diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-04-01 16:13:51 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-04-01 16:13:51 +0200 |
| commit | 9c72df2287ae8ddd4c3f93675f608e414ab5e8e7 (patch) | |
| tree | 8849d4176a26f3c613e9422e68298e0fe5e22cba /hosts/by-name/server3/secrets | |
| parent | zones/vhack.eu: Correct specify the SRV targets as fully-qualified (diff) | |
| download | nixos-server-9c72df2287ae8ddd4c3f93675f608e414ab5e8e7.zip | |
{hosts/server3,zones/vhack.eu}: Activate stalwart-mail on server3 for soispha
Diffstat (limited to 'hosts/by-name/server3/secrets')
| -rwxr-xr-x | hosts/by-name/server3/secrets/dkim/gen_key.sh | 33 | ||||
| -rw-r--r-- | hosts/by-name/server3/secrets/dkim/mail.vhack.eu-private.age | 16 | ||||
| -rw-r--r-- | hosts/by-name/server3/secrets/dkim/mail.vhack.eu-public | 1 |
3 files changed, 50 insertions, 0 deletions
diff --git a/hosts/by-name/server3/secrets/dkim/gen_key.sh b/hosts/by-name/server3/secrets/dkim/gen_key.sh new file mode 100755 index 0000000..61da156 --- /dev/null +++ b/hosts/by-name/server3/secrets/dkim/gen_key.sh @@ -0,0 +1,33 @@ +#! /usr/bin/env nix-shell +#! nix-shell -p rage -p openssl -p bash -i bash --impure + +# shellcheck shell=bash + +cd "$(dirname "$0")" || { + echo "No basedir?!" + exit 1 +} + +key_name="$1" +[ -z "$key_name" ] && { + echo "Usage: $0 KEY_NAME IDENTITY" + exit 2 +} + +openssl genpkey \ + -algorithm ed25519 \ + -out - | + tee >(openssl pkey \ + -pubout \ + -out - | + openssl asn1parse \ + -offset 12 \ + -noout \ + -out - | + base64 --wrap 0 >"$key_name-public") | + rage --encrypt \ + --armor \ + --recipient "age1mshh4ynzhhzhff25tqwkg4j054g3xwrfznh98ycchludj9wjj48qn2uffn" \ + >"$key_name-private.age" + +# vim: ft=sh diff --git a/hosts/by-name/server3/secrets/dkim/mail.vhack.eu-private.age b/hosts/by-name/server3/secrets/dkim/mail.vhack.eu-private.age new file mode 100644 index 0000000..8d66808 --- /dev/null +++ b/hosts/by-name/server3/secrets/dkim/mail.vhack.eu-private.age @@ -0,0 +1,16 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqdEtVSWhiOVR1N1Q5bTBV +NXRMMm42VlR5NitSWlhiSFpUZDZQSlloWlJ3ClA3ZEJSU2dDbmRVL0NMZlFOVU5J +V1lEbDM0MlN3S3dZMUkyc1pQZVVpdDAKLT4gWDI1NTE5IFk4YnFFZmFLTlA0WENY +K3FGME1CbUV4b0Z4V1FIRFBmNVphYmhCMG1QVkkKOGhFcnl3Y2hZQU8rY0ROMTlq +d0lUVG8rRWpPNm4vWkw2WFROU3NJalgzWQotPiBzc2gtZWQyNTUxOSBweXU5Ymcg +UDV4YUdZRWZieHN4RVU1WWEvdlFRVHpTL1V5Q3Nya1kvNjFxVytpS1NGawpUWnlR +RmtQL1Z1ZFkwTC9ua3VVb05VQVlLemtuOCtLSkdxbFE5U2wyM0xZCi0+IFktZ3Jl +YXNlCk56M0t2NXB3QVpjYTNFdkEvMmpDZXBPcWlLNXNWL2tPalNMM1g0KzBJL2xz +T1gvTldRLzNxM25BOUhFZml3dFQKSnNMeHBXK3BrS2pWVU1uTkNKZ3BnaGt2Ci0t +LSBuWURsUEYxRkx3bVQzU3JTcGlwUTFCZ09IRWIrNExUclhPSmdGdUtNOFlFCuKw +PBh8U5VmweDGoY+xFXw/nqTqrKw9gZyUR2vbnHdnN9y8BToht7prsEaAn//DVivI +GMFGMhbPYTumWnEiTho8ZqQv5tKiDdIGV/9YghzUdHtMnzfO7q5ztrFYx19qjgi/ +lW17WyY8Jk2DZIH3icYweTICx9IU5K11DNj6WgNGDe8/fAyfuHTekE8sZtHPDw76 +M3wkUZM= +-----END AGE ENCRYPTED FILE----- diff --git a/hosts/by-name/server3/secrets/dkim/mail.vhack.eu-public b/hosts/by-name/server3/secrets/dkim/mail.vhack.eu-public new file mode 100644 index 0000000..fa5d243 --- /dev/null +++ b/hosts/by-name/server3/secrets/dkim/mail.vhack.eu-public @@ -0,0 +1 @@ +U0eOxgLD3yK7PKzQRSZdJ3EH/UwVxPeYmfm42gYXsDg= |