735df0ad8f
Update hakari crate
/ dev-shell (push) Successful in 4m12s
/ rust-packages (push) Successful in 4m27s
/ check (push) Failing after 7m25s
/ systems (push) Successful in 27m44s
/ terraform-providers (push) Successful in 49s
2025-08-01 21:45:38 +02:00
020ac99447
Update nixpkgs
2025-08-01 21:45:27 +02:00
1f88fa3c49
Move kas.codes over to using mx.kaareskovgaard.net
/ dev-shell (push) Successful in 43s
/ terraform-providers (push) Successful in 47s
/ check (push) Failing after 1m55s
/ rust-packages (push) Successful in 48s
/ systems (push) Successful in 4m9s
2025-08-01 02:04:06 +02:00
6ac55b7e44
I think I finally understand how the postfix and dovecot
...
/ check (push) Failing after 2m13s
/ dev-shell (push) Successful in 2m41s
/ rust-packages (push) Successful in 14m7s
/ terraform-providers (push) Successful in 13m11s
/ systems (push) Successful in 53m57s
integration works now. Now the regular accounts should work again,
and with proper handling of catch all aliases for domains, as well
as handling postmaster and abuse emails being forwarded to khs
with proper auto tagging of the mails.
2025-08-01 00:53:09 +02:00
9c4a751fe0
Some more accounts stuff
/ check (push) Failing after 1m10s
/ systems (push) Successful in 4m9s
/ rust-packages (push) Successful in 54s
/ dev-shell (push) Successful in 49s
/ terraform-providers (push) Successful in 1m22s
2025-07-31 22:38:20 +02:00
cd4c06686e
Non working attempt at getting correct login information working
2025-07-31 10:34:23 +02:00
fbe957b046
Move the setup of the mailserver around
...
/ check (push) Failing after 1m22s
/ dev-shell (push) Successful in 1m55s
/ rust-packages (push) Successful in 13m34s
/ systems (push) Successful in 54m5s
/ terraform-providers (push) Successful in 13m26s
Currently delivery of mails is broken. There's some work
to be done in accounts.nix. But once done this should (I think)
support all the use cases desired.
2025-07-31 00:04:13 +02:00
02325a7017
Begin preparing to move LDAP accounts into passdb only
...
This should allow LDAP accounts to have password
set in LDAP, as well as provisioning service accounts
statically in nix.
This will also move alias configuration of all accounts
into nix as well.
2025-07-30 21:36:48 +02:00
cc1ab841c2
Add basic support for managesieve (+ roundcube support)
/ dev-shell (push) Successful in 41s
/ rust-packages (push) Successful in 47s
/ check (push) Failing after 58s
/ terraform-providers (push) Successful in 45s
/ systems (push) Successful in 3m56s
2025-07-30 17:25:02 +02:00
fabaf54549
Get ed25519 dkim signature working
/ check (push) Failing after 1m1s
/ dev-shell (push) Successful in 2m22s
/ rust-packages (push) Successful in 2m43s
/ systems (push) Successful in 28m40s
/ terraform-providers (push) Successful in 2m27s
2025-07-30 16:29:00 +02:00
9af8f29b48
Revert "Attempt at using stalwart again"
...
/ dev-shell (push) Successful in 41s
/ rust-packages (push) Successful in 47s
/ check (push) Failing after 58s
/ terraform-providers (push) Successful in 1m12s
/ systems (push) Successful in 4m0s
This reverts commit 2d3e02ad78
2025-07-30 11:11:17 +02:00
ad84cfae7e
Revert "Final attempt at getting stalwart working before revert"
...
This reverts commit fbcd590bfe
2025-07-30 11:11:14 +02:00
fbcd590bfe
Final attempt at getting stalwart working before revert
...
Non working parts:
1. OIDC login, stalwart assumes the entire token is base64 encoded,
which it is not.
2. Apparently there's no support for mixed directories, allowing both
logins from ldap and from internal database. I want this in order
to support accounts for services as well as persons.
2025-07-30 11:08:00 +02:00
2d3e02ad78
Attempt at using stalwart again
...
