Compare commits
4 commits
06c2b3db14
...
a93d836d36
| Author | SHA1 | Date | |
|---|---|---|---|
| a93d836d36 | |||
| 651a0d3c64 | |||
| de25eb9a36 | |||
| b90a2c79b2 |
4 changed files with 22 additions and 6 deletions
|
|
@ -17,8 +17,8 @@ in
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
(builtins.fetchTarball {
|
(builtins.fetchTarball {
|
||||||
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/8b7dde4b54da821ca3dc2058178d6ffbd2e25bc5/nixos-mailserver-8b7dde4b54da821ca3dc2058178d6ffbd2e25bc5.tar.gz";
|
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz";
|
||||||
sha256 = "0pf25ns3yq9vdbpb30cplx4zkj7srrklamd6kw7ifaf7gyc7fy65";
|
sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx";
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -81,6 +81,9 @@ in
|
||||||
# externalIP = "0.0.0.0";
|
# externalIP = "0.0.0.0";
|
||||||
internalIPs = [ "10.30.0.0/16" ];
|
internalIPs = [ "10.30.0.0/16" ];
|
||||||
internalInterfaces = [ "eno2" ];
|
internalInterfaces = [ "eno2" ];
|
||||||
|
forwardPorts = [
|
||||||
|
{ destination = "10.30.0.1:22"; proto = "tcp"; sourcePort = 8443;}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
firewall = {
|
firewall = {
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,16 @@ let
|
||||||
musique_port = 52349;
|
musique_port = 52349;
|
||||||
factorio_port = 52351;
|
factorio_port = 52351;
|
||||||
airsonic_port = 4040;
|
airsonic_port = 4040;
|
||||||
|
|
||||||
|
login_mail_alert = pkgs.writeShellScriptBin "mail_alert.sh" ''
|
||||||
|
if [ "$PAM_TYPE" != "close_session" ]; then
|
||||||
|
${pkgs.system-sendmail}/bin/sendmail paul@nyanlout.re <<EOF
|
||||||
|
From: root@nyanlout.re
|
||||||
|
Subject: SSH Login: $PAM_USER from $PAM_RHOST
|
||||||
|
`env`
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
'';
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
@ -415,9 +425,12 @@ in
|
||||||
|
|
||||||
users.groups.acme.members = [ "matrix-synapse" ];
|
users.groups.acme.members = [ "matrix-synapse" ];
|
||||||
|
|
||||||
security.sudo.extraRules = [
|
security = {
|
||||||
|
sudo.extraRules = [
|
||||||
{ commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; }
|
{ commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; }
|
||||||
];
|
];
|
||||||
|
pam.services.sshd.text = pkgs.lib.mkDefault( pkgs.lib.mkAfter "session optional ${pkgs.pam}/lib/security/pam_exec.so seteuid ${login_mail_alert}/bin/mail_alert.sh" );
|
||||||
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
wireguard.interfaces = {
|
wireguard.interfaces = {
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,6 @@
|
||||||
|
|
||||||
users.extraGroups.medias = {
|
users.extraGroups.medias = {
|
||||||
gid = 498;
|
gid = 498;
|
||||||
members = [ "slimserver" "radarr" "sonarr" "emby" "transmission" ];
|
members = [ "slimserver" "radarr" "sonarr" "jellyfin" "transmission" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue