thary/sp-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
477 Commits 1 Branch 0 Tags
63a0d84701f00783aa0716a06ff154b766d31e67
Commit Graph

52 Commits

Author SHA1 Message Date
Inex Code
63a0d84701 feat: Migrate to NixOS 24.11 2025-06-18 20:35:38 +03:00
nhnn
86233cac27 style: format tree 2025-06-18 19:53:44 +03:00
Inex Code
c9890828cd Revert "fix: make postfix use modern TLS" 
This reverts commit 085654a506.
 2025-05-11 14:28:26 +03:00
nhnn
085654a506 fix: make postfix use modern TLS 2025-05-09 14:33:23 +03:00
Alexander Tomokhov
eb200cb792 refact dovecot,auth: tmpfiles, minor renames, config-paths-needed.json 2025-04-17 13:20:07 +04:00
Alexander Tomokhov
90758a2652 fix mailserver,auth: OAuth client secret has only allowed characters 2025-04-17 13:20:07 +04:00
Alexander Tomokhov
1f67bb5a85 fix assertion message in sp-modules/simple-nixos-mailserver/config.nix 2025-04-17 13:20:07 +04:00
Alexander Tomokhov
74d7f7ef43 dovecot:auth: fix OAuth client secret generation 2025-03-29 03:59:56 +04:00
Alexander Tomokhov
c118802155 roundcube:auth: fix OAuth client secret generation and copy order 2025-03-29 01:35:00 +04:00
Inex Code
f3593156dc fix: Turn on email SSO by default 2025-03-28 23:47:38 +03:00
Inex Code
d902a0f3f6 feat: allow plain login to dovecot 
The password backend is provided by SelfPrivacy API module at the moment
 2025-03-28 17:23:41 +03:00
Alexander Tomokhov
1ff180ad1a add assertions: selfprivacy.sso.enable -> modules.*.enableSso 2025-02-03 02:17:54 +04:00
Alexander Tomokhov
331fa63b33 add options: selfprivacy.sso.enable && selfprivacy.sso.debug 
selfprivacy.sso.enable is true by default.
 2025-02-03 02:17:54 +04:00
Alexander Tomokhov
65548a1e73 SP modules do not depend on selfprivacy.modules.auth 2025-02-03 02:05:05 +04:00
Alexander Tomokhov
ea443d2150 gitea,nextcloud,roundcube,mailserver: depend on kanidm systemd service 2025-02-03 01:05:48 +04:00
Alexander Tomokhov
ee2e404eb8 passthru.selfprivacy -> selfprivacy.passthru 2025-02-03 01:05:48 +04:00
Alexander Tomokhov
29d1759186 merge auth SP module into main configuration; add enableSso option 
`enableSso` is being added to the following SP modules:
* gitea (forgejo)
* nextcloud
* roundcube
* simple-nixos-mailserver
 2025-02-03 00:10:05 +04:00
Alexander Tomokhov
4c6228d694 roundcube & mailserver: fix oauth: mailserver is an OAuth secret donor 
Both of them use the same client ID and client secret, but Roundcube
depends on mailserver generally, so mailserver is the one to share OAuth
client id and secret.
 2025-01-31 14:31:58 +04:00
Alexander Tomokhov
2cc5743152 fix sp-modules: configPathsNeeded, requiring passthru.selfprivacy.auth 2025-01-29 12:53:44 +04:00
Alexander Tomokhov
d8d1a1e86f fix mailserver: evaluate without auth module 2025-01-25 01:08:41 +04:00
Alexander Tomokhov
f795bc977f fix auth: config.selfprivacy.modules.auth.enable or false 2025-01-17 16:12:22 +04:00
Alexander Tomokhov
bf8fb31065 chore(mailserver): less hardcode 2025-01-17 16:09:25 +04:00
Alexander Tomokhov
69c69dfb46 chore dovecot&postfix: rename nix files, disable debug 2025-01-17 15:56:47 +04:00
Alexander Tomokhov
f07b867af2 security: harden some SP modules NixOS config evaluation permissions 2025-01-17 15:56:47 +04:00
Alexander Tomokhov
3a904f599e chore: restructure LDAP related nix files 2025-01-17 15:56:47 +04:00
Inex Code
a4d2c06c64 refactor: Even clearer naming for the manifest version 2024-12-24 21:07:29 +03:00
Inex Code
a13a9fe839 refactor: Clearer naming for the manifest version 2024-12-24 20:55:19 +03:00
Inex Code
cca51699ee feat: Dynamic templating 2024-12-24 20:40:45 +03:00
Inex Code
2c9d357ccf fix: typo 2024-09-07 07:56:33 +03:00
Inex Code
def1f392fe fix: wrong certificate for email (#99) 
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/99
 2024-09-07 07:55:13 +03:00
Inex Code
5218868b33 feat: Server monitroing, NixOS 24.05 (#84) 
Co-authored-by: nhnn <nhnn@disroot.org>
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/84
 2024-07-30 19:19:06 +03:00
Alexander Tomokhov
15f5d6096d sp-modules: refactor options types 2023-12-28 13:19:47 +04:00
Alexander Tomokhov
e6496b95a4 useACMEHost for all services 2023-12-22 21:18:05 +04:00
Alexander Tomokhov
19f30daf80 sp-modules: x-systemd.before=... for all mountpoints 2023-12-22 18:07:14 +04:00
Alexander Tomokhov
64fc2ae57e mailserver: localDnsResolver = false 2023-12-21 15:13:21 +04:00
Alexander Tomokhov
dcaf96c773 Revert "Revert "Revert "add wildcard ACME certificate""" 
This reverts commit 4faf8e7dda.
 2023-12-20 17:43:47 +04:00
Alexander Tomokhov
4faf8e7dda Revert "Revert "add wildcard ACME certificate"" 
This reverts commit 0c4d57c33d.
 2023-12-20 16:59:57 +04:00
Alexander Tomokhov
c18f332f5f Revert "use enableACME for all virtualHosts" 
This reverts commit 46366702bc.
 2023-12-19 23:46:42 +04:00
Alexander Tomokhov
46366702bc use enableACME for all virtualHosts 2023-12-19 17:22:32 +04:00
Alexander Tomokhov
0c4d57c33d Revert "add wildcard ACME certificate" 
This reverts commit b37cadff68
(except pleroma virtualHosts).
 2023-12-19 17:22:32 +04:00
Alexander Tomokhov
b37cadff68 add wildcard ACME certificate 2023-12-19 01:52:27 +04:00
Alexander Tomokhov
d881cc8ce5 upgrade nixpkgs to NixOS 23.11 2023-12-18 18:44:18 +04:00
Alexander Tomokhov
b7045a8198 upgrade nixpkgs to NixOS 23.05 2023-12-18 17:56:15 +04:00
Alexander Tomokhov
defaca8793 clean configuration; simple-nixos-mailserver is an ordinary SP module 2023-12-12 08:25:10 +04:00
Alexander Tomokhov
600d8f427d mailserver: set users.groups.acmereceivers.members 2023-11-29 08:28:19 +04:00
Alexander Tomokhov
364a5c8076 mailserver: adapt to deprecated and new types of certificateScheme 2023-11-26 09:39:47 +04:00
Alexander Tomokhov
0db1c4a6ce downgrade simple-nixos-mailserver to 6d0d9fb9 2023-11-26 04:28:36 +04:00
Alexander Tomokhov
d5b04699c1 sp-module: refactor simple-nixos-mailserver flake 2023-11-16 06:36:39 +04:00
Alexander Tomokhov
80447abb2e selfprivacy.userdata -> selfprivacy; SP modules -> selfprivacy.modules 2023-11-16 04:00:15 +04:00
Alexander Tomokhov
b0bb84138b delete garbage sp-modules-options.json file 2023-11-15 20:12:33 +04:00