/ check (push) Failing after 1m25s
/ dev-shell (push) Successful in 1m49s
/ rust-packages (push) Successful in 13m3s
/ terraform-providers (push) Successful in 15m11s
/ systems (push) Successful in 39m14s
LDAP directory setup seems to work
2025-07-30 00:36:51 +02:00
40e3182d78
Adjust display name of khs
/ dev-shell (push) Successful in 40s
/ terraform-providers (push) Successful in 41s
/ check (push) Failing after 56s
/ rust-packages (push) Successful in 45s
/ systems (push) Successful in 3m51s
2025-07-29 22:48:58 +02:00
b59ad3af51
Roundcube oauth2 login working
/ check (push) Failing after 55s
/ dev-shell (push) Successful in 40s
/ rust-packages (push) Successful in 46s
/ terraform-providers (push) Successful in 40s
/ systems (push) Successful in 3m51s
2025-07-29 16:02:01 +02:00
4d48bc1457
Continue working on oauth2 auth in roundcube
/ systems (push) Successful in 3m49s
/ dev-shell (push) Successful in 40s
/ rust-packages (push) Successful in 45s
/ terraform-providers (push) Successful in 40s
/ check (push) Failing after 56s
2025-07-29 15:30:44 +02:00
d62c0a32ec
Fix some postfix startup issues after reboot
...
/ dev-shell (push) Successful in 40s
/ rust-packages (push) Successful in 45s
/ check (push) Failing after 54s
/ terraform-providers (push) Successful in 1m7s
/ systems (push) Successful in 3m49s
And enable ARC signing of emails
2025-07-29 11:55:55 +02:00
343c87b279
Mostly working postfix+dovecot2+ldap setup
...
/ dev-shell (push) Successful in 46s
/ rust-packages (push) Successful in 52s
/ check (push) Failing after 1m8s
/ terraform-providers (push) Successful in 1m15s
/ systems (push) Successful in 4m4s
Missing:
1. Figure out how to do some useful aliases for the mail
addresses. Either something like assigning @kas.agerlinskovgaard.dk
to kaare@agerlinskovgaard.dk or usual + aliases.
2. Oauth2 login is not working yet.
3. Need to be able to create accounts not handled by LDAP, such
that eg. forgejo can have an account to send mails from (maybe
also an account to receive mails?).
4. Once support in kanidm lands, need to look into application passwords
such that one doesn't have to use their regular posix password,
and maybe, ideally, doesn't need a posix password at all.
2025-07-29 11:27:09 +02:00
6a1aca24a9
Getting close to working ldap setup with postfix and dovecot
...
/ check (push) Failing after 1m44s
/ rust-packages (push) Successful in 2m34s
/ dev-shell (push) Successful in 2m17s
/ terraform-providers (push) Successful in 14m28s
/ systems (push) Successful in 38m13s
LDAP login works for IMAP, but postfix doesn't recognise
the mail addresses for the users.
2025-07-29 00:27:07 +02:00
cd8a0db1b6
Begin reverting back to simple-nixos-mailserver
...
/ dev-shell (push) Successful in 1m8s
/ check (push) Failing after 1m29s
/ systems (push) Failing after 33s
/ rust-packages (push) Successful in 3m40s
/ terraform-providers (push) Successful in 5m13s
It appears I can get app passwords with kanidm and ldap
so just going to a more stable, probably supported setup,
should be good.
2025-07-28 12:02:24 +02:00
c97b19c495
Begin attempting to configure stalwart
/ dev-shell (push) Successful in 1m50s
/ rust-packages (push) Successful in 11m58s
/ check (push) Failing after 1m16s
/ systems (push) Successful in 38m10s
/ terraform-providers (push) Successful in 15m4s
2025-07-27 00:39:55 +02:00
6e665a70bc
Fix kas.codes oauth setup
/ dev-shell (push) Successful in 36s
/ rust-packages (push) Successful in 41s
/ check (push) Failing after 1m1s
/ systems (push) Successful in 3m49s
/ terraform-providers (push) Successful in 37s
2025-07-26 21:10:54 +02:00
2064b4b006
Begin reworking some things around oauth apps
/ dev-shell (push) Successful in 38s
/ rust-packages (push) Successful in 44s
/ check (push) Failing after 1m3s
/ terraform-providers (push) Successful in 1m8s
/ systems (push) Successful in 3m56s
2025-07-26 20:48:50 +02:00
3d81e585db
Attempt to unify mailserver setup
...
