Move rspamd to the cloud
This commit is contained in:
parent
16ec374207
commit
ccf3103a17
GPG key ID:
AB2BD8DAF2E37122
4 changed files with 31 additions and 26 deletions
|
|
@ -19,7 +19,6 @@
|
|||
nixos-hardware.nixosModules.common-cpu-amd
|
||||
nixos-hardware.nixosModules.common-pc-hdd
|
||||
./services/hostapd.nix
|
||||
./services/rspamd.nix
|
||||
./services/synapse.nix
|
||||
./services/mautrix-discord.nix
|
||||
./services/mautrix-telegram.nix
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@
|
|||
./bittorrent-blocker.nix
|
||||
./services/akkoma
|
||||
./services/peertube
|
||||
./services/rspamd.nix
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod"];
|
||||
|
|
|
|||
|
|
@ -8,6 +8,11 @@ security:
|
|||
restic:
|
||||
password: ENC[AES256_GCM,data:8W1pEFt+1lW2/Y11OrJa+glMM1A=,iv:V0R7PlBMxl/oTJxE10MIDMtbqr98bE/po+/92MGMftY=,tag:juGYo8nQy7IJUX28f2ZznQ==,type:str]
|
||||
services:
|
||||
rspamd:
|
||||
dkim:
|
||||
darkkirb.de: ENC[AES256_GCM,data:UZ53jxzBU8pV/64nCVCa54lJwJHng9xsCmvvf0031NaV+zB3LY2Tp1gBAYDkQdDAdJtLw4s6qmt5PoFjNpw4/WD0ZMaTBFMew4BNIQu6CD6CumtBafMPnUKRyRmPccoU/uoeXjsa09sLB/44l3BSqr4nR6wu8JLWD2dH38Tn3KWmT9MuoeHJJFJDpjhhhideFbbLx9R+NvLsIiPLHKNcJZ0/GbLbfDicFVehcqPHaPfVCt2bwKKBm3Qo4o3W56hJnzSKwcY4I9JxcKE9efdMBaYY0yqpSaotqDnuIMl5ZV23+CTsVt6hv8X+o3qEMLQjM3cFhEU1V+LrdTS9peBI+7cb5Sh2py4ICdzptm0BRnbG1HbYBzFWc/YQalffUHlP31Dl15dZkC8HBszNeZ05lb6f116Ehq3qE0aOs4thZeFBMrfPrrnqjrf/P7en4tg6reBmz5CHyQRyrJ2m9eRtw17BpWvf0mnMDBKZ6cKeimvJxXKIt8VNNYqj96aK96qkgGCmrvJ+O1EIgf/Zc1v1UfiZa4UqH8yqyqwulgtd961IKwsE0H5LElok3LX5dGJlhHHGMbAdAmLreXZb7EzKflqNex2lmW1r8rC7ZQ07f0aNpWRCSmUhQ29V77u4K679ODpTBg/zcHBovBHO2XabA3vPDr0tEJLfyD9EkVsrZvnh8ltYQFkDLWkUfgaQg8fa++CIg0iNAyjuoohbMV7JXyVvlYvWLrZslxGzY0nzeD8orpj67s+phUpDYKZgxQtULeyN75COqmABVqknk7DUrG7TlPmRLU+ixcorEjriNHzpXTA7peQ2Q0XCY5gSK6CpvHvYT4k3xSbPfFx0BTeRwMKjHmhG9sNsOtEjfnhleUvcKDDyRVtemF8guhyvJ8B4nY+yxI3kuRBrpkSUxvBSq66cyTEmEfoRtWOqIe7fmSZyu451TL02XJUU96c8QimGLkI8VO4k9PLNL8YUbzAbF/IIjpV362f4JMb9hSyf5bw9JBNhOZNXrFkRLDCgH66XQbYBGS3e4MfZJnLj2x5jzXMPYbrPMZFjtfMEzVDfI+E/nmlrfn3MoHqdiKbV1bYlqIl2F5ldnAvTsBk0fucg5OmckP32ZGA7QsNBbqD16typ8F+69V7JKxo9jH5uY8x2i+lNtNTll5sdh9cuna23zdGywdJDgP/M0hKLlIja5ZzWPyOD34Z40T9A39nHUAyl4AwNFw==,iv:Z1YILn9vpune1u6AvGTb8/5XPjj6hxhb0JJPD3J9CM4=,tag:+mYRcGJbLJQPUNO1Xq6Geg==,type:str]
