": {
"lastModified": 1712828206, "lastModified": 1737201600,
"narHash": "sha256-9b+73fDYFVMph6q0jYONHyq45OCc77/6rri+EPbyFoQ=", "narHash": "sha256-JBh5+g8oQteQdQqbO07dGHBRQo/NGI61JPlTjdfQ1pk=",
"owner": "GoldsteinE", "owner": "simple-nixos-mailserver",
"repo": "simple-nixos-mailserver", "repo": "nixos-mailserver",
"rev": "a9f6b3097f6121d7bcb4170043fc5e641f8a35f9", "rev": "ade37b2765032f83d2d4bd50b6204a40a4c05eb4",
"type": "github" "type": "gitlab"
}, },
"original": { "original": {
"owner": "GoldsteinE", "owner": "simple-nixos-mailserver",
"repo": "simple-nixos-mailserver", "repo": "nixos-mailserver",
"type": "github" "type": "gitlab"
} }
}, },
"napalm": { "napalm": {
@ -200,11 +200,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1735834308, "lastModified": 1737632463,
"narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=", "narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6df24922a1400241dae323af55f30e4318a6ca65", "rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -214,25 +214,40 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-24_11": {
"locked": {
"lastModified": 1734083684,
"narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.11",
"type": "indirect"
}
},
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1727825735, "lastModified": 1735774519,
"narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=", "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
"type": "tarball", "type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1709703039, "lastModified": 1732014248,
"narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -243,11 +258,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1737469691, "lastModified": 1737885589,
"narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=", "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab", "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -275,11 +290,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1735164664, "lastModified": 1736884309,
"narHash": "sha256-DaWy+vo3c4TQ93tfLjUgcpPaSoDw4qV4t76Y3Mhu84I=", "narHash": "sha256-eiCqmKl0BIRiYk5/ZhZozwn4/7Km9CWTbc15Cv+VX5k=",
"owner": "nix-community", "owner": "nix-community",
"repo": "poetry2nix", "repo": "poetry2nix",
"rev": "1fb01e90771f762655be7e0e805516cd7fa4d58e", "rev": "75d0515332b7ca269f6d7abfd2c44c47a7cbca7b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -310,21 +325,6 @@
"type": "github" "type": "github"
} }
}, },
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -346,24 +346,6 @@
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

2
flake.nix
View file

@ -14,7 +14,7 @@
authentik = { authentik = {
url = "github:nix-community/authentik-nix"; url = "github:nix-community/authentik-nix";
}; };
mailserver.url = "github:GoldsteinE/simple-nixos-mailserver"; mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
}; };
outputs = { self, nixpkgs, authentik, mailserver }: { outputs = { self, nixpkgs, authentik, mailserver }: {