/ dev-shell (push) Successful in 1m14s
/ rust-packages (push) Successful in 4m16s
/ check (push) Failing after 8m22s
/ terraform-providers (push) Successful in 8m47s
/ systems (push) Successful in 30m22s
Committing here as I want to try to use another
mailserver instead.
2025-07-26 11:22:07 +02:00
32e827f82c
Clean up some code and fix dkim txt record length
/ dev-shell (push) Successful in 32s
/ rust-packages (push) Successful in 40s
/ terraform-providers (push) Successful in 35s
/ check (push) Failing after 2m38s
/ systems (push) Successful in 20m41s
2025-07-23 23:40:47 +02:00
d842025c81
Support multiple dns zones per host
/ rust-packages (push) Successful in 4m2s
/ dev-shell (push) Successful in 1m3s
/ terraform-providers (push) Successful in 8m7s
/ check (push) Failing after 7m43s
/ systems (push) Successful in 30m24s
2025-07-23 23:28:15 +02:00
46375018e0
Add simple disk pressure alert
/ dev-shell (push) Successful in 32s
/ check (push) Successful in 1m14s
/ terraform-providers (push) Successful in 1m2s
/ systems (push) Successful in 3m44s
/ rust-packages (push) Successful in 38s
2025-07-22 15:35:44 +02:00
8e21df1764
Add some more alerting and fail2ban rules
/ dev-shell (push) Successful in 33s
/ rust-packages (push) Successful in 38s
/ terraform-providers (push) Successful in 1m1s
/ check (push) Successful in 2m7s
/ systems (push) Successful in 3m52s
2025-07-22 15:17:17 +02:00
e28f501316
Begin adding some alerts and add postgres exporter
/ dev-shell (push) Successful in 2m31s
/ rust-packages (push) Successful in 6m57s
/ check (push) Failing after 11m24s
/ terraform-providers (push) Successful in 14m45s
/ systems (push) Successful in 34m47s
2025-07-22 00:01:13 +02:00
0233431feb
Increase rate limit (triggered easily on grafana)
/ dev-shell (push) Successful in 30s
/ check (push) Successful in 1m10s
/ rust-packages (push) Successful in 36s
/ terraform-providers (push) Successful in 31s
/ systems (push) Successful in 3m44s
2025-07-20 23:43:40 +02:00
d5cca90a4d
Adjust some more nginx fail2ban
/ rust-packages (push) Successful in 37s
/ dev-shell (push) Successful in 30s
/ terraform-providers (push) Successful in 58s
/ check (push) Successful in 1m14s
/ systems (push) Successful in 3m41s
2025-07-20 23:35:05 +02:00
61741b5680
Apply req limits to fail2ban
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 35s
/ terraform-providers (push) Successful in 31s
/ check (push) Successful in 1m11s
/ systems (push) Successful in 13m48s
2025-07-20 23:13:56 +02:00
c03a508586
Remove non helpful comments
/ dev-shell (push) Successful in 31s
/ rust-packages (push) Successful in 36s
/ check (push) Successful in 1m10s
/ terraform-providers (push) Successful in 31s
/ systems (push) Has been cancelled
2025-07-20 23:03:52 +02:00
9ddab7b706
Add some basic fail2ban setup of nginx
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 37s
/ check (push) Has been cancelled
/ terraform-providers (push) Has been cancelled
/ systems (push) Has been cancelled
2025-07-20 23:03:14 +02:00
95414d4380
Tweak nginx fail2ban
/ rust-packages (push) Successful in 38s
/ terraform-providers (push) Successful in 59s
/ check (push) Successful in 2m0s
/ dev-shell (push) Successful in 31s
/ systems (push) Has been cancelled
2025-07-20 22:55:21 +02:00
277f7dbb57
Work on nginx setup to get logs into loki
...
