nixos-server/system/mail, branch v0.4.1

nixos-server/system/mail, branch v0.4.1 nixos-config for vhack.eu servers https://vhack.eu http://git.foss-syndicate.org/vhack.eu/nixos-server/atom?h=v0.4.1 2023-07-03T16:21:52+00:00 Refactor(system/services/mail): Move mail to services as it's one 2023-07-03T16:21:52+00:00 Soispha soispha@vhack.eu 2023-07-03T13:10:14+00:00 urn:sha1:32ab086bd17930fe6e43e7c193a0c86038676c58 Fix(system/mail): give certificateScheme string as value 2023-06-06T10:29:02+00:00 sils sils@sils.li 2023-06-06T10:29:02+00:00 urn:sha1:1ed867d135d55aa08cd5602d21e19eee1673ad1a Refactor(system/mail): Hide user emails 2023-05-20T10:30:21+00:00 Soispha soispha@vhack.eu 2023-05-20T10:30:21+00:00 urn:sha1:bb4af299f04604b68e39a907380ed22ef5bd0986 Fix(system/mail): Allow opening ports in the firewall 2023-04-07T20:29:21+00:00 ene ene@sils.li 2023-04-07T20:02:24+00:00 urn:sha1:cb92ffc878fcb417bd66b3b30ef1ff189a5aa44c As the previous configuration only opened some ports, receiving mail was impossible. This allows NSM to open the required ports directly, ensuring that none was missed. SECURITY: As all other options than SSL are still disabled, this change should not introduce unencrypted mail transfer. This has not been tested. Fix(acme): Store certs permanently. 2023-03-20T14:43:05+00:00 sils sils@sils.li 2023-03-20T14:43:05+00:00 urn:sha1:ab3c9aa228ecaf79fae5cc1d2bdcb84f2e12951e Before, new certs were requested at every rebuild. This caused issues due to letsencrypt ratelimiting. Revert "Fix(system/mail): Change placeholder" 2023-03-20T14:36:06+00:00 sils sils@sils.li 2023-03-20T14:36:06+00:00 urn:sha1:2cbf5571d702187357e9bbb90de1f5584e31dd5f This reverts commit ecb274ba49042f1dfdf63b9c54ff6920f24a9a58. It may be a security-risk, but I care much more about a running mailserver for now. Fix(system/mail): Change placeholder 2023-03-20T14:19:26+00:00 ene ene@sils.li 2023-03-20T14:19:26+00:00 urn:sha1:ecb274ba49042f1dfdf63b9c54ff6920f24a9a58 The old one, could have exposed a weak hash. Fix(system/mail): Only accept connections on safe ports 2023-03-19T16:43:26+00:00 ene ene@sils.li 2023-03-19T16:43:26+00:00 urn:sha1:083a7cbb9623c90468c887203bf95adc5f2e3201 It is sort of standard to ignore connections over the unencrypted port 25, thus we are doing the same. Feat(system/mail): Add other users, so the admin thing works 2023-03-18T16:55:28+00:00 ene ene@sils.li 2023-03-18T16:52:49+00:00 urn:sha1:f2ab8429778b5b5c422160da6a11c15af815b55c Style(system/mail): Reorder options 2023-03-18T16:41:28+00:00 ene ene@sils.li 2023-03-18T16:22:46+00:00 urn:sha1:d6fbe642e5762f1bd79dcfb0e68bf7df1c902d8d I just think this is easier to read.