|
||||
miifox.net: ENC[AES256_GCM,data:qeNWj5YNgdCWkaXEGEQYBi2Gh7vVj7PrqElJVbWpL/XMSq1l9q1m5Ip6WwmSoKMCoaa7UX0fJC0r7pNJTAMwIvNfxnFlpCVWRhPBadEeBc8UuZVVkNFs2A7EHjKWLZu4/AhAh84dK2U++bESkeBPadS0Cvpy9onWB6D8cNtAnzpZNtH5h251P1DddS0AVBBFB4xWMcF4nbs5EJ5nh9bwQlvYrhw5+ryRvRXD+ePl+bp2FcTIHp9v9EuXKSaXOfuNLybQp6ynwbS9B+veji3VVy+0bWmaTS3HaaCUVEzSCz1AS41nTflwQwj9FQjj+C5t117e5eYMItQufgJSWBBjIh5dbuw7DR9ZnLV70scPY75WekSWsoeoktk/Agh5duhoAVTWoB6kDQ3Uo5ksVbgKAdgRg8toTCE7VV8gTv1rLNJVKxjNSuw15iiOvxCS87u91xlWm/x2VM4Bc+cvxNutGXTtSR226Wssp6TDBTVd31l97m9NgeqhlQXyTg04hf3xCfEsXAxTkrgvOryygHt3UtGIiBh5szwo7EZewW4yjlQCJfvQX6BcPPj0m02IYGtwCA94U4jbYj4cncWouc/N5GEth6BRDHBmOmGzGD7Rfke/5aVcAv8HiOcSXE5dENH9RjRmEjNT7ptu0+bPcQYl/bFSBhRl3+Q4GpgMFflf6LKetYd5Xg1Bp1INSIJSxxf8gKaKZU5wT2kbkXG6lQ7+Y0WCJQ0RNDcMkZrn7uFkBDQ80EMT+nt6/qudnawPUmbMpuUw5cnpZKqRyiABIpKHiDCb7Fvyr5OEwXNvu2ErReBSVe1c7CMfbUwd0Y+NJwDdfNHxAOhCxVQjH/XCAnlJn8EklzIPglF2lueHE1Cg4wBjQBYQM+/VbA188YgEgci+SwmhtDHF4XUIx8dn5MCDInMJ5IcBKmji6eFj4EAs5Vyn5ZrmKZvoYct30O9nkC/s+/CTiH6XYOT6IWU8shEkR58hI9j0rdgYgK3TCi9xD/jnn6x4cvab4keyb33XccDYMPrTx4wnkGH4ZR6+ISt8xJrB5ypBbV4MWwB1OxCLrShUpxxQ2mEe7DlHVKhX9GUvLJyVlyCCegOgAkn+V33dlbPBjT/+jMWZcaJ0xaltz+Zr1VHtEb1TVd+rnaZpX/bg7RvNH2xoBOIDw4OijS+CBVhLvs2ZuYRfOYEYnUM4ZqFv+cxza/XcrikBtVw9ng7w1zcugA==,iv:i+/p0hu7642gRARmESnLlAlCYhlD7P1P2q3GGIDmAIU=,tag:2CU3sY5w/ldCDFlkmLP/9A==,type:str]
|
||||
chir.rs: ENC[AES256_GCM,data:fjzOKyQfeH+wMYawt7sIAsafCcmAPCkIGkP6vxPFWL/JTM6yIXxoI3CK2f2dTQ225Ckq0s0LH1ypJYoPpiChjGgW0x9kA3qtsba0B5fuKTf810FZa5ip4HROArmV/j0LwuNgy0rMWBOlUZAEbybGBs+odI0aBEuZDdR2hiKTE/iwKrzq2rVF19XKTNQ9xaQRyf6nZ2yjVjRYQAxr7mBXZyMe6ewfPHncVEDu5qJ+OC5Q144T+PDt+EhFhGtI7w5Su0xICwm+FckF88qWjJ8dl0qF59dbBUw8GVNfvK+P92dY2ldYyTFyUIDreieqf0EMY7pA8YvgMJzI9iR46Bj/ZcDRI4SfnaRqf35i/SXeejfWOz9aSczKK00F33G8ZWV9f++Xi9rqBaUpfVcGIrZTMzGnRXN5bRMbH4g3RUZQIBNax/e2+h7bMfdo2e/GZLvdPsWLxNtNxpRNO0bdk9nYd+tYP3xnyrGnbkMwzRRT5QQVsUohTKVZW5YhCkJMtOfcbha2QaVal8SS3iKeCsQxhmqChnTO+wSYZEJBKT8xO/Im713Fc3IIRQpmIwwY0uGurhYoHZD+LVN1VyqD9yk8O1BHSZsf5SKcGUO23rwDG+szAjeXGL2TXYzS8eBa/7YsV3AHAL6PEvvJGlcGQnWZwuQjJDo261WXtW5heEzWIIPxQECyrRoaQcvsFek53EpAnznelBNqPUHfMsKGoUuPFZOqGjpwzd16hvY0AXsZOSN2M0HDgM08QTn4hkNejGF3w66TgwBEsT2G+eA0Pac7wUQI6ay0DCSWCAd0HB0mgaxxsBhBajeDSChfnt22idtO4AvEMJNpnfdCvgu/MJghLQno7d9yHosSh/XnZc1X46tXY4//NaplC1F2upo/i6Wk/5/psGWv4qLaO3iqO+gHdBZDLvEoLVehcsgiWUpAZ0/yx6oqClC7I6+U4Qwrd/y/IdxcO+xPW44Q6Aexht1c/NPr4S1Q4SPK7ehqrTqbAfRxas1Rw44JQKBrfauf3oN29UVKYdTQrL+eVklLvniIYPecd4AZxNdfiJ4bJH2YgxrPuKEGzupaZMOqebUdWJ+mE6dUunUxWsVHH0lv48Log/uZuSkZi+iSCxDyOjYcUUwBTOZ+HXn8BfrdRRqC6efBzR1jgHlQ5bK9hR4OD0lNjPlFmz9YlwT8FnZzL1Ai+m1cdiikP9bLOE08zrryFaFbkuNn8Q==,iv:A5ztdHhJjGS+UV676MwaRcIHZLJVgids4t1igN/pSyI=,tag:pt8uDOI3ybxRNPXpZHJYuw==,type:str]
|
||||
nix:
|
||||
cache-key: ENC[AES256_GCM,data:aLUW21G4ubmxS97LOwvUY+9ovrk02tZwq3D6tSO5tK9DwhySEuquQIHKsmuhsQtuCZRDLPgRh+T1XIKykWxv0S42NhdMGiE6GuRs8SbnEwcYMHwEPwHHMppG38G+EEKmTA==,iv:nm0yWYS8xk2C5mn3lpSEocqmCFOx2rL57euMfcXOXHA=,tag:WXEAMiMS9S/0hKrd63mBLQ==,type:str]
|
||||
bunny-key: ENC[AES256_GCM,data:Jby03Y/0MjzED+fGNn8dLQkVhR9D5mhz8gzkG27hxQ1UezdzhxaPV56fIeCmn8yDespwMLMjEXPiIsM/GFS0y58ctl7OHuEW,iv:3R8+z/KuRaqybs4KbfZtrXiIAMZ5oCIH8tZhFN8MjWs=,tag:VIb442EBs0TlLfwWNvMmng==,type:str]
|
||||
|
|
@ -77,8 +82,8 @@ sops:
|
|||
N1lNTTRhSDFsczd4VjNudUU2NEt4MUEKdVJIJmaoGcwUHa0BGB45jqYnm9aPVZxP
|
||||
dl1vkMx8EAiKhWKbBwQm5fFZcNh371rspGE7KOXmwNbNWef5bVfHpQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-12-04T12:33:55Z"
|
||||
mac: ENC[AES256_GCM,data:32UzO0QJVp1YtEaL67k9BCckx3G2E7eX7Sa+MORwidjGCEg2UrEzn15DlBuLKHr/iaZzOO3eQSODnJXBGCv6h5m8WOCFyieCHClC3HpiOGPAaUPSZjx5xD5Lnvaziy6q5sZe7a+3DnQf3G8ajb2YSwB+CsjuRjAulnZJzxvKCQA=,iv:K795ZLX86GekNWlkJUmVZSaclEL3URABH33nD+/TG5E=,tag:R33H43tw1zUta7Pqu1nEWQ==,type:str]
|
||||
lastmodified: "2022-12-07T10:10:35Z"
|
||||
mac: ENC[AES256_GCM,data:UiENOfBCIQ3XZbhuQDumNH8TCm1iYQl75AIM0Hk7gsduH62J66914joXfX3D0qdmGaO9V9RoU+YZySTe0bJJXTsbQBV1ZMFfQFWMfDZCWprSYY0w+VA3aeFicrXOkJrvkDL0RklkNZRthiVvA/K0jIcOc9a3KhQ4AYg4NvpuK4o=,iv:D992NSKogA/St7mJXKKVi5fxcjyW+n2lqbgim54ABQI=,tag:jEH6qPDA/C79XSQ5AkWVuw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-02-02T17:50:42Z"