/ dev-shell (push) Successful in 59s
/ rust-packages (push) Successful in 3m17s
/ check (push) Failing after 4m35s
/ systems (push) Successful in 25m43s
/ terraform-providers (push) Successful in 5m44s
Also add default robots.txt file
2025-07-20 13:26:52 +02:00
b2f59a9c77
Make some notes on how to bring up servers
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 37s
/ check (push) Successful in 1m11s
/ terraform-providers (push) Successful in 59s
/ systems (push) Successful in 3m33s
2025-07-19 23:03:40 +02:00
e7c73f98dd
Hardcode path to usermod
...
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 35s
/ check (push) Successful in 1m11s
/ terraform-providers (push) Successful in 58s
/ systems (push) Successful in 3m30s
Apparently adding dependency on `su` does not seem
to put usermod in path
2025-07-19 22:50:23 +02:00
ac1c6adc75
Attempt to fix some random bugs
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 37s
/ check (push) Successful in 1m13s
/ terraform-providers (push) Successful in 1m1s
/ systems (push) Successful in 3m34s
2025-07-19 22:46:51 +02:00
293dbdab94
Change set unix user command to service
/ dev-shell (push) Successful in 29s
/ rust-packages (push) Successful in 36s
/ terraform-providers (push) Successful in 32s
/ check (push) Successful in 1m10s
/ systems (push) Successful in 3m33s
2025-07-19 22:41:55 +02:00
16cd4f241e
Fix another derp bug
/ dev-shell (push) Successful in 29s
/ rust-packages (push) Successful in 37s
/ terraform-providers (push) Successful in 58s
/ check (push) Successful in 1m14s
/ systems (push) Successful in 3m32s
2025-07-19 22:36:22 +02:00
567098b4a4
Fix bug and add utility to store unix password
/ dev-shell (push) Successful in 29s
/ rust-packages (push) Successful in 34s
/ terraform-providers (push) Successful in 30s
/ check (push) Successful in 1m10s
/ systems (push) Failing after 1m41s
2025-07-19 22:34:06 +02:00
9c828ea0e4
Clarify some code
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 35s
/ check (push) Failing after 52s
/ systems (push) Failing after 1m36s
/ terraform-providers (push) Successful in 30s
2025-07-19 22:07:07 +02:00
daf5aac32d
Add git to khs base
/ dev-shell (push) Successful in 28s
/ rust-packages (push) Successful in 35s
/ check (push) Failing after 54s
/ terraform-providers (push) Successful in 1m0s
/ systems (push) Failing after 1m37s
2025-07-19 22:05:02 +02:00
8c3d372586
Support setting khs unix user password from vault
/ rust-packages (push) Successful in 36s
/ terraform-providers (push) Successful in 57s
/ dev-shell (push) Successful in 29s
/ check (push) Failing after 52s
/ systems (push) Failing after 1m38s
2025-07-19 22:04:04 +02:00
57c4fd3d35
Begin adding support for setting unix password for users
2025-07-19 21:47:52 +02:00
a7339120a0
Fix double usage of same secret file
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 35s
/ check (push) Successful in 2m5s
/ systems (push) Successful in 3m31s
/ terraform-providers (push) Successful in 30s
2025-07-19 19:43:16 +02:00
a3eaca7fb0
Add git to nixos upgrade script
/ dev-shell (push) Successful in 30s
/ rust-packages (push) Successful in 37s
/ terraform-providers (push) Successful in 56s
/ check (push) Failing after 2m0s
/ systems (push) Successful in 3m32s
2025-07-19 12:05:11 +02:00
9bd9eb328b
Get kas.codes minimally functioning
/ systems (push) Successful in 31m26s
/ dev-shell (push) Successful in 1m48s
/ rust-packages (push) Successful in 4m13s
/ check (push) Failing after 5m8s
/ terraform-providers (push) Successful in 11m14s
2025-07-18 23:42:46 +02:00