|
||||
enc: |
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ in {
|
|||
SOA = {
|
||||
nameServer = "ns1.chir.rs.";
|
||||
adminEmail = "lotte@chir.rs";
|
||||
serial = 16;
|
||||
serial = 17;
|
||||
};
|
||||
NS = [
|
||||
"ns1.chir.rs."
|
||||
|
|
@ -76,27 +76,27 @@ in {
|
|||
}
|
||||
];
|
||||
/*
|
||||
subdomains = {
|
||||
_tcp.subdomains."*".TLSA = [
|
||||
{
|
||||
certUsage = "dane-ee";
|
||||
selector = "spki";
|
||||
match = "sha256";
|
||||
certificate = "0b85bd8fd152ed8b29a25e7fd69c083138a7bd35d79aea62c111efcf17ede23f";
|
||||
ttl = zoneTTL;
|
||||
}
|
||||
];
|
||||
_udp.subdomains."*".TLSA = [
|
||||
{
|
||||
certUsage = "dane-ee";
|
||||
selector = "spki";
|
||||
match = "sha256";
|
||||
certificate = "0b85bd8fd152ed8b29a25e7fd69c083138a7bd35d79aea62c111efcf17ede23f";
|
||||
ttl = zoneTTL;
|
||||
}
|
||||
];
|
||||
};
|
||||
*/
|
||||
subdomains = {
|
||||
_tcp.subdomains."*".TLSA = [
|
||||
{
|
||||
certUsage = "dane-ee";
|
||||
selector = "spki";
|
||||
match = "sha256";
|
||||
certificate = "0b85bd8fd152ed8b29a25e7fd69c083138a7bd35d79aea62c111efcf17ede23f";
|
||||
ttl = zoneTTL;
|
||||
}
|
||||
];
|
||||
_udp.subdomains."*".TLSA = [
|
||||
{
|
||||
certUsage = "dane-ee";
|
||||
selector = "spki";
|
||||
match = "sha256";
|
||||
certificate = "0b85bd8fd152ed8b29a25e7fd69c083138a7bd35d79aea62c111efcf17ede23f";
|
||||
ttl = zoneTTL;
|
||||
}
|
||||
];
|
||||
};
|
||||
*/
|
||||
HTTPS = [
|
||||
{
|
||||
svcPriority = 1;
|
||||
|
|
@ -260,7 +260,7 @@ in {
|
|||
hydra.CNAME = [(ttl zoneTTL (cname "nas"))];
|
||||
mastodon.CNAME = [(ttl zoneTTL (cname "nas"))];
|
||||
matrix.CNAME = [(ttl zoneTTL (cname "nas"))];
|
||||
rspamd.CNAME = [(ttl zoneTTL (cname "nas"))];
|
||||
rspamd.CNAME = [(ttl zoneTTL (cname "nixos-8gb-fsn1-1"))];
|
||||
drone.CNAME = [(ttl zoneTTL (cname "nas"))];
|
||||
moa.CNAME = [(ttl zoneTTL (cname "nas"))];
|
||||
matrix-admin.CNAME = [(ttl zoneTTL (cname "nas"))];
|
||||
|
|
|
|||
Loading…
Reference in a